How Often Should Small Business Cyber Security Be Checked?

Cyber Security for Small Business 2019

How often should small business cyber security be checked?  

  • At a minimum, most small businesses should be checking it annually. 
  • If your company has compliance requirements, it should be checked quarterly or even more frequently. 
  • If your infrastructure or software changes frequently, is complicated, or if you are a popular target for an attack, like an online retailer, checks should be run monthly. 
  • If you use a managed service provider (MSP) like Intrust IT, then your IT support provider should be performing the tests for you. We recommend you check that they are following best practices and ask for reports. 

Best Practices for Small Businesses

Even if you work with an IT managed service provider (MSP), don’t just assume that the provider is running the security check at the right frequency. You should receive reports to show what was scanned, any issues that were discovered and what was done to resolve those issues. 

Your IT managed service provider should also meet with you on a regular basis. In those meetings, your account manager should inform you about what security improvements are being made and why. Sadly, we’ve met many companies who thought this was being done but found out later that it was not.

How Do You Test Small Businesses Cyber Security?

A security assessment looks at all aspects of the company’s cyber security and uses automated tools to check for things like insecure open ports on a firewall, missing software patches, bad password policies, etc. 

Today’s security assessment tools are incredibly sophisticated and scan everything rapidly. Because the tools are automated, the costs have become more reasonable as well.

Once a security assessment has been done and all issues are resolved, a follow-up scan should be run. This follow-up scan will confirm all work required was completed correctly. 

After those vulnerabilities are corrected, the next biggest vulnerability to address is in your user population. The cyber security threat posed by users is mitigated with security training coupled with phish-testing. Only after all of this work is complete, then it may be advisable to consider spending money to have a penetration test conducted.

Do You Need Penetration Tests for Cyber Security Screening?

Many small businesses are told by unscrupulous providers that they may need a penetration test or pen-test performed for tens of thousands of dollars. A penetration cyber security test is rarely needed for most small businesses. Instead, internal and external vulnerability scans are the best place to start. 

A penetration test is where someone outside the organization finds a vulnerability in the company’s security. They then seek to exploit that vulnerability to gain access to internal systems and possibly even exfiltrate data. 

If you aren’t sure when your last security assessment was conducted, then you need to contact Intrust IT today and get it scheduled ASAP!

Tim Rettig | IT Support Cincinnati | Intrust IT

Tim Rettig

Tim Rettig, Intrust IT founder and serial entrepreneur, is a tech expert, educator and tireless advocate for employee ownership. His strategic work to build partnerships with clients has made Intrust into one of the fastest growing IT companies—scoring a spot on Inc. 5000’s list of Fastest Growing Private Companies for a total of four years.

Share this Blog

Enterprise Password Management Promo Wide

Is Your Name or Birthday a Part of Your Password?

If so, you’re a part of the 59 percent of people who don’t follow proper password hygiene. More than 70 percent of passwords are used for more than one system, meaning if cybercriminals crack one, they can access a lot more accounts.

Our free Enterprise Password Management Guide will give you the best password hygiene practices to help you secure your computer and your business.

Download the Guide

Explore the Latest Trends in IT

Fundamentals of Information Technology Management - Intrust

IT 101: What Is Information Technology Management?

When was the last time you stopped to think about how your business relies on technology? Information technology management is...
Avoid Pig-Butchering - Intrust IT

Pig-Butchering Scams: What They Are and How to Stay Safe

At Intrust IT, we understand that it may feel like the specter of cybersecurity is always breathing down your neck....
3 Reasons to Replace Aging Equipment - Intrust IT

Three Compelling Reasons Your Company Should Replace Its Aging Computers Before Year-End

As the end of the year approaches, businesses everywhere are evaluating their budgets and looking for strategic opportunities to invest...
What are managed services - Intrust IT

What Are Managed Services? And What Are the Benefits?

Running a business in today’s tech-driven world means you need reliable IT infrastructure. But let’s be honest, managing IT in-house...
Windows 10 End of Life How This Could Impact Your Business - Intrust IT

Windows 10 End of Life: How It Could Impact Your Business

As Microsoft officially plans to end support for Windows 10 on October 14, 2025, businesses need to begin thinking ahead....
AI implementation Roadmap Intrust IT

Master AI Integration With Our AI Implementation Roadmap Guide

AI is one of the greatest technological breakthroughs of the last few years. It has become our handy assistant, data...