* Make sure you keep your antivirus software updated at all times and that your data is stored in a secured environment that adheres to the latest ISO security standards.
* Educate your staff about phishing scams and the hazards of clicking on an unknown site or downloading an attachment from an unknown source. Make sure they understand the increasing security risks posed by social media sites.
* If you hire a security consultant, make sure the firm is reputable and experienced so you feel confident you have the best controls in place for your business.
* Make sure you have a strong BYOD policy in place that limits the way personal computing and mobile devices are used with regard to work and work-related data.
* If you use off-site workers, look into a secure cloud computing environment that avoids storage of data on remote workers’ personal computers.
* Make sure your employees have a strong password that does not contain personal information and which features a combination of uppercase and lowercase letters, numbers and special characters for added strength. Change passwords every three to six months, and don’t recycle old passwords. It’s a hassle, but it’s well worth it.
* Make sure your security measures are as user-friendly as possible. Complex protocols like restrictive file-sharing policies are more likely to be ignored, which means more risks for your business.
Implementing these small steps takes time, but in the end, your business will be better protected against the rising tide of cyber attacks.