- 77% do not have a formal written Internet security policy for employees.
- 63% do not have policies regarding how their employees use social media.
- More small business owners (45%) say they do not provide Internet safety training to their employees than those that do.
- Two thirds (67%) allow the use of USB devices in the workplace.
- Six in ten (59%) say they do not require any multi-factor authentication for access to any of their networks, and only half (50%) say that all of their machines are completely wiped of data before disposal.
What to do?
Finally, follow these best practices, from StaySafeOnline.org:
- Fully protect your own computer systems and keep software, browsers and operating systems current.
- Scan everything you attach to the network.
- Keep hackers out with a good firewall.
- Filter for spam.
- Train employees to be vigilant.
SMART TIP: Invest in developing appropriately stated and structured policies and practice strong security measures now, so you don’t have to do it after a breach.