A recent survey of small business attitudes by security vendor Trend Micro concluded that the threat of cybercrime is an increasing concern for IT decision makers. I personally view this as a good thing, since my opinion is that security is for SMBs, too.
Today, I would like to highlight some simple tips in the report that small and medium-sized businesses can implement in order to more effectively defend themselves against the constantly evolving nature of security threats.
Ensure that effective passwords are used
SMBs might well be splurging on the latest security hardware or software, but all would be moot in the face of poor passwords. Another common problem would be to leave default passwords for various networking equipment untouched. This is akin to leaving one's main door unlocked, so do make sure that passwords get changed at the earliest possible opportunity.
I wrote aboutsimple password tips for SMBs recently, so be sure to check it out.
Discourage employee downloads from non-trusted sources
The current generation of antivirus software is really only as good as the latest virus definitions. With new malware appearing all the time, it would not be inconceivable to be infected with a new virus or worm not previously known to the security vendors. As such, more robust security could be achieved if employees are trained not to download unknown applications or games from non-trusted sources.
An alternative around the shift to whitelisting of course, would be for you to<strong>keep all OS and application software up-to-date</strong>.
Another important aspect of maintaining better security for your SMB would be to ensure that all OSes and application software are kept up-to-date with the latest patches. The logic is simple: Without updates, your systems are unprotected against new threats. While this sounds like a no-brainer, the truth is that some SMBs don't have IT staffers who have been delegated this role.
For even better security, you might want to check out alternative software to popular yet vulnerable applications such as Adobe's PDF Reader. In fact, I have written about a free alternative to Adobe Reader previously.
When shopping for security solutions, buy with growth in mind
Keep in mind that your company will grow. So it makes sense to shop for security solutions that are able to grow in tandem as your SMB hires new employees or opens new branch offices. This can be a complex topic by itself, but generally means an awareness not to be trapped by licenses with geographical clauses, or pricing bands that are favorable to expansion later on.
Do not neglect back-ups
Despite one's best efforts, security incidents might nevertheless occur due to inexperience, negligence, or sheer bad luck. It would be nave to be unprepared when such breaches might leave your SMB reeling from some form of data loss or corruption. When that happens, the availability of a backup is vital.
To this end, you might want to check out a recent blog that I put together on SMB business continuity and disaster recovery.