Security assessment approaches in your small business

What is the best way to start assessing your company’s cybersecurity issues? First, look around at what you have.

Small business owners have a lot to think about, but ensuring security needs is a top priority. As soon as a company accumulates funds and data, cyberattacks may hit at any time.

The first step in ensuring security is to look around at what you have – namely what hardware and software is used in your company, what issues may arise, and what kind of protection is needed.

Software and malware protection

Software is the primary source of most problems. The most popular and widely used software – such as Microsoft Windows, Microsoft Office, Adobe Flash, Adobe Acrobat, and Oracle Java – is notoriously vulnerable on its own, but due to its popularity, security experts (both “good” and “evil”, i.e. malicious hackers) seek and find new flaws and write malware. Protection from malicious software is the primary point for any security solution. 

Backup and restore

Backing up data is another immediate priority for businesses. It’s important not only to protect against corrupted software, but also because hardware may fail and specific files may vanish. Every malware is harmful, but some may turn your business into shambles overnight, – Cryptolocker encrypting ransomware, for instance, is best countered with offline backup. In fact, backing up your data is probably even more important than having an up-to-date anti-malware solution.


Working with partners’ and clients’ information? Be prepared that some bad people may want to see it as well. Failure to keep that data safe may have severe consequences for your company, both material and reputational. The only way to ensure this data doesn’t fall into the wrong hands is to store it encrypted. Of course, it’s not about encrypting it by hand – and not about feeding it to Cryptolocker either – there are ways to automate the process.


Handling dozens of password is a chore, and in time, the number of regularly visited resources grows, as does the need to remember their passwords. Passwords are a notoriously weak spot, and there are not many working alternatives. Still, instead of remembering loads of passwords, it is possible to use just a single combination – the one used to get access to password managing software.

A password manager can generate any number of unbreakable combinations that would be used on the Web, and store them encrypted so they are not discovered (Sony-style), even if hackers penetrate your network. Overall, a password manager helps tremendously, while decreasing the risk level.



Cybercriminals go to great lengths to access other people’s funds, and an extra level of protection for electronic payments is a need, not a luxury. Banks and payment services offer some degree of protection, occasionally a pretty high one, but it doesn’t mean that their clients can forget about protecting themselves. A good e-payment protection solution would block any malicious attempts to intercept payment data, preventing both PC and mobile malware from doing it.

Mobile devices protection

By the way, protecting mobile devices from malware is a necessity as well. Almost everyone has a mobile device, and they are used for both personal needs and for work, which means that the data protection solution should cover these devices.

Sorry, no dedicated admin available

While even in small companies there can be lots of IT security-related factors to consider, not every smaller business can afford a dedicated, professionally trained admin. Most likely, it is the owner or some of the more tech-savvy employees who perform IT tasks. A security solution that doesn’t make such a “makeshift” IT worker stumble, and that in the worst case would only require one-off guidance from the IT expert, is ideal. 


Small businesses need to find a security solution at a reasonable price. By “reasonable” we mean “low”: small businesses might not be able to afford something expensive, such as an enterprise-level security solution, and they won’t need it, either.

Some small companies take an unsafe approach, using the home-level antiviruses, occasionally even free ones. These AVs aren’t exactly suited for use in a business environment. All of them are oriented on home users, provide only very basic protection against malware, and there are no business features.

Here we have listed the primary demands that small businesses would raise when considering a security solution. Kaspersky Small Office Security is specifically developed to meet these requirements: it delivers business-grade protection from malware and hacking attacks for both PCs and laptops, as well as Android-based mobile devices. It also protects your electronic payments from all attempts at interception. It has built-in encryption tools, password manager, and provides backup and data restore capabilities. It is very easy to work with, thanks to a clean and plain interface.

For more detailed description of Kaspersky Small Office Security please visit here.