8 ways small businesses are getting IT security wrong

In a modern business environment governed by digital applications, web-based tools and sophisticated IT infrastructures, small business owners have the freedom to be more productive and innovative than ever before.

Sadly, for those who lack the technical know-how required to manage IT systems effectively, sensitive business information can prove an easy target for the web’s growing number of cyber criminals.


Here, we highlight eight ways small businesses are getting IT security wrong, and provide useful tips on how to avoid similar pitfalls.

  1. Out of date security software

Implementing the latest security software across all of your IT hardware is arguably the most important aspect in ensuring complete security online, yet many companies don’t use reliable antivirus software. To keep your systems clean and free of harmful malware, invest in security software from a reputable security firm like AVR, and be sure to carry out regular updates to ensure maximum security across your network. 

  1. Lack of basic IT security training

For small businesses that employ a team of staff, it becomes even more difficult to monitor security. All
too often, staff lack the basic training and knowledge required to combat cyber crime in the workplace – something which could wind up costing you thousands. Be sure to provide IT security training to all staff to help them stay safe online. IT Governance offer a great range of courses specially developed to help IT workers manage cyber security. 

  1. Vulnerable mobile action plan

Given the astronomical rise in mobile technologies, cyber thieves have adapted their criminal practices to target the world’s growing number of mobile users. Companies who neglect to implement a secure mobile action plan risk sensitive data being accessed through devices connected to a corporate network. Ask staff to password protect mobile devices, and place encryptions on their data if you deem it necessary. 

  1. Zero access prevention 

Nowadays, it’s not the hardware itself but what’s contained within it that criminals are most interested in. So it’s important to password protect all business machines to prevent unauthorised access. Small business owners who don’t provide individual accounts for their staff risk sensitive company information falling into the wrong hands. 

  1. Unlimited access to sensitive company data 

Trusting your staff is one thing, but providing one or two employees with unlimited access to sensitive company data is never a good idea. Not only could the information quickly become corrupted by malware or viruses, security will likely be much more difficult to manage. Instead, provide only the data required for them to do their job, and place stringent security measures on the remaining data. 

  1. Unsecure wi-fi networks 

It may sound obvious, but if you have a Wi-Fi network in your workplace, make sure it is secure, encrypted and hidden to prevent any unauthorised access. Often, companies setup their wireless so that it broadcasts the network name to those nearby – with some businesses even forgetting to password protect access to the router. 

  1. No firewall security deterrent 

Don’t ask us what it is, but a firewall provides a solid defence against cyber criminals, malware and online secuityviruses. Installing a dependable firewall from a reputable security company is one of the first measures you should take in counter-acting cyber abuse; yet many organisations fail to install one altogether. For help in choosing a firewall that meets your hardware requirements, check out this excellent firewall guide from Tech Republic.

  1. Poor data backup schedule 

As the marketers say, “Data is King” when it comes to effective online business growth, so your number one priority should always be the security of your data. Sadly, few companies backup their data at regular enough intervals, which can often result in costly data loss. If you rely on data, be sure to backup it up regularly. Creating an automated data backup schedule is a great way to ensure you never forget to backup key business data and information.