Steps to stronger small business security online

Steps to stronger small business security online

Although Kevin Casey of InformationWeek said small and mid-sized businesses have some good excuses for having less-than-great security on their website than larger companies, such as slim budgets and smaller IT departments, he said companies can be secured either way. It doesn't take a big company to purchase some high assurance SSL certificates that can help make the difference between a security breach and staying safe online.

Yaron Baitch, director of IT and information security at Bob's Stores, an athletic sportswear company, shared with Casey ways businesses can help secure themselves with a panel at the RSA Security conference.

"It's a fairly straightforward recipe grounded in an organizational understanding that the company's bottom-line health is at stake," Casey said. "And it works: Bob's Stores has never had a breach. Baitch half-jokes that acknowledging this fact makes his company a juicier target for hackers. Dark humor aside, that speaks to a basic security mistake many SMBs still make: Thinking no one would bother with their 'small' business."

Baitch said security is a state of mind, and a basic level of awareness is a must not just for the IT department, but for everyone in the business. He said one little slip can cause the entire company a world of hurt. Another thing to keep in mind, Baitch told the panel, is letting pain points make the business case. He gave PCI compliance as an example, saying they are a pain to deal with but help keep a company safe. He said businesses should also know their strengths and outsource their weaknesses that they cannot do well enough.

Yahoo said high assurance SSL certificates offer peace of mind to website visitors, as an SSL connection will show the "lock" icon in the browser. This should go a long way toward making a customer feel more comfortable when shopping on the eCommerce website and will help make them return customers.