SMB resources on the move
-
@dafyre said in SMB resources on the move:
Zentyall can do a lot of things, AD included.... For an SMB that expressed a firm desire for centralized authentication, I'd go with some form of Linux based AD, such as Zentyal or a DIY solution like Samba 4...
Zentyal is just Samba4. All of these non-Windows solutions are Samba4.
-
@coliver said in SMB resources on the move:
@BBigford said in SMB resources on the move:
- Do they need central email? If they don't need central email like Exchange, but want their email to appear like a business email, with their domain. Whoever is hosting their domain, usually provides email services at an extra cost.
Zoho provides free email with a custom domain for up to 10 users. Anything more then that and Exchange Online is the way to go.
Plus if you refer other people you can get up to 15 more accounts for free.
It's cheaper per paid account than both O365 and Google Apps. But they have a ton more add ons than both the others.
-
@Dashrender said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
't a business class company. You can't use GoDaddy services for any business function except registration services, which don'
Rackspace is the same way for O365.
It is? Maybe they changed. Last I knew they were competing with O365, not offering it.
-
@BBigford said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@DustinB3403 said in SMB resources on the move:
@BBigford said in SMB resources on the move:
I was driving home from work last night, thinking about how to better serve the SMB market. More on the side of micro businesses under 20 people. A few questions I was processing and expanding on:
-
Do they really need servers? You could buy a simple NAS, or use a cloud storage provider like OneDrive for Business, Dropbox for Business, etc.
-
Do they need a domain? If so, they could use something like Azure for AD.
-
Do they need central email? If they don't need central email like Exchange, but want their email to appear like a business email, with their domain. Whoever is hosting their domain, usually provides email services at an extra cost.
What are your thoughts on some of those displacements? Thinking about this from, say, an MSP perspective. Not in-house IT. I'm thinking of how to better serve those micro businesses so as not to remain in the stagnant mindset of "you will have on-premises servers for file serves, AD, and Exchange."
I would use Zentyal for all of the above, you can purchase a server for really cheap. A 20 person office is right there on the cusp of "needing" AD.
You get everything baked into one open source package that a business would need, for free (unless you wanted the supported version).
And a server for Micro-Businesses like this would be super cheap.
Huh - I'd almost never go this way. Unless there is some legal or technical reason that they need onsite stuff (like they have horrible internet options) Why have onsite anything?
Are you using Azure AD then?
Yes
-
-
@scottalanmiller said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
't a business class company. You can't use GoDaddy services for any business function except registration services, which don'
Rackspace is the same way for O365.
It is? Maybe they changed. Last I knew they were competing with O365, not offering it.
They offered it to me at SpiceWorld last year. Then I heard more about it and they are reselling it.. they maintain control, just like GoDaddy.
-
@Dashrender said in SMB resources on the move:
@scottalanmiller would you have local logons? or skip even those? How do you handle situations where users don't do as they are told and save things to the cloud.. and install save to the desktop and they are sick and now you need access? Am I worried over nothing?
Yes, you still need to keep random people from using the machines.
People who are insubordinate don't stay employed. If they are violating HR policies and refusing to obey the rules, why would we employ them? That's a simple management issue. That it is about where they store files isn't relevant. What if they were working on paper and refused to store a copy at the office, but were instructed to. Or refused to lock up when leaving. Or wouldn't refill the coffee machine after taking the last cup? You'd let HR handle it.
-
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@scottalanmiller would you have local logons? or skip even those? How do you handle situations where users don't do as they are told and save things to the cloud.. and install save to the desktop and they are sick and now you need access? Am I worried over nothing?
Management and policy issue. This isn't a problem for IT to solve.
LOL touche.. but still, you're the owner - what do you pick and why?
What's best for the company... which is never "let the users thumb their noses at you and do whatever they want and disrespect you and not do their jobs."
-
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@scottalanmiller would you have local logons? or skip even those? How do you handle situations where users don't do as they are told and save things to the cloud.. and install save to the desktop and they are sick and now you need access? Am I worried over nothing?
