The received "wisdom" in respect of dedicated servers, is that your network needs to be of a certain size to warrant one. So in the dental market, I often see advice to the effect that, for example, if you have 2 or 3 workstations on your network, then you don't need a dedicated server. But if you have 5 or more then you definitely do.
This is, it has to be said, total nonsense.
At Dental IT we look after plenty of sites with 2 or 3 workstations that have a dedicated server, and quite right too. Without a dedicated server, your ability to have a network that is secure, reliable and manageable is severely compromised.
This isn't because it's a bigger machine, or it sits in a corner without anyone accessing it (although both those elements are indeed part of the picture), it is primarily because the computer runs Windows Server Operating System, not Windows 7, 8 or 10.
Having a machine running the Windows Server OS on your network introduces a whole array of benefits which you do not see without it. These are:
A centralised user account system
Windows server gives you a centralised account system for the entire network - this is called AD (Active Directory). Every user on network should have their own user account. If you are logging onto each machine as a generic user ("user", "administrator", "surgery1" etc), then by definition you are probably sharing accounts, sharing passwords, sharing access levels to local and network data and applications. The user probably has admin rights. This is all very bad practice, and is discouraged by all relevant industry standards and compliance/certification schemes (see e.g. Cyber Essentials, IG Toolkit).
A centralised network-based permissions system
Following on from creating users, you can then specify what resources these users can access. And this applies to every machine and every resource, every application and every bit of data on the network. Some applications even integrate with AD, so you have a single authentication database that applies to other systems as well.
Centralised server-based document stores
You may have this without a dedicated server to some extent; it is perfectly possible to have a workstations PC running Windows 7 sharing a bunch of files to the network. But what you can't do, is anything clever or secure with that. At Dental IT, we enable "redirected folders" for most users; what this means is that every bit of data generated by the user - every document on their desktop or file in their documents folder, is synced back to the server… so whatever machine they log into, they get access to their own documents.
A centralised server means you can apply consistent policies across the workstation estate. You might have 2 PCs, 20 or 200 - but you want each PC to be, as much as possible, the same as all the others. So, for example, you want each PC to have the same security policies, to have the same configuration for auto-updating, to have the same software installed; you may want customisations that apply across every machine or user, or groups of users, for example the same desktop background, or the same Internet home page. Huge amounts of settings can be configured across the group, to apply to all users, or groups of users or groups of computers. This is good for security and manageability.
In many businesses, the same user will use the same computer every day. But other businesses allow hot-desking, where any user might use the same computer as anyone else. Actually, in dental practices, this is very often true - due to shift patterns, and shared responsibilities. Having a central server and centralised user accounts allows this to work perfectly - whatever machine the user logs into, they will receive the settings and permissions appropriate for them. This is efficient and productive.
Monitoring and reporting
Without a server, you can't easily tell who has logged onto which machine where. With generic user accounts, it is impossible to do this. Having a proper Server Operating System gives you the ability to monitor and report on all network usage.
The latest Microsoft Server Operating Systems (2012 and 2016) are inherently cloud-capable. They can link to, for example, Office 365 services so that the same username and password for your network, also gives you access to cloud services.
Without a dedicated server, it is likely that your network is something of a mess. There are 2 models of network architecture for a small business: peer to peer, and client/server. If you don't have a dedicated server, then you are running a peer to peer network by default. Yes, one of your machines is probably acting as the "server", it may even be called a "server" and it probably has most of your network data on it, and it probably has the backup system on. But there will most likely be data on other machines on the network too - not backed up, and insecure. On a peer to peer network, the "server" machine is also called a "shared server". This means that a user is logging onto it every day to do their normal operational duties, in addition to its role as a the network server. This is a disaster waiting to happen - normal users should not be logging into the server machine every day. Moving to the client/server model introduces network disciplines that will result in a more secure, more reliable, and more productive network.
Finally, a note on cost. Moving to a dedicated server will not necessarily cost the earth. Yes, if you specify the server well, then it will cost £3-6000 or more. But a basic server for a small site without a huge IT budget could cost less than £1000 - less than the cost of many Corei7 workstations.
Last edited: 29 September 2017