Act on Tech
Welcome to Act on Tech, the podcast that empowers you to harness technology to boost your productivity and simplify your life. Hosted by tech enthusiast and entrepreneur Alex, each episode dives into actionable tips, tools, and insights to help you stay ahead in the digital age. Discover practical advice, expert opinions, and cutting-edge trends, all while learning about Alex Custom Tech, a leading MSP dedicated to providing personalized IT solutions for business and residential customers. Tune in and take your tech game to the next level!
Act on Tech
Why Most Small Business Networks Are Built Wrong
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Most small business networks “work”—but that doesn’t mean they’re built correctly.
In this episode of Act on Tech, Alex breaks down the common mistakes found in small business network setups, from flat network designs and lack of segmentation to relying on consumer-grade equipment in professional environments. He explains why these issues often go unnoticed until something goes wrong—and why “good enough” can quickly become a liability.
If you’re running a business and your network has grown without a clear structure, this episode will help you understand what’s missing and why it matters.
If you want a clearer picture of how your network is set up, you can explore more at alexcustomtech.com.
Stay tuned for more insights on how to leverage technology to boost your productivity and protect your digital world. Don't forget to subscribe to Act on Tech and follow us for updates!
Are you ready to make technology work for you? Tune in to Act on Tech, the podcast where we break down the latest tech trends and show you how to boost your productivity at home and in your business. So, subscribe to Act On Tech today and visit AlexCustomTech.com to see how we can take your business to the next level. That's Acton Tech, your guide to smarter tech for a smarter business. Alex Custom Tech, IT means integrity and trust.
SPEAKER_01Hi, hello, welcome to Act on Tech, where we talk all things technology. I am Alex of Alex Custom Tech, and today we're gonna talk about networking. Right? Or business networks, or why most small business networks are built wrong. That sounds very arrogant. So I was kind of shop working, workshopping that that title. But we're gonna talk about business networks and why I think uh why I'm coming across a lot of them designed wrong, and what is me saying their design wrong means. Right, so everybody knows, you know. Um, how do I even start this off? Okay, uh small business networks, let's just start with that. Um, and I'm gonna be honest with you, like I'm gonna be straightforward, right? Most of them are completely built wrong. Small business network, I'm coming across a lot of them awfully, and it's not because people are careless why they're built wrong, or people, you know, are incompetent, or your brother or cousin or whoever don't know what they're doing. It's it's it's because they don't well it's because they don't know if they don't they don't know they can't do it if that's the right way. So it's not it's not incompetence, it's just uh a lack of knowledge, right? So let's define the topic so I can I can not sound so arrogant, right? So when I say networks are built wrong, I'm not saying that it doesn't work, right? Most of most of the time they do because I've I've gone into businesses and everything works, right? And they're you know, so it's not like the network is not working, you know, you got internet, you got your computers are connected, your printer works most of the time. I get calling for that, but pre printers work most of the time, right? But the thing is that there's no structure to it, so this is where my ad comes in, but it's not just my ad, it's it's it's the it's the better business practices. So I'm not pulling this out of thin air, it just kind of aligns with my ADD, right? So the proper built network isn't just about is it working or not, right? You have to get away from that simplistic way of thinking, it's about control. Here the keywords control, scalability, and security. These are the things that have to be built into the design of the network. So we're gonna break them down individually and we're gonna get to the point, right? So the reality how most networks are set up, what I'm coming across of late is that you typically see you know the ISP modem in a closet or on a shelf or by the by the first person's computer or in the in the office with the off with the with the boss or whatever the manager or the owner or whatever there's a there's a uh ISP router from Comcast or Verizon, right, in the closet somewhere, right? And then it in it has kind of a basic router or it's the router itself, right? It's the built-in all-in-one type deal, and it'll also have maybe a mesh network from Google Mesh or one of those ones for the house that has limited functionality. You have that spread out all over the office, and then all of the the IoT devices, all of your phones, what are the whether the tablets belong to the business, uh, whether it's belong to the the the the workers personal phones and everything is on the same network, right? And TV store, everything is everything is connected, everything is connected to the same network, no separation at all. So if you have a situation where you have guests coming in, their clients coming in, they hop onto the same network that a printer is on, and your computers are on, and everything is on the same network. That means that work computers, personal phones, smart TV, security cameras, everybody communicating to the same network on the same network, IoT devices, you know, everything, and they can see each other, right? And if they