Management and policy issue. This isn't a problem for IT to solve.
LOL touche.. but still, you're the owner - what do you pick and why?
If people aren't doing their job why do you have those people?
It depends on the company, if I were doing a green field with a decent internet connection I would do SaaS and hosted all the way.
Where did people not doing their job come from? oh you mean the not saving the files in the correct place - that's a joke right? Assuming you're supposed to save all of your files on a network share, are you telling me that NEVER save one to the desktop? I know I do. and then I get set and forgot to move it.... it's not often, but it does happen.
I'm not going to can someone over that.You asked what we would do if people refused to do their jobs and were insubordinate. We answered. It's pretty clear. If people refuse to do what they are supposed to do, especially when it comes to something so important, why do you keep them around? You can't trust them. We aren't talking about an accident here.
You never can anyone, you are in IT. HR needs to deal with insubordination.
-
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@scottalanmiller would you have local logons? or skip even those? How do you handle situations where users don't do as they are told and save things to the cloud.. and install save to the desktop and they are sick and now you need access? Am I worried over nothing?
Management and policy issue. This isn't a problem for IT to solve.
LOL touche.. but still, you're the owner - what do you pick and why?
If people aren't doing their job why do you have those people?
It depends on the company, if I were doing a green field with a decent internet connection I would do SaaS and hosted all the way.
Where did people not doing their job come from? oh you mean the not saving the files in the correct place - that's a joke right? Assuming you're supposed to save all of your files on a network share, are you telling me that NEVER save one to the desktop? I know I do. and then I get set and forgot to move it.... it's not often, but it does happen.
I'm not going to can someone over that.So we're back to this being a management and policy issue. If it's part of your job to save things in a specific location and you don't do that they you aren't doing your job. Am I being pedantic, yes of course I am, but I'm just trying to illustrate why this isn't an IT issue.
That being said most cloud platforms have an easy way to sync to the local desktop making this kind of moot... hell I have a script that mounts my ODfB account to a local drive over WebDAV. It can also do Sharepoint sites.
LOL, well the issue isn't an IT problem, but tomorrow when bob calls in sick and the CEO wants that file, you bet your ass it's IT's problem.
Nope, it's an HR problem. If HR isn't held accountable, it's a CEO problem. In no case is it IT's problem that the CEO can't manage his teams.
-
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@coliver said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@scottalanmiller would you have local logons? or skip even those? How do you handle situations where users don't do as they are told and save things to the cloud.. and install save to the desktop and they are sick and now you need access? Am I worried over nothing?
Management and policy issue. This isn't a problem for IT to solve.
LOL touche.. but still, you're the owner - what do you pick and why?
If people aren't doing their job why do you have those people?
It depends on the company, if I were doing a green field with a decent internet connection I would do SaaS and hosted all the way.
Where did people not doing their job come from? oh you mean the not saving the files in the correct place - that's a joke right? Assuming you're supposed to save all of your files on a network share, are you telling me that NEVER save one to the desktop? I know I do. and then I get set and forgot to move it.... it's not often, but it does happen.
I'm not going to can someone over that.So we're back to this being a management and policy issue. If it's part of your job to save things in a specific location and you don't do that they you aren't doing your job. Am I being pedantic, yes of course I am, but I'm just trying to illustrate why this isn't an IT issue.
That being said most cloud platforms have an easy way to sync to the local desktop making this kind of moot... hell I have a script that mounts my ODfB account to a local drive over WebDAV. It can also do Sharepoint sites.
LOL, well the issue isn't an IT problem, but tomorrow when bob calls in sick and the CEO wants that file, you bet your ass it's IT's problem.
That's the whole point of contingency planning isn't it? What happens if Bob gets hit by a bus and all of his business critical documents are on his laptop that he was carrying? These documents aren't backed up. They only lived on his laptop and are now unrecoverable. What does the business do then? Is it an IT problem if the company didn't enforce policies related to document storage?
