Hopefully you’ve been protecting yourself.  If not, here are five things you can and should do today to safeguard your business.

1. Lock down workstations

Users need their workstations to do their work, of course, but that doesn’t mean they should have carte blanche to download whatever software they want. By blocking users from installing software they don’t need or shouldn’t be using to begin with, you cut off a major source for the influx of malware at the source. There’s going to be a bit of work on your end to institute this policy, but remote management and administration makes enacting it very easy. And the result? No malware!

Another point I’d like to make about locking down workstations has to do with passwords. This is going to make you even more unpopular with your users, but you need to establish AND enforce a strict password policy that comes with a specific set of requirements (upper- and lowercase letters, numbers, and even special characters) and that requires them to be changed on a regular basis.

This may seem like an inconvenience, but weigh it against the cost of a security breach because so-and-so’s password is and always has been “password.” Even the most amateur hacker can guess that one, which brings us to the next item…

2. Restrict access to networked folders

This one seems obvious, but sys admins forget it all too often. Is the marketing team peeping into HR files? Is the person at the front desk able to access the patent-pending schematics or secret recipe in the documentation drive? Why?!?! You cannot afford to be so generous with your permissions.

The solution for this one is pretty easy. Put together some group policies that allow access to relevant shared drives and bar access to erroneous ones, and then assign users to the appropriate groups.

3. Keep anti-virus up to date

Having an anti-virus service on all your business devices is good, but it’s not enough. First of all, free anti-virus only gets you so far; you need to invest in high quality business-grade anti-virus software if you’re going to stand a chance. And once you’ve got that deployed, you need to make sure that scans are being run regularly and that definitions are being updated on a consistent basis. Not so bad, right?

4. Keep browser up to date (may mean disabling add-ons)

Everyone has their favorite browser (in fact, some of us use different browsers for different online tasks), but every browser has a system of updates to patch potential security holes. You as an IT Pro need to make sure that updates are being applied appropriately.

Additionally, maintaining browser security may entail disabling add-ons, so always keep an eye on the latest announcements about vulnerabilities.

5. Use a hardware-based firewall

Operating systems may include built-in firewalls, but software-based firewalls are not enough. A state-of-the-art hardware-based firewall will protect your business from outside intruders, and it can be configured to provide content filtering to protect your business from self-inflicted malware wounds.

Security is about defense, and defense should never be static. You need to anticipate threats and potential sources of security lapses, and that means you need to be proactive. These are only a handful of examples, but they provide a good first step in addressing security for your small or midsize organization.