can see each other, that's just cut that that's well, if they all can see each other, and that's kind of that's what I just described is known as a flat network in the um in the biz. And what that does, it's if one thing goes wrong, if if one computer gets compromised, if one thing happens, that bad actor has access to everything. And I'm taking my time to talk about this because it it's not good, right? And I want businesses if again, if you're not calling me or calling MSP, if you know you're doing this, right? You want to get this rectified as soon as possible, right? So it's a big problem. Now, what the problem is, let's go into more detail. No network segmentation. That's what we're calling the business, no network segmentation, network's supposed to be segmented, all right. Everything being on the network might be simple, right? Anybody can throw that together, your cousin core throw that together, you can throw that together, you know, it's not it's not hard. Sometimes the MSP with ISP will tell you to install this and and that's it. Not knowing that every business is different and unique and require different networks to function, you know, and be secure. So if one device is again is compromised, it exposes everybody to everything, and there's no segmentation, talk about that already. Right, so office devices are not separated, guest devices are not separated, IoT devices are not separated. When it's an IoT device, I'm talking about internet of things. Your TV is an IoT device now, right? So just you know, they add a stream to it, and your Roku, and you know, you have your your phone system, which is known as VoIP, that's on the same network, and that requires in some businesses, like I do call centers, the IoT devices are like very important, because that's like mission critical, right? So that has to have certain protocols via open through the firewall so that the phone calls get priority. These are like let's call um quality of service, and this is all these little things that you have to tweak in the network, right? And you normally get your segmentation. Well, this I'm not gonna be all fancy with you, you can get it multiple ways, so you can have you can separate them via hardware, so you can you can separate them by getting a switch for each department, and that's how it used to be back in the day, or you can get one of the switches that that we use here, like your TP Link or you you um Unify, which have VLANs built in, which is where virtual lands or virtual networks built into it, where you can use just the one hardware and then segment it via that, but it has to be segmented, and you have to you can you can poke holes into the network to see which one if you want to have accounting see something in you know another department, you can poke holes just for those things. Let's get in too too too you know too deep, and I'm I might do a paper on that or or a podcast on that later, but I want to talk about want to give you the idea of what I'm talking about. So, problem number one is like everything is on the same network and it's not segmented, right? Problem two is the security that comes after as is an afterthought with people who do these kind of flat networks. Security is not their focus on nine times of ten. What they really do is like you get a business, you start a business or whatever, and you need internet, you get your call ISP, they come in, they give you the modem, you call your cousin or whatever, he comes in and he connects up everything, or you come in on a Saturday before the business opening, you connect whatever they give you to connect, and you have internet and your computer, and yay, and you're good to go. And that's it. We're not thinking about it any deeper than that, and that's a problem. So when when security is an afterthought, whatever the router comes with is just that's what you got, right? And so no firewall rules, no traffic control, no monitoring. So you're not you're not allowing you're allowing everything in the network when they said no firewall rules, everything can come and go, um, no traffic control, right? You that's kind of some sometimes you can stop six shop hackers from the router, and that's how you're gonna control the traffic, kind of like a highway. You can stop and go red light, green light, you know, type of thing. Um, no monitoring, you're not seeing what's coming in and what's going out. We can monitor networks, we can monitor networks with network monitoring served software. You can see what computer is acting funny, what your employees are doing, where's what sites they're going to, right? So just a plug and play type of deal is not really good if you have a business and you have sensitive data on that business, and and so on. I've come across like dentist's office with this kind of a setup, so it's kind of cringy, right? So here's the reality modem modern threads don't really care how small or how big your business is. So I'm keep I keep telling you guys security. Um, these guys they don't care, they just want to be able to lock everything down, get some ransom from you, you pay it because you're panicking, and then they make some money, right? So that's problem two. Problem three is no planning for growth. So you start out small, you maybe have three computers, ISP gave you a modem, and the modem has is built in, it's like one box, it does Wi-Fi, does it have four ports for the each computer, and maybe extra port for a printer, or maybe the printer you have is like um an HP printer from from you know staples that anybody could use, and it's Wi-Fi, so you don't need to plug into anything, and that's your setup, right? You've been doing that for three, four years, and all of a sudden you get a big client, you