Get All Access for $5/mo

Why You Might Need to Rethink Your Internet Security -- Now These four steps can help you move beyond firewalls and antivirus systems.

By Jeremiah Grossman

Opinions expressed by Entrepreneur contributors are their own.

Why You Might Need to Rethink Your Internet Security -- Now

When you're starting a company, putting all the technologies in place can be challenging. In addition to servers, laptops and websites, you also need security tools to make sure the wrong people don't gain access to your information.

Entrepreneurs often invest heavily in antivirus software, firewalls and security appliances designed to protect internal systems. But this limited approach ignores how machines and people communicate to one another outside your walls. From sales and inventory to payroll processing, systems continuously talk to each other across the web.

Here are four steps that can help you strengthen technology security beyond your internal systems:

1. Be aware of how your company communicates online.
The simple days of using the website as a brochure are over. Nearly all business websites pull information from internal resources, including databases, payment portals and inventory management, directly to a browser, mobile phone or other connected device, traversing a dozen potentially untrusted external networks in the process.

Related: How to Make Your Website Hacker-Proof

These external networks are sometimes overlooked as a security concern, even though they can get companies in trouble by compromising credit-card numbers, personal records and valuable intellectual property. And if you're using a third-party software tool, you can't always trust that the provider knows safe coding methodologies. Your site should be scanned in its entirety -- not just your code, but the third-party vendor's code, as well -- to identify and fix vulnerabilities.

That means you have to make internet security just as important as protections for your internal systems and devices.

2. Take a holistic approach to security.
Evaluate your business and security systems holistically and ensure that all operations are secure both internally and in their external connections. This starts by examining how every business unit, development team or product offering relates to security.

A simple method might be to create a flow chart to diagram where information comes in and goes out from your company. For widget orders, for example, there's an exchange at both the payment and communications gateways. They both need to be secure -- not only the systems individually, but also the places where they connect to the Web to send or receive data.

3. Select a security expert.
Too many companies don't have a security officer as a part of the core business team. Without someone in that role, security often becomes an afterthought.

This doesn't mean that you need a chief security officer on the executive board, but you should have someone with the experience to know the right questions to ask and to challenge your teams to rethink their strategies for software development, web connectivity or any external data connection.

Related: How to Determine If Cyber Insurance Coverage Is Right for You

For example, if your sales and marketing team suggests that you need a new widget that connects to your customer relationship management (CRM) database, an expert should ask:

• What are the business objectives?
• What information will be collected?
• How will the information be accessed or shared?

The expert should then go back to your development teams with guidelines for creating the most secure program, app or website from the start, rather than trying to fix it later after it goes live.

4. Be diligent.
Security isn't a "set it and forget it" business operation. There isn't a "done" indicator to say that you've included all the required ingredients for creating a secure company. You must assess security solutions and methodologies on an ongoing basis because vulnerabilities and external threats are constantly changing.

I often find myself telling business leaders that they can't simply implement the security measures that everyone else does or are necessarily most popular. In the end, you have to look at what is right for your business, address your most critical functions and make an ongoing commitment to security.

Related: Keeping Passwords Out of the Hands of Hackers

Jeremiah Grossman is founder and CTO of Santa Clara, Calif.-based web security firm WhiteHat Security.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Starting a Business

He Started a Business That Surpassed $100 Million in Under 3 Years: 'Consistent Revenue Right Out of the Gate'

Ryan Close, founder and CEO of Bartesian, had run a few small businesses on the side — but none of them excited him as much as the idea for a home cocktail machine.

Franchise

The Top 10 Coffee Franchises in 2024

From a classic cup of joe to a creamy latte, grab your favorite mug and get ready to brew up success with the best coffee franchises.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Marketing

How Small Businesses Can Leverage Dark Social to Drive Word-of-Mouth Marketing

Dark social accounts for 70% of social media shares and is crucial for small businesses. Here's how you can tap into this hidden marketing opportunity.

Business News

'Jaw-Dropping Performance in 2024,' Says a Senior Analyst as Nvidia Reports Earnings

Nvidia reported its highly-anticipated third-quarter earnings on Wednesday.

Business News

'Do You Sell Cars?': Tesla CEO Elon Musk Trolls Jaguar Rebrand on X

The team running Jaguar's X account was working hard on social media this week.