Small businesses and organizations may be daunted by the perceived resources it takes to secure their systems; however, not making cyber security a priority could be a costly decision.  The following six tips represent key security principles that we recommend implementing in any business setting, and provide a starting point for a more holistic information security plan.

1. Ensure that all employees use effective passwords.  Encourage passwords that are comprised of different characters and change them every 60 to 70 days, but no longer than 90 days.  For example, use C@tandD0g instead of catanddog. Consider using multi-factor authentication as a way to better secure your systems.

2. Protect your systems.  Install and use anti-virus, anti-spyware and anti-adware programs on all computers in your business.  Ensure that your computers are protected by a firewall—firewalls can be separate appliances, built into wireless systems or a software firewall that comes with many commercial security suites.

3. Keep all software up-to-date.  Ensure that all computer software is up-to-date and contains the most recent patches (i.e., operating system, anti-virus, anti-spyware, anti-adware, firewall and office automation software). Most security and operating systems contain automatic updates; make sure that function is turned on and sign up for security notifications from the software company. Without updates, your systems will not be well protected against new cyber threats.

4. Create backups.  Make regular (weekly) back-up copies of all of your important data/information.  Store a secured copy away from your office location and use encryption to protect any sensitive information about your company and customers.

5. Be prepared for emergencies.  Create a contingency plan for your business so you can recover if you experience an emergency.  Include plans to continue business operations at an alternate location when necessary.  Test your plan annually.  Make sure to erase all data on the hard drive before recycling or throwing away a computer.

6. Report Internet Crime.  Locate and join an organization of your peers for information sharing purposes.  If you suspect fraud or criminal intent, report it to local law enforcement agencies, local Federal Bureau of Investigation, Secret Service or State Attorney General’s offices.