10 ways small business can improve security during a recession
by David Kelleher - GFI - Friday, 24 April 2009.
6. Data Handling Policies

Implement stringent security policies with regard to how data is accessed, handled and transferred. Technology alone will not protect a company’s data. Strong and enforceable security policies as well as employee and management’s awareness of security issues will go a long way towards improving the level of storage security within an organization.

7. Simple Employee Communication

Explain the meaning of each policy in clear and simple language how each one is implemented throughout the organization.

8. Employee Education

Employees need to be reminded that they should not leave their passwords written on a sticky note on their monitor. They need to understand that sharing passwords is equivalent to sharing the key to their home. They need to be told not to divulge any information to third-parties without authenticating the request. They need to have a basic understanding of security and the most common threats, eg email phishing and social engineering. Additionally, they should be reminded that their actions are being monitored and that they are accountable to the company.

9. Backup Everything

Backup all communications and data to, from and within the business. Check your backups regularly to ensure that if the company’s network is down, you can get everything online in a short time-frame. You don’t want to be in a position where your backups are corrupt.

10. People Management

Storage security is more than protecting the data using technology or placing it under lock and key, it is also an exercise in people management. The people using and creating the data are the greatest threat and weakest security link.

Even with spending overall on security expected to rise, “doing more with less” will remain the mantra for much of 2009. By following these basic tips, SMBs can get through the challenging economic climate without compromising their IT security.


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th