Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
In addition to the usual protection advice (disable upnp etc) I have the main admin account setup with 2FA using google authenticator. Staff work stations are connected via LDAP Windows Auth (pGina - http://pgina.org/) and have access to their own home folder and limited shared folders depending on their requirements (so no single account has access to everything. Remote Access is done via OpenVPN that passes though a wireguard firewall. I also have my own DNS setup for the entire office running (Adguard Home - https://github.com/AdguardTeam/AdGuardHome). I'm running local backups (once weekly) and snapshops running hourly for 48 hours, daily for 14 days, weekly for 8 weeks and monthly for 4 months. I also have a third backup weekly setup to a 3rd party service (backblaze - https://www.backblaze.com/business-pricing.html)
In addition to the usual protection advice (disable upnp etc) I have the main admin account setup with 2FA using google authenticator. Staff work stations are connected via LDAP Windows Auth (pGina - http://pgina.org/) and have access to their own home folder and limited shared folders depending on their requirements (so no single account has access to everything. Remote Access is done via OpenVPN that passes though a wireguard firewall. I also have my own DNS setup for the entire office running (Adguard Home - https://github.com/AdguardTeam/AdGuardHome). I'm running local backups (once weekly) and snapshops running hourly for 48 hours, daily for 14 days, weekly for 8 weeks and monthly for 4 months. I also have a third backup weekly setup to a 3rd party service (backblaze - https://www.backblaze.com/business-pricing.html)