I am very particular when it comes to securing my properties either offline or online. If it comes to Online, the security is biggest concern as nothing is safe in the age of advanced technology. Hackers gone smarter than ever.

But, there are technologies which can keep our properties safer. There is need of choosing the best technology for the security. You need to be smart enough to know whether the technology you are using is worth of the money.

Steinberg covers 4 points we don't usually see given enough attention when it comes to securing information:

(1)after being breached

(2) mitigating the rissks of "human issues"

(3) reducing egress points inherent in widespread mobile device use (byod)

(4) defending against DDoS attacks

Actually, there is much more talk about DDoS these days but its more at the enterprise level; smaller organizations aren't taking this serious enough yet.

1) security is an onion. It requires layers to be effective. If you're putting all of your defenses into the latest-and-greatest firewalls and ignoring the internal network with proper network segregation, IDS, HIDS, logging, and other management, then you will definitely lose your ass whenever the bad guys show up. They will show up.

2) Security training is crucial to companies, but one of the most overlooked aspects of a complete security platform. Train your people, perform red team exercises, keep them wary and alert. Post reminders, emails, Drill them. They are your first line of defense.

3) I'm not a fan of BYOD. Never have been. I'm assisting one client reviewing packages, but I feel that using alien systems on a secure network blur the line too much for me to be comfortable with it. Corporate security should be a bright, strong line between "inside" and "outside". It should not be any shades of gray.

4) "Defending against DDOS" is like "keeping dry in the middle of the ocean". Keeping a working relationship with your upstream providers is good. Moving your web platform off to a big player like Akamai or Cloudflare can definitely help here. Pricy, but it can keep critical systems up.

I'll reiterate point 1 some more. Security really is an onion. You can't plug security into the wall, hit the 'start' button and mark a checkbox on a form. It's an entire program which has training, change control, processes and procedure, intrusion detection, AV, file change monitoring, and a dozen other items in place and functional. Sadly, a lot of companies ignore critical components due to the time, efforts, or price tag involved.

I take several measures to secure my online properties. I think that this should be among the priorities for any internet business owners, even more if it's generating a good amount of money. A part of the revenue should be reinvested into security.