– Implement a combination of security protection solutions (anti-virus, anti-spam, firewalls).
– Carry out regular security updates on all software and devices.
– Implement a resilient password policy (min eight characters, change regularly).
– Secure your wireless network.
– Implement clear and concise procedures for email, internet and mobile devices.
– Train staff in good security practices and consider employee background checks.
– Implement and test backup plans, information disposal and disaster recovery procedures.
– Carry out regular security risk assessments to identify important information and systems.
– Carry out regular security testing on the business website.
– Check provider credentials and contracts when using cloud services.
Read the full report here – http://www.fsb.org.uk/frontpage/assets/fsb_cyber_security_and%20_fraud_paper_2013.pdf