1) Know what you need to protect. Most businesses have customer information that would cause harm to the business if lost or stolen. Others have intellectual property. One data breach could mean financial ruin for a small business. Look at where your information is being stored and used, and protects those areas accordingly.
2) Use a reliable security solution. Antivirus alone is not enough. Small businesses need to leverage security solutions that employ a defense-in-depth approach, relying on multiple technologies such as intrusion prevention, browse protection, and behavioral-based malware detection in addition to traditional signature-based protection. Today’s solutions do more than just prevent viruses and spam; they scan files regularly for unusual changes in file size, programs that match known malware, suspicious email attachments and other warning signs. At a minimum, you need a solution like Norton Internet Security or Symantec Endpoint Protection. If your company manages its own network make sure you have appropriate security at the gateway and the mail server.
3) Stay up to date. Be sure to keep computers up-to-date with the latest patches and updates to increase resistance to attacks. Unpatched systems give attackers easy ways to force themselves into your environment. And a security solution is only as good as the frequency with which it is updated. New viruses, worms, Trojan horses and other malware are born daily, and variations of them can slip by software that is not current.
4) Educate employees. Develop Internet security guidelines and educate employees about Internet safety, security, and the latest threats. It’s essential that employees learn to spot the telltale signs of social engineering tricks, which include undue pressure or a false sense of urgency, an offer that is literally too good to be true, a bogus “officialese” in a attempt to make something look authentic.
5) Enforce strong password policies. Using passwords with eight characters or more as well as a combination of letters, numbers, and symbols (e.g., # $ % ! ?) will better help protect your data.
6) When in doubt, throw it out. Links in emails, tweets, posts, and online advertising are often the way cyber criminals compromise your computer. Get rid of anything that is out of the familiar.