The goal of cyber security is to make your system a less desirable target by putting countermeasures in place. This means more time, money, and resources required for a hacker to break into your system. If the payout is not going to be worth the resources the hacker has to invest to find vulnerabilities, he or she may look for easier targets.

Here's a list of tips for how to harden your systems and protect your business:

Staff and Policies:

• Establish and communicate security policies for your company. Make security a priority, and discuss it regularly in team meetings.
• Train workers how to spot and avoid being duped by phishing emails.
• Make sure every worker in your company has antivirus and antispyware software installed on computers, with automatic updates for threat definitions, even for personal devices they use for work purposes in a bring-your-own-device (BYOD) environment. For those who use Windows 10, Windows Defender protection is free.
• Enable the malicious website or malware detection settings in all staff browsers, to warn or block workers from visiting infected sites.
• Back up all data for all workers, from all devices, as well as data in company apps or servers. Cloud backups synced to happen automatically are reliable and cost effective.

Wi-Fi:

• Secure your Wi-Fi networks in your business and at home by activating WPA2 encryption, and by creating strong passwords.
• When traveling, avoid free public, unsecured Wi-Fi whenever possible. Use a VPN to connect to company systems, and use your own mobile hotspot that you can secure.

Software, Systems and Devices:

• Enable settings to automatically check for and install software updates.
• Use cloud software applications by reputable vendors. They typically are able to provide more hardened security than a small business can on its own.
• Have a mobile device action plan, including the ability to do remote lock and data wipe for lost or stolen laptops, tablets, and smartphones.
• Deploy central cloud document storage, so you never have to worry about losing important customer, legal, and business documents. Office 365 and Google G Suite are easy, low-cost solutions to put into place.
• Require strong passwords. Consider biometric security (such as Hello, Microsoft's face scan app) for desktop computers and especially mobile devices.

Website:

• Keep all website software updated, and arrange for nightly offsite backups of data. Don't assume your hosting company backs up your data; depending on your hosting plan, they may not.
• Consider using a security service such as SiteLock or Sucuri. Your hosting company or a CDN such as CloudFlare may also provide security.
• Be sure you understand what types of risks are covered and not covered by a security service. For example, cleaning up a hacked website can involve hundreds or even thousands of dollars. Many hosting companies tell you you're on your own for cleanup. Understand who is responsible (you, a security company or your hosting company).
• If you don't want the responsibility of arranging your own security, use a hosted website platform such as Wix, Weebly, or WordPress.com (the central-hosted version of WordPress), and for e-commerce a hosted solution like Shopify or BigCommerce. Reason: the vendor is responsible for security, including PCI compliance for payment transactions.

Insurance:

• Last but certainly not least, consider cyber risk insurance. Insurance won't help prevent a cyber-attack, but it can cover liability for customer data breaches and other liabilities.

If you are proactive and stay on top of your digital security protocol, it will keep you and your business safer and will allow you to react quickly in the event of a breach.

This article originally appeared on Inc.