While you use firewalls, anti-virus and other network systems to protect the "back door', you're leaving the "front door" wide open.  Most businesses are unaware what employees are doing, or able to do, with company data.  The most serious security risk to your business is NOT hackers but your employees.  IT Security professionals are yelling this message loud but most businesses are ignoring the trend.

3 Things you can do to protect your business:

Policy

At least have IT policies to define the expectations of how company IT  and data should be used.  Its hard to address a problem in the business when employees were not informed of their responsibilities.  It may seem like common sense to you but it is very important to educate your employees about what is acceptable.  Here is an example:

"Electronic Use Policy"

Technology

There are technologies available that allows a business to control every aspect of an employee's use of company technology.  These toolsets are very cost effective and full of rich features but most business leaders are unaware of them.  Like all security tools, they should be selected and adjusted to fit the specific needs of each business but it is critical that something is used.

Diligence

Once you have set expectations and implemented technology, you must be diligent in reviewing, adjusting and maintaining your security solutions.  The threats change all the time because technology, and the ways people use technology, changes all the time.  This is not a "fire and forget" solution, it requires upkeep, so plan for it.

Of course, helping businesses with IT is what Black Line does so contact us if you want to discuss end-point security more.