Let’s use for an example Culver’s. Culver's has a point-of-sale system (also known as a POS system) that is hard wired into their network. In this particular store, there is one main computer in the back and two mobile peripheral POS systems. The main computer serves as a server to connect to and relay information to the POS systems. The business also has a wireless network setup for customers to use while eating their favorite frozen yogurt or combo meal.
In your opinion, does this setup seem simple enough for you? To tell the truth, yes and no. However, the company who set up the networking and the systems was not very highly qualified and as a result, all of their internal sensitive information was extremely exposed. Perhaps it was a cost-saving measure, but to get the job done right the first time, they should have contacted a highly qualified professional, for example, Chicago, St. Louis or anywhere else in between.
What Went Wrong Here?
When you are setting up a network in your business, whether it be a wireless network, a virtual private network (also known as VPN) or a local area network (also known as LAN), it is extremely important that you map out what’s going to be connected to what and determine how data will be transmitted through the network. For instance, if Culver’s is going to process credit cards and send that data over the network, there needs to be increased security measures in place to avoid having any weaknesses in the system, which really isn’t an impossible task. It can be as simple as moving a wire or adding a router with a built-in security firewall. To take part of a line from Lord of the Rings, “one does not simply” expect everything to be a plug and play solution when it comes to business networking.
Back To The Issue At Hand…
When Culver’s had their networking installed, the firm that did the work placed the networking equipment in a backwards configuration. They utilized a wireless router in which all of the POS systems were plugged directly into the internet service provider’s modem and never set any security settings. This lack of security was only intensified when they connected the second wireless router to that same network servicing the POS systems instead of connecting that router to the ISP’s supplied modem. As a result, users of the network were already inside the built-in firewall within the wireless router, meaning any technically savvy person with harmful intentions could very easily and quickly access the company’s internal network and all sensitive information and do so effectively with little to no security resistance.
The Simple Fix
This could have an easily fixable situation and it involves very little time and makes a world of difference when it came to the security risks for the company. It didn't require any new equipment or even new programming. All it involved was simply rewiring the customer wireless router so that it no longer connected directly to the company router but instead connected to the ISP modem. This simple task of just changing the order that the equipment was wired together in makes all the difference in the world with their network security and now the owners of that business can have peace of mind, knowing that their network is secure and it didn't cost them an arm and a leg, but rather a knowledgeable IT consulting firm. So, the next time you need an IT consulting firm to do any of your networking needs, make sure that they have a game plan for mapping out your network needs and ask them how they plan on keeping everything secure.