In addition to training, small & medium sized businesses also frequently fail to adequately accommodate security issues. Organizations either don’t recognize the risks or fail to take them seriously, thereby making security failures the sixth most-common tech mistake.
The costs are staggering. Large US organizations lose some 2.2% of their annual income due to security attacks, according to an Infonetics Research’s Costs of Network Security Attacks report. That’s expensive. The FBI estimates such computer crime costs US industry in excess of $400 billion.
Organizations need not possess a high profile to become a target, either. Hackers have created innumerable automated programs that scour the Internet 24 hours a day, 365 days a year, seeking poorly secured systems, servers, PCs and networks to infect and exploit.
Unfortunately, businesses everywhere are falling victim to compromised systems, robotic attacks, identity and data theft and more. Organizations that fail to properly secure client and customer data often find themselves in the middle of security crises that result in bad press, lost sales and forfeited customer trust.
Fortunately, completing simple steps assists small & medium sized businesses in preventing security failures. Here are several best practices all organizations should adopt:
– Implement and enforce strong password security policies for all PCs, servers, network equipment and software applications
– Regularly update operating systems, network equipment firmware and applications with the latest security patches
– Deploy business-class firewalls in all locations; connect no systems directly to the Internet
– Secure all wireless networks
– Disable guest accounts
– Implement Internet and email usage policies that preclude personal use of those technologies
– Prohibit file sharing programs
– Deploy proven antivirus, antispyware and anti-rootkit applications and update them regularly
– Regularly perform security audits and correct all deficiencies