Peer to Peer office network environment… may not be a good fit for you after all.
As we deal with small businesses (usually less than 30 users) we notice that many companies in this group run an unorganized file sharing process where data is spread across many computers in the network with no one really controlling access, permissions, etc, or we see an environment where the small business installs a Network Access Storage (NAS) unit and just uses its basic file sharing functions to allow file access.
This basic form of networking is known as a Peer-to-Peer network (if the NAS is not properly configured it can also be considered P2P) where network users share resources (files, printers, devices, etc.) among themselves without centralized administration, this networking model is usually embraced by small organizations because it requires little or no technical knowledge to be implemented and because it addresses the need of allowing users to share information; though practical in use and easy to implement, a poorly implemented peer-to-peer network configuration may cause damage that may eventually offset any benefit gained by it.
Among the main risks of running are P2P network in an office environment are:
1.Lack of accountability: usually this type of environment only has one user account or shared user accounts to access resources, as different people use the same account coupled with a lack of logging settings no one really becomes responsible for the data, causing a nightmare if data is corrupted, deleted, or modified without proper authorization.
We were recently contacted by a small financial management firm in Jersey City, NJ to help them with data recovery services, as they described it: “documents disappeared overnight”. Needless to say the manager was very upset with this event and wanted to hold someone responsible for it, as we surveyed the network we noticed they were running on a P2P network model in its most basic form.
This model has worked for them since they started the office 4 years ago and they kept it even though they grew to become a company of 15 people. We recovered the data but could not determine who deleted it in the first place as everyone was sharing everything with everybody and many of them used the same user accounts, we narrowed it down to a group of uses but at the point it was futile to point a finger at someone. After we explained the benefits of running a centralized administration to the managers they decided to implement a Windows Server solution in the office.
2. No Centralized Backup: in the previous example of our small financial company in Jersey City, the manager was running carbonite backup on his computer, however the deleted documents were stored on another pc sharing resources. Backup becomes a challenge in a P2P network computers they are added, removed, data spread across different locations etc.
3. Duplicate Data: As many users work on the same files it’s almost inevitable in this type of environment to stop users from copying the documents to their own personal computers to work on them, this causes a problem when the users upload the documents back to shared drive and the process is replicated by many users multiple times a day as you have different versions of the same files in different locations.
4. Security Risk: As file access is wide open anyone who connects to the network can potentially access those files as well. Let’s say a company have a P2P network and also decides to allow wireless connectivity to their employees. If not properly configured, once someone gains access to the wireless network they can also access the files or if the wireless networks gets compromised files will be easily accessed by unauthorized users.
5. Malware Spread: P2P are fertile ground for Viruses, Trojans, and many other different type of malware to easily spread in the network as they exploit vulnerabilities in the different sharing protocols and take advantage of wide open computer access.
I like using real life examples so let me tell you about an import company we now service in Midtown NY. They are a company with over 80 employees with half of them in the NY office and the rest work between Secaucus NJ and remote locations. One of the designers came back from a business trip to Asia where she used her company laptop to work during her staying, three days after she got back to the office two users reported to their manager that their computers were “acting funny”, meaning they believed the PCs had viruses. Next day after more users reported the same issue, now there were about 12 users reporting the problem even though the computers were “protected” with an Antivirus software.
When we came in we to assess the damaged there were 18 computers affected by this Trojan that easily replicated in the network using administrative credentials they all shared in the P2P configuration. It was surprising to me to look a business of that size and revenue running as if they were a mom and pop shop but the story is almost always the same, they implemented P2P solution when they just fist started and didn’t upgrade the technology as the business grew. We implemented McAfee EndPoint protection, a real Antivirus solutions that would have avoided the Trojan replications in the first place and planned the upgrade and implementation for a Windows Server 2012 Active Directory network.
We can say that Peer to Peer networks have its place in businesses still, however there has to be a turning point where businesses upgrade to centralized administration to avoid many of the issues previously described. As a matter of fact, we still have small clients running in a P2P environment, we see no justification to implement centralized administration yet but we managed and control the environment to the point of avoiding its pitfalls, that’s one of the benefits of working with a company like ours. We have our clients’ interests at heart when implementing technical services and solutions.
Feel free to contact us for technical support services in New Jersey and NYC or if you want us to evaluate your current network configuration as your consider Microsoft Server Active Directory implementation.