Exactly. In no way can this be IT's problem and IT should never accept someone pretending that it is. This is a management issue 100%. Has zero to do with IT. IT is not in charge of babysitting users.
-
@Dashrender said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
@Dashrender said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
't a business class company. You can't use GoDaddy services for any business function except registration services, which don'
Rackspace is the same way for O365.
It is? Maybe they changed. Last I knew they were competing with O365, not offering it.
They offered it to me at SpiceWorld last year. Then I heard more about it and they are reselling it.. they maintain control, just like GoDaddy.
Ugh, avoid that! They can't even manage or support their own stuff these days, having them resell and control something else would be dreadful. Like that poor guy on SW that bought AWS through them and is now trapped unable to migrate off but is paying double, or whatever.
-
This post is very interesting.
The scenary that you are drawing for a small business of 10-30 people is something like that: a file sync layer (like dropbox for business) that replicate everything locally, eventually on big'n'cheap ssd (compared to costly enterprise storage), so remote offices wouldn't be a problem. This way, is possible to leverage all the power of modern hardware (even a core i3 of the latest gen has plenty of power), without the hassle and the big uprofont investment of phisical servers, thin clients, storage etc. Every other service that canno be served in a SaaS way, of course can be hosted in a IaaS (I'm thinking about the typical windows-based ERP) and connected via a router to the local network.So, the shopping cart to start a full-fledged IT infrastructure in SMB should be composed of just switches, a router with vpn capabilities (edgerouter er8?), desktops with big ssd (AMT - vPro) and a bunch of services like AWS, office 365, dropbox for business etc.
Maybe 1000-1200€ per seats (every 4 years) plus 30-40€/month/user… not bad, considering that one of the SMB in which I work bought upfront 70000€ of servers/storage/vmware/windows server tl… I'm afraid, with less performance and reliability. -
@BBigford said in SMB resources on the move:
I was driving home from work last night, thinking about how to better serve the SMB market. More on the side of micro businesses under 20 people. A few questions I was processing and expanding on:
-
Do they really need servers? You could buy a simple NAS, or use a cloud storage provider like OneDrive for Business, Dropbox for Business, etc.
-
Do they need a domain? If so, they could use something like Azure AD.
-
Do they need central email? If they don't need central email like Exchange, but want their email to appear like a business email, with their domain. Whoever is hosting their domain, usually provides email services at an extra cost.
What are your thoughts on some of those displacements? Thinking about this from, say, an MSP perspective. Not in-house IT. I'm thinking of how to better serve those micro businesses so as not to remain in the stagnant mindset of "you will have on-premises servers for file serves, AD, and Exchange."
TLDR
The single most important thing to keep in mind should be the clients data privacy requirements. There are lots of business like advocates, doctors or research companies which just don't want or flat-out can't store data or credentials in the "cloud".
No matter what the vendor says, you can't audit their systems and processes in any way to be sure about the privacy of the data. And even if the vendor guarantees total privacy, what about a hack? Just a small security hole may leave tens of thousands of customers (read: SMBs) with their pants down.
-
-
@thwr Normally I would agree with you, but I've been listening to @scottalanmiller a lot - perhaps to much.
His argument is that big players like AWS and Microsoft (Azure) can provide significantly better resources and management of breaches etc.
I'll agree that most SMBs don't have the manpower or dollars to spend on internal resources to check logs for access let alone be ensured of no breaches compared to larger companies like MS and Amazon.
This is the same logic that @scottalanmiller applies to why you shouldn't run email yourself. The scale, etc just makes them more suited to providing the best experience for this.When considering if a SMB should do this in-house versus in the cloud, well of course it depends on the cloud provider, but it seems like the cloud should be the way to go.
I understand the belief that SMBs think they need all the controls in the world, but do they really have them if they have them in house? In the American clinical world (non hospital) don't employ anywhere near the resources that the likes of MS and Amazon do in protecting their networks.
