Small businesses need to find ways to more generously finance cyber security and seriously plan and create security procedures. They also need to adopt ways to better protect data and connected devices from cyber-attacks, which like security procedures, is largely about strategy, not finances.

In this vein, here are some tips:

Make security part of your company culture. Studies have found that the human factor was involved in more than 85% of breaches, whether it entailed falling for a phishing attack or using easily decipherable passwords. These can be mitigated through expansive awareness programs that don’t stop with a playbook of possible attacks. They also infuse safety into the organizational fabric, constantly reminding employees of their responsibility to keep the organization safe.

Deploy malware prevention software and keep it updated. It would be best to have software that protects devices from viruses, spyware, ransom ware and phishing scams. Make sure it’s updated regularly.

Require use of strong passwords and two-factor authentication. The easiest way to break into a business network is by guessing passwords. Most people use a single password for multiple sites and accounts. All employees should have unique passwords for each of their accounts. Password managers are the best method for achieving this goal.

Back up data regularly. It’s best to have multiple backups of company data. This way, if you become the victim of various cyber-attacks, you’re not totally out in the cold.

Limit employee access. It makes sense to segment and limit employees to only the systems and data they must access. If tight access controls are maintained, you’ll limit the damage that any single user can do to your network security.