There is a lot of good information (as well as a nice list of vendors) in this Processor story and sidebar about small and medium-sized enterprise security. But the writer misses an important big-picture point.
The author astutely points out that SMEs can't delude themselves into thinking that they are not vulnerable because the hackers, crackers and other bad guys will train their fire on bigger companies. That, if anything, is diametrically opposite of the truth: The reality is that big companies throw so much money and manpower at security that hackers and crackers are starting to see smaller organizations as the most fruitful to attack. Ironically, they are following the lead of vendors, who suddenly are finding that size isn't as much of a deterrent as the enterprise market grows saturated. SMBs must recognize that anonymity is no longer a responsible strategy and react according.
The writer spends most of her time discussing ways to protect a small business. These are suitably tweaked versions of strategies designed to guard enterprises. After all, electronic networks big and small have the same basic elements.
The bigger issue, the one that the writer doesn't tackle, is whether smaller companies should consider farming out more of their security to third-party providers. There is a lot to be said for doing this. Security service providers have more expertise and react more quickly to new threats. The downside is the need to trust outsiders with the lifeblood of the organization.
This article at the Small Business Security Portal also provides good advice on making a small company's data safe. The author provides three questions that are a litmus test for SME data security. Answer yes to any, and the organization probably is doing something wrong. The message underlying the practical advice is that security won't take care of itself.
The Internet instantaneously and forever changes the dynamic between big and small companies. It is possible for the small fry to compete in overseas markets, agilely introduce new products that take the fight to much bigger companies, and otherwise do business in ways that were impossible before. The downside is that SMEs' responsibilities also grow. Luckily, executives at some small firms understand this. The hope is that, over time, an ever-larger amount will follow suit.