- Jun 23, 2014
- 1
- 0
- 4,510
Hello,
I think I know how to solve this problem, as it is relatively basic, but I wanted to get a second (or more) opinion, just to be on the safe side.
The Office Suite in General and Set Up:
Where I Would LIke to Get a Second Opinion:
Since all 5 offices all physically plug into the same AT&T router, and all use the same WiFi access point, I am a little leary of this set up, since I work with confidential client data, and all offices are sharing the same network connection. Each office is just a separate node on the same LAN network behind a single router (if I remember my networking class correctly).
I never work from home, and I have no other offices and never will, so I have no need for a VPN. My office is locked, as is the office suite, so all equipment inside is not accessible to the other businesses in the office. I do not hosting anything in my office, as I have third parties for that, so I don't have an email/file, or any other kind of server running in my office. Therefore, I believe the physical security is there. Oh, finally, all I use in my own office is a laptop, and a printer, and I physically connect via USB to the printer.
But I am still paranoid because my client information is of utmost importance to me, since I fall under vague HIPAA regulations. I store nothing in "the cloud." I do use LuxSci to host my email and website, and they provide encrypted TLS to their server and webmail via internet. But I still want my internet traffic, whether I am doing research or literally anything, to be private from the other business in the office suite. Therein lies the challenge.
My plan was to simply use my office drop to connect to my own router which I will purchase on my own. So, I guess I am creating my own sub-net (sorry for any butchery of terminology - I used to work in IT a long time ago). The router will have a built in firewall (as they all do nowadays), and I am assuming that this would be sufficient. The firewall would block any outside access over the network from any of the other businesses, and the combination of NAT and TLS encryption would keep my internet browsing and email checking safe.
I am making the assumption that daisy chaining my personal router with the AT&T router will work, and that I want to NAT enabled. Is this correct?
Finally, I would like to have my own wireless, so I could also use my personal router to have my own personal access point. I wouldn't broadcast the SSID, I would use WPA2 (or whatever the latest is) to protect access to it, I would use a different frequency than the AT&T wireless so there is no performance degradation or signal problems, and I will probably use MAC filtering.
So, what do you think? Will this protect my business' connection and traffic via the shared single office connection from the other businesses? If I am missing something, or you have any other suggestions to make this bullet proof, and suggestions would be greatly appreciated! Thank you!
I think I know how to solve this problem, as it is relatively basic, but I wanted to get a second (or more) opinion, just to be on the safe side.
The Office Suite in General and Set Up:
- I reside in an office suite.
- This suite has 5 physically separate offices inside, which are rented to 5 separate businesses. For example, one person is an auto-broker. Another is an insurance broker. I am a therapist.
- The landlord pays all utilities, including internet access.
- He has AT&T service, and an AT&T provided router connected to the modem. The router has the SSID and password to the wireless access point on a sticker on the router (...a horrible convenience). .
- Each office has one wall drop that has its own patch cable running into one of the ports in the AT&T router.
Where I Would LIke to Get a Second Opinion:
Since all 5 offices all physically plug into the same AT&T router, and all use the same WiFi access point, I am a little leary of this set up, since I work with confidential client data, and all offices are sharing the same network connection. Each office is just a separate node on the same LAN network behind a single router (if I remember my networking class correctly).
I never work from home, and I have no other offices and never will, so I have no need for a VPN. My office is locked, as is the office suite, so all equipment inside is not accessible to the other businesses in the office. I do not hosting anything in my office, as I have third parties for that, so I don't have an email/file, or any other kind of server running in my office. Therefore, I believe the physical security is there. Oh, finally, all I use in my own office is a laptop, and a printer, and I physically connect via USB to the printer.
But I am still paranoid because my client information is of utmost importance to me, since I fall under vague HIPAA regulations. I store nothing in "the cloud." I do use LuxSci to host my email and website, and they provide encrypted TLS to their server and webmail via internet. But I still want my internet traffic, whether I am doing research or literally anything, to be private from the other business in the office suite. Therein lies the challenge.
My plan was to simply use my office drop to connect to my own router which I will purchase on my own. So, I guess I am creating my own sub-net (sorry for any butchery of terminology - I used to work in IT a long time ago). The router will have a built in firewall (as they all do nowadays), and I am assuming that this would be sufficient. The firewall would block any outside access over the network from any of the other businesses, and the combination of NAT and TLS encryption would keep my internet browsing and email checking safe.
I am making the assumption that daisy chaining my personal router with the AT&T router will work, and that I want to NAT enabled. Is this correct?
Finally, I would like to have my own wireless, so I could also use my personal router to have my own personal access point. I wouldn't broadcast the SSID, I would use WPA2 (or whatever the latest is) to protect access to it, I would use a different frequency than the AT&T wireless so there is no performance degradation or signal problems, and I will probably use MAC filtering.
So, what do you think? Will this protect my business' connection and traffic via the shared single office connection from the other businesses? If I am missing something, or you have any other suggestions to make this bullet proof, and suggestions would be greatly appreciated! Thank you!
Facebook
Twitter
Instagram