The belief that a larger company makes them a larger target, well sure that's true, but just being a little fish doesn't protect them - the tools of hackers are mostly automated today. They don't care if they are stealing $1 or millions, 1 health record or 100 thousand.
-
I'll agree that most SMBs don't have the manpower or dollars to spend on internal resources to check logs for access
No one does that anyway. It's automated and notifications are sent out based on keywords.
-
@thwr said in SMB resources on the move:
The single most important thing to keep in mind should be the clients data privacy requirements. There are lots of business like advocates, doctors or research companies which just don't want or flat-out can't store data or credentials in the "cloud".
That's conflicting needs, though. If your top concern is privacy, then you listen to someone who doesn't care about security for personal emotional reasons, you have a conflict to deal with. Cloud is the most secure option (with obvious territorial limits.) So if security and privacy are of concern, you have to override the emotional pleas of the doctors who want the appearance of control over the reality of security.
There are regulations that counteract security needs that stop you from doing whatever it takes to be cost effective and/or secure. That's a different concern. But security needs push you to the cloud. The most secure organizations in the world look to cloud computing as a means of increasing security.
-
@thwr said in SMB resources on the move:
No matter what the vendor says, you can't audit their systems and processes in any way to be sure about the privacy of the data. And even if the vendor guarantees total privacy, what about a hack? Just a small security hole may leave tens of thousands of customers (read: SMBs) with their pants down.
That's sort of true, but it's incorrect thinking. It's the security equivalent to looking at "how many drives can fail in my RAID array" rather than asking "how reliable is the array?" By worrying about auditing, for example, we are immediately looking at paper pushing instead of the reality of security. No matter how little you can audit Amazon, they are more secure than any SMB, ever. Would it be nice to audit them? Sure. Is it required for them to be more secure, nope. Auditing doesn't make something secure. In fact, as PCI companies show over and over, auditing might actually make something insecure. Just like ITIL can be the cause, rather than the cure, to business workflows.
Basically, we get caught thinking that the means matter, rather than the ends. Or we are looking at proximates instead of goals.
No matter what the vendor says, you can't audit them. But no matter what you do with an SMB, you can't get them as secure. So which is better, not auditing but getting better security? Or auditing and getting worse security.
Depends... is your goal politics, or results?
-
@Francesco-Provino said in SMB resources on the move:
So, the shopping cart to start a full-fledged IT infrastructure in SMB should be composed of just switches, a router
with vpn capabilities(edgerouter er8?), desktops with big ssd (AMT - vPro) and abunchfew services like AWS, office 365, dropbox for business etc.Normally just a few services. But other than that, yes. Most SMBs need to own basically nothing other than the necessary physical infrastructure to supply the end user experience. Physical cable, switches, firewall, desktops. That's it.
VPN... nope, that's old style thinking. VPNs have lots of good uses, but in a greenfield scenario? Almost never. That's a legacy vestige in most cases. Think simpler.
And many SMBs, maybe most, need zero servers of their own. No AWS at all. And solutions like O365 cover what Dropbox does. So often you only need one of those.
-
For really core SMB functions, you might have something like this:
- Productivity, Email and Storage Suite: O365 or Google Apps or Zoho Suite
- Accounting: Zero, WaveApp, etc.
- One industry specific SaaS application for their unique industry.
In a lot of cases, that's all you would have. Just three SaaS products. As companies get bigger, that gets less and less common. But for a greenfield SMB... three things is often all that is needed. No VPN, no AD, no servers, no storage... just three SaaS apps and some office physical infrastructure.
Move to "work from home" modern models and even the office switches, cabling and desktops vanish.
-
@scottalanmiller how is o365 comparable to drobpox for business? I'm very curious about that because I'm going to switch a company to D4B and I want to make a comprehensive evalutation of the alternatives…
About the VPN, I was thinking about the connection between the cloud provider and the LANs, nothing more!