need to do you need to do more. You can't just come and throw them all on the same network, right? Because now you now you have from three people you have now, you have an HR person, you have a you have a sales team, and now you have like an accountant, and you know you have people who who who work and go out into the field and technical people, you have all that stuff now. So the network you have initially set up that cannot handle that volume, so you have to plan for growth. So you didn't plan for good initially because I the flat network, but now you have to call somebody in, or maybe you to try to do that. What's gonna happen is that the Wi-Fi won't work, and the printer will stop working, and you you'll just have a slow network, people can't open things fast enough. You know how people are because I'm I'm coming across this a lot too. And you know how people are when they work in the office, and they'll have like a computer and they have like every tab open that they're gonna visit the sites and the paper and whatever they're gonna do, it's all open in the browser, like you have like 50 things open in the browser and just sitting there. I never understood that, but people do that, not understanding random memory, how that works, and that's the stuff that's using the network, it's just sitting there using networks. You need a bigger pipe, a bigger network to handle the volume. So you have to plan for group, you have to have a network that that is scalable, right? So, what happens is that more devices get added, Wi-Fi starts to slow down. Talk about that, um, coverage becomes inconsistent. Like I said, you talk about your tech guys that are are you guys that go out into the field in other little cars and whatever, they have the and they're in the back, right? And your Wi-Fi router is in the front by the boss's office, they're not gonna be able to pick up a good signal back there. They have like tablets that they use, right? Um, you know, that probably dump stuff to the servers, and the it's just all kind of scenarios. They can't pick up a good signal, they gotta come all the way inside to get the signal. You're gonna need to call somebody scalable, right? Things start to break randomly, can't hang on the volume. So now you're patching problems instead of just having a good stable network that can hangle the volume. So a good design network is scalable, and that's kind of what I'm saying. It's scalable and not just it doesn't just survive, it's scalable. Like, I can't I've used my house as an example because I do a lot of work in my in my garage, and I have my network separate separated, segmented, right? So there's a house, and even in the house, there's a VLAN. Now you don't have to really do that. I recommend people do it because of the IoT devices now that we have, so we have to have some kind of segmentation. And the good thing about some of these some of these consumer routers is that they do come with you know the guests and then the regular network, so they're coming out with routers now out of the box that has a segmentation. But what you should be doing is have your regular network that you and your devices and the home go on, and then you have the guest network which you put all the IoT devices on, and and your guests can use that because what that does it separates the home network from the guest network, and they don't they can't see each other. So, say one of those devices, which more than likely can get compromised because those are the ones that's out into the world, you have no control over what you know ring ring does or what NES does. So you you if anything you compromised with that business or that company, it doesn't lead into your phone or your laptop or or anything else you use, right? So I know that there's there's exceptions to the rule, like sometimes if you get to control your TV with your phone to be in the same land. I get that, but you have to just like I said, there's no solution to life alone in trade-offs, and you can put your TV on your LAN if you really, really, really want that feature, right? But then you have an IoT device or IoT device on your line, like your TV. On your TV, believe it or not, it looks at other things on your land. That's kind of how Toshiba and and and LG and all this stuff are doing. That's how they're able to get some of the commercials that they present to you because they can see things, but they're coming out of the box with a segmented network, right? But like in my house, again, I have the Hutchison network, which is for the family, and then I have the guest network, which is what people come over to the house they go on, but also the guest network is also my IoT device network, right? But I have prosumer routers in my house, so the garage has another three networks again as via VLANs. You have the Alix Custom Tech Network and you have the Polyviolon 97 FM network, and then you have the IoT device network, which is separate from the one that's in the house, because the one IoT device network is in the garage slash office is what manages the cameras and that kind of stuff, and I have to segment them because again, like I said, these are our outside vendors that I have um that I run these cameras, so if they get compromised, I don't want them to see what's going on with Alex Custom Tech. I don't want them to see what's going on in my radio system, I don't want them to see anything. So if they compromise those cameras, they still can't get the whole of my to my documents in my network. I can't. Alex Custom Tech can't see what's going on, what goes on in Polyviol97 and vice versa. The only thing that they probably the only thing they might be able to see is if I have like a NAS server somewhere, they