10 tips to secure your small business network

6. Speaking of Web servers on the Internet, if you have them, you should scan regularly for exploits. There are many sites that can do this, two of my favorites are SPIdynamics.com and Qualys.com. Also, make sure to keep track of your domain registry and change all of your access passwords regularly. If you update your Web content, don't use FTP or Microsoft's Web page creation tool, FrontPage; instead, find more-secure methods that don't send your access passwords in the clear. You can learn about other ways to protect your Web site at OWASP.org.

7. If your ISP offers such an option, use a VPN (virtual private network) for access back to your local LAN or your remote Web server. There are many to choose from, ranging from the free OpenVPN.net to inexpensive but capable ones from SonicWall and Fortinet, which are designed for small business owners.

8. Disable file/print sharing on everything other than your file server. You don't need it on each desktop, and that just causes more vulnerabilities. This is particularly important for laptop users: You don't want to be broadcasting your entire file system to everyone around you at the airport or hotel, which is something that I often see when I travel and check for open network shares.

9. Use whole disk encryption on all laptops that will ever leave home. You never know when someone will steal your data or break into your car or hotel room and lift the laptop. I like PGP Disk, but there are others that cost next to nothing and provide plenty of protection. If you are in the habit of carrying around USB thumb drives with your data, then use one of the more modern U3 drives that work with Windows and are at least password-protected to keep your data away from others.

10. Start doing regular off-site backups now. At least start with making copies of your key customer and business data, and then make sure you cover your personal files, such as family photos and the like. Now is the time to cook up something simple. Burn DVDs and take them home, or make use of one of the online storage vendors such as eVault and Amazon.com's S3. They cost less than $100 a year (Amazon's less than $10 a year) and can save your data in case of fire, theft or just carelessness. If you have two PCs in two different locations, sign up for Microsoft's Foldershare.com   free service to synchronize your data.

Now, there are plenty of other security options that will buy you peace of mind and make it harder for hackers, but these 10 items are easy to implement, don't cost much in terms of your time and money, and will have big security payoffs. Try to attempt one item each week and you'll sleep better at night.

David Strom is a writer, editor, public speaker, blogging coach and consultant. He is a former editor in chief of Network Computing and Tom's Hardware and has his own blog at http://strominator.com. He can be reached at david@strom.com.

Read more about networking and internet in Computerworld's Networking and Internet Knowledge Center.