Abstract:

Small and medium-sized enterprises (SMEs) are increasingly exposed to advanced cyber threats while lacking the budgets, infrastructure and specialist staff available to large organisations. At the same time, pressure to digitalize makes their core business processes strongly dependent on IT environments that are often built ad hoc, with limited redundancy, monitoring and security-by-design. Reports highlight low digital maturity in many SMEs and a threat landscape dominated by software vulnerabilities, compromised credentials, ransomware and social engineering, which creates a clear need for practical, low-cost ways to improve cyber resilience. This paper addresses that need by analysing key technologies relevant to secure SME infrastructures: server and infrastructure virtualization (KVM, Proxmox VE, Hyper-V, VMware vSphere), data storage systems (NAS, SAN, Software-Defined Storage) and selected cloud services in IaaS/PaaS models. Based on this analysis, it proposes a reference low-budget, corporate-class architecture built mainly on open-source and commodity components, with cloud services used selectively. The goal is to offer SMEs a realistic blueprint for moving from fragmented and vulnerable setups to more resilient, manageable environments that better support business continuity and cybersecurity.