can see that NAS, but that's all they can see, they can't see each other, right? My kids cannot see what I do for business, they don't they can't see or access anything on that network, they can't. So we all get internet from the same ISP, but it's all segmented, and that's what it means. So, security is a part of what I did when I designed it, and you have to think about that too. Not to mention, there's even um my phone, which I am still working on, but my phone is its own, can be its own thing, right? I don't make it my own thing, but it can be. I put it in the same network as my as my um athletics custom tech, right? But it can. So again, your plan for growth. So let's talk about problem four, right? Using home equipment for business is what we're talking about. So again, you stick to get the business, you start out, they give you a router with everything inside of it, you go that you go to town with that. That's the biggest one that I have a problem with because a lot of these small businesses are running on consumer routers, mesh systems, and plug and play user gear, like like I mean, I mentioned the the the um the printer, right? And those things are built for houses. Businesses have a different need, right? Multiple users, sensitive data, reliable requirements, remote access, they gotta get to the things even though you're not there, and you have your voices system, which is your phone system. That you need to have a separate your router, you gotta be able to hangle that, you're gonna be able to have the the IO um quality of service, the QOS. It's very important. So, consumer gear isn't built for that level of control, and that's why I don't buy consumer consumer routers, I buy proto routers, pro routers, pro routers, right? So the proper setup looks like look like high-level networks, right? High level, but you want to say high level, that's let them comfortable with that. You anybody could really do this if they know about it, right? But you're gonna have to I don't want to go too deep into this, like I said, I wanna go to deep into this because that's because a full episode by itself and our paper. Um but the level of a network if you're dealing with a business should include a dedicated router slash firewall, so it's one unit, one device that does that. All it does is routing and the firewall, firewall and router are built in. That's it. One device, that's all it does. It doesn't do Wi-Fi, it doesn't have multiple ports, it just does firewall and routing, right? You need another switch, you need a switch connected to that, and the switch should be managed when I say manage switch because there's like on managed switch and managed switch. You people who have your house, you have what's known as a not on managed switch. So we plug whatever you plug into it, it just works, like it it's whatever port you're plugging anything into, it'll just see the MAC address and the IP address, and it check with the router, and it just works. It's dummy, it's whatever. But a managed switch have multiple ports. Maybe sometimes you can get like a 12.1, 12.1, or 24 port 1 or 48 port one. But what with the manage you can manage each port on the switch, so from 1 to 48, you can say, Okay, only allow this list of MAC address on this port. So port 1 can only come on if the MAC address matches this list, and then it comes on, or you can say turn off all these ports except for these three or these four, right? Or you can say port one is on this network and port two is on that network and port three. You can manage how things how the ports react to what's plugged into it, or in like for instance, you might go to an office that you see a port in the lobby. When you plug into that port, there's a switch on the other end in the back in the closet, right? When you plug into that port, it says, I don't recognize that MAC address, so I'm not turning on. So people can just plug into that switch. But if you have like a consumer router, consumer switch, and you connect all your ports and your building to that switch. When somebody comes into the lobby and you plug into that, it's gonna respond and say, Oh, a computer's plugged into me. Let me give him a MAC address and let me let me give him my IP address. And let him know where where the router is, and it just tells him everything, and then that's how he gets into the network. So you kind of want to have that managed switch there for that purpose, right? Now, segmented network VLANs switch can do this, or the router can do this, right? Where you separate departments, you can separate it just based on the department. Okay, the the office staff or admin staff has this LAN, and the technical guys have this one, and the HR have that LAN, and and then their resources are just for them, and they only have access to what they need. Sometimes office have multiple pump computers, multiple printers, or sometimes they have like one printer, and or sometimes, but and most of the time I see printers in different departments, like you have the main printer in the in the admin part, and then the the the tech guys, they have their printer in the back, and you know, so people and then the printer only prints their stuff, right? Sometimes the printer itself is designed to print their stuff, the labels are in there for them, and so on and so forth, and then you have the proper Wi-Fi access. So the Wi-Fi is pretty cool because what the Wi-Fi could do, it could have all those networks as as as um IDs or names in it, so you can have like HR for so and so, and it broadcasts all those IDs, but then you're gonna you can log on to the one you have the access to, so you don't need multiple routers for each network, you have one multiple Wi-Fi access point for each