It’s almost shocking to learn how many business owners don’t take proactive action to protect their business networks. Unfortunately, too many CEOs feel that their computers are just fine out of the box and perfectly protected. In fact, company networks and PC’s are more at risk of infection and infiltration now than they have ever been in the past.

They’re helped along in this false sense of safety by the many PC manufacturers who now ship computers with a trial version of a consumer anti-virus product installed. For many, those constant reminders to register their anti-virus software seem as good as a free pass to ignore basic preventative maintenance and to follow basic security policy. Most end users, especially in business environments, don’t realize that these consumer-oriented antivirus programs are both temporary trial versions that soon stop working, and not a fit for the heavy duty protection a business environment requires.

What’s worse, recent research by anti-virus firm Kaspersky believes that end users and business owners drastically underestimate the threat posed by malware and hackers. In a recent survey, respondents largely believed that there were about 4,000,000-6,000,000 new pieces of malware per year. In fact, security researchers actually identify over 200,000 new malware pieces every DAY. Over 12 times as many as people believe. So what are your business’s biggest vulnerabilities, and how can you close them? Here’s our top list.

1) People Problems – The number one way malware and hackers penetrate business networks is through exploiting people rather than technology. This encompasses things like employees who download malicious files unknowingly, or those who reuse the same password on countless sites, including their work accounts. This category also includes users and employees with malicious intent, and those who actively go out of their way to hurt your company.

The best way to curb this problem is to have a strong security policy, and to train every employee on it. Require frequent password changes, lock down unnecessary web browsing and file downloading, and make sure disgruntled employees are identified before they can download a virus onto the company network.

2) Build A Wall – Many business owners, especially small business owners, often choose to save some money by relying solely on endpoint protection for guarding against hackers and malware. That is, they count on infections being prevented or stopped once they already get to individual laptops and computers, using conventional antivirus software. Unfortunately, by the time the dangerous software gets to the end computer, it may already be too late to do anything about it.

Instead, businesses should invest in a strong perimeter security infrastructure to put a shield between their computers and networks and the full internet. The investment is not nearly as expensive as many small business owners think it will be, and the protection offered by having several layers between you and the web is exponentially better than simply counting on end-user anti-virus software.

3) Protect Mobile Devices – Most businesses are still struggling to understand how mobile devices fit into their information security infrastructure. More than any other device, cell phones and tablets straddle the line between purely business and purely personal, and many employees use both their business phone and their personal phone for both purposes. In fact, increasingly many employees are combining the business and personal phone into one single product, and employers are all too happy to oblige them, since it seems to take the responsibility off of their shoulders. Unfortunately, this creates an incredibly dangerous situation – mobile phones are increasingly becoming targets of malware and hacking, and even worse are increasingly being used as entry points to the traditional corporate network.

Make sure your company has a strong and rigorous mobile security plan in place. All employee cell phones should be running an antivirus program that has been thoroughly vetted by your IT staff. Phones should also have a strong locking mechanism on the lock screen, and should lock the phone automatically after only a brief period of inactivity to prevent lost phones from compromising your company security. Finally, phones and other mobile devices should never be allowed access to the main corporate network. They should always connect through a secure proxy that can check traffic coming in from the device to make sure no hidden malware infections are making their way through.