5 Best Security Practices for an SMB

Our managing partner, Dustin Bolander, sat down to discuss 5 best security practices you can implement to reduce the risk of encountering a security incident. The conversation has been lightly edited. You can watch the video here: www.youtube.com/watch?v=8pGVniwvCII

What are 5 things you can do to help increase security at your small business? First, a bit of relief, as an SMB they are probably not targeting you so you just want to be a harder target than your neighbor. The five things you can do relatively affordably are:

  1. Security Awareness Training: A lot of attacks happen because a suspicious link gets clicked on. Train your people monthly, even if it’s just doing testing emails to try and get them to click the link. Then at that point, they learn their lesson right? Even if they get paranoid that their IT guy is out to get them with tricky emails. That is still good because they aren’t clicking things. This needs to be done monthly and for everyone in the company, not just one department.

  2. Patching: within 30 days of a vulnerability coming out get those updates installed, and get those security patches. There are a lot of situations where these attackers are getting in through the latest Microsoft or VMware vulnerability. By getting that vulnerability patched within 30 days you are substantially lowering the chances of something happening.

  3. Multi-Factor Authentication (MFA): A lot of programs have MFA built in for free now. There is no excuse to not do it besides it’s inconvenient. Microsoft released a report a couple of years ago that said MFA stopped 99% of attacks against logins. It is one of the best defenses you can have and it doesn’t cost you anything besides 2 seconds on your phone to hit the approve button.

  4. 24x7 Security: Hackers are going to get in at some point. It is a question of when not if these days. Having true 24x7 security that helps detect them and get them out of the system as fast as you can. Even for a small business, it has gotten pretty affordable. You’re looking at $15 a month per user, or substantially less in a lot of cases.

  5. Good Reliable Backups: Hopefully you don’t need them but having good backups that are disconnected from your systems that are stored in the cloud that hackers can’t get to if they do get into your systems. That way you’re able to get the business back online quickly.

If you need help implementing security practices or writing security policies, we would love to be a resource for you. Fill out this form to find out more:  

Trey Hiller