9 things you can do for your SMB to avoid a data breach

You can never really tell if your business is going to be hacked. Hacking a large enterprise needs  specialized skills. Guess, who will the average skilled hackers go after. They are looking for weaknesses and will pounce when found.

If you are not doing any of these nine things, you’re definitely are at higher risk of being hacked.

1. SMB has higher employee turnover. Do something about it.

Some industries and companies have more turnover than others. When employees leave, they sometimes take data with them—usually inadvertently but sometimes on purpose.

Do your best to limit turnover—one way to reduce the chance of a hack, while reducing your employee training costs.

2. Remote or mobile staff. Put tools to protect data.

When employees move around, data move with them. If an employee is remote, then they are connecting to your database from various connections—and they are all not secured.

IT person should help you to make sure you have strong data management and connection tools in place and make sure it is monitored.

3. Get some IT support.

Even the smallest companies are exposed to data hacks.  Get IT person to evaluate your risks, install software, monitor activity, and keep things up-to-date is a critical and essential business cost. The amount of IT support depends on your size and activity—look at part-time or monthly.

4. Invest in security software.

Subscribe to one of the great security applications. These software applications are inexpensive, run quietly in the background, and are checking for malware, viruses, infected websites, and other tools of the hacker.  Make sure this software is always updated as new threats are constantly identified.

5. Train Your employees.

Most security problems are from employee-related errors—clicking on bad websites, opening infected files, phishing links, and so on.  Invest in training a few times a year with a good IT security firm so that your employees are aware of new threats and can avoid doing dangerous stuff.

6. Put procedures for securing data.

If you are handling health, financial, or other personal information about your customers, and it gets stolen, you could have a big problem on your hands.  Keeping this data in an unprotected place means that hackers are going to find it.  If this is you, then you’re going to need procedures and policies around the safeguarding of confidential customer data.  And after they’re written, training will be required to ensure that your employees are complying.

7. Update your computers and operating systems.

Thousands of computers around the world are still running older, out-of-date versions of Microsoft Windows.  All hackers’ need is one vulnerable computer to attack and then can get on a network and wreak havoc. One of the best ways to avoid a hack is to ensure that all of your computers are running the most recent versions of Windows or iOS all the time.  If a desktop or other device is too old to handle the new operating systems, then buy a new one.  The cost will pale in comparison to the cost you’ll incur if you’re hacked.

8. Monitor BYOD policy.

Are your employees allowed to bring their own devices and use them for work?  That’s what most companies do. Unfortunately, this can create security issues if they are not monitored.  Many companies use remote management software to install company apps on their employees’ devices for a secure access, while other companies issue their own devices to their employees that have been secured.  So, what is your Bring Your Own Device policy?  Every company must have one and every company must have an IT person monitoring those devices.

9. Enforce Password changes.

Most people are pretty complacent with passwords. You must require a more complicated password for your employees to enter your network—a combination of letters, numbers, and symbols—and this password should be required to be changed every few months. This way passwords are more difficult to hack, and hackers may move on to easier targets.

No, you can’t completely avoid being hacked.  But if you’re doing all these nine things, then you are increasing your changes a whole lot!


abdul hafiz

Author: Abdul Hafiz

Enterprise Solution Architect


  • Microsoft Partner for providing Cloud Solutions in Chicago, Illinois
  • Top Managed Security Service Providers (MSSPs) in Chicago, Illinois
  • Inc 5000 Fastest Growing Companies in US
  • Best Managed Security Services Providers in Chicago, Illinois