Security Pyramid Description

The Small Business Security Pyramid

Minimum Must-Have Tactics

Business Class Firewall, Next-Generation Antivirus/EDR, Advanced Email Threat Protection, Onsite + Offsite +Offline Backups, Multi-factor Authentication (MFA), AD/Cloud Security Hardening, Monthly Security Inspection & Updates.

Highly Recommended Tactics

Firewall with Intrusion Prevention System, Encrypted Password Management, Web Content & URL Filtering, End-user Security Awareness Training. Advanced Tactics: Centralized Mobile Device Management, Annual Security Scan & Vulnerability Testing, Annual IT/Security Policy Review & Updated, Annual Business Continuity/Disaster Recovery Plan Update.

Pro Level Tactics

Regulatory Compliance Standards (eg. NIST 800-53, HIPAA, etc.), Organization-wide Data Encryption.

A diagram showing four levels of small business security protection.