network. You have to have one access point in that room, right? But it displays all the network IDs, and then you can just log on to the one you need, right? So, again, this is not consumer stuff, this is prosumer stuff, right? And then define the rules for each part of the network. So, again, you can say define the roles, so you know, say he the the technical guys have access to this printer, and they have access to these documents, and they can't look on these other documents because then the networks will block them, or if they do, they don't they need they need um um they need passwords and usernames that they don't have, right? So you won't let them see certain things, maybe they can see it, but they can't write to it, and these things are you want to like intricately um figure out so it requires a lot of planning before you deploy, right? Now, again, nothing nothing is just plug and play in this high-level network, and these are all networks are really designed, they get really more even more elaborate than this. But why does it matter? Okay, you notice that bad networks work until they don't, right? And you get data loss, you get security breach, you get internet issues, you get system going down, and all these things cost you money, right? So you kind of want to have this thing planned ahead of time, even though you're a small business and you have like a five people team or whatever, you know that you're you're doing it to grow, so you can you know plan ahead because like my network right now, even the radio system, which is just me, and it's an internet radio, it has the I can literally the way it's designed, I could get multiple studios, and I could have multiple computers in here, even though it's just a little small studio for myself, and you know, even Alice Custom Tech itself, like it's designed to have the office, but I could have another building later on, and I can have multiple computers in here, and wouldn't need to have to change anything what I have here in the here in the office, and that's scalable, it's it's it has the potential to scale right now. I only have one access point in the garage, and another one in the house, and they they have this the broadcast CMID. The reason why the one in the house is in the house is when I bring my laptop, my working laptop in the house, I'm working in the house, which I shouldn't do, but I do work in the house sometimes because I'm lazy. I can log into my Alex Custom tech network and see files and stuff that's in the garage. My kids don't have access to that password, they don't know, they can't see it. The only person who can see it is if they log into that network with that credential. That's what happens when you have a high-level network or a network that's designed for business, right? And if you have a business, you should be thinking about this. This is important, this is not really optional, you know. Like, you really should you shouldn't have a flat network as a business, there's just no way, even if you are just a one-man team, you still shouldn't have a flat network. You should should have a network that is segmented, right? From your house to your business, if you ever from home or if you have one office, you should still have that VLANs capability in you. You don't buy a red, you don't get a regular router from MSP, you have a router and firewall separate, and then you have a switch, manage switch separate, and you have your access points separate. The device should only focus on one or two jobs, it should be doing everything that's important. You can go down to Microsoft and pick up this stuff, it's there, right? So that was a long one, but I like talking about networks, it's kind of one of my favorite things. So, in closing, most small business networks aren't built, well, or built wrong, and I'm telling you, I'm coming across a lot of these now because I'm doing this upgrade to Alex Custom Tech, and I am um focusing on MSPs, and I'm coming across a lot of wrong build networks, and I'm helping people out, it's not like I'm not helping them, but I just see it and I'm like, okay, if you're listening to this podcast, take this, don't take this away with you, okay? If you have a flat network, work on that, right? Um, so they're they're mostly built wrong, and but it works, they work, right? But they're they're not scalable, and we don't want that. So get hold of IT person to help you design out something, right? Or reach out to us here, Alex Custom Tech, we'll help you design something that works uniquely for you, right? And um, I'm gonna talk about in my next podcast more likely about how the onboarding process works with with us here, but I don't like talking about my business to myself sometimes because it it I just don't feel comfortable, you know. But check out the website um if you're interested in getting help, and there's a form on there you fill out, and then I'll reach out to you definitely. There's some things I gotta fix here. My phone is acting funny, so I'm gonna have to work on that today if I get the chance. So, like I always say, stay productive. Remember, remember, remember, remember, remember. Business don't have flat networks. Get prosumer equipment for your small business. Okay, until next time, stay productive.
SPEAKER_00You've been listening to Act on Tech, powered by Alex Custom Tech. We help small businesses take control of their technology with secure networks, reliable backups, and systems designed to run without interruption. No guesswork, no quick fixes, just IT that works the way it should. For business services and professional camera installations, visit alexcustomtech.com. Stay connected, stay secure, and stay in control. This is Abby, and I'll see you next time.
