It seems that there's a story every day about a company having its data stolen by hackers, or losing it because of an accident or disaster. Even the most sophisticated organizations have a hard time ensuring their business IT systems are robust and secure. Small businesses may be at greater risk of IT issues since they tend to spend less on technology safeguards than larger firms.

However, some basic precautions can go a long way to keeping your business IT system up and running, and your data secure. Use these tips to help reduce the risks of IT threats to your company:

Back up data regularly

It's essential to back up your business data regularly — ideally on a daily basis — and to store copies offsite, in case of fire, flood or other disaster. If you decide to back up your data through an online backup service, look for one that offers continual and automatic backup, retains older versions of files, uses multiple storage sites and can restore files to new computers. Before signing with a vendor, understand how it ensures your data will be kept safe and secure.

Update your software

Keep all your software — including operating systems, antivirus software and applications — at the latest release level to minimize infections by new viruses. As a side benefit, current releases can also help improve your team's productivity. Assign a team member to perform software updates, troubleshoot wireless problems, configure desktop applications and solve other common IT problems. As an alternative, an increasing number of online services offer remote tech support for a monthly fee; this can be a good option for a small business without an internal technical troubleshooter.

Be proactive

New risks to your business IT system can arise daily, so you need to be vigilant. For example, on a regular basis:

• Review your data protection plan to ensure your company remains secure
• Define which employees or business partners can access critical data and systems, review your policies to prevent unauthorized access and assess their implementation
• Scan and store important information that is in paper form in case a disaster destroys the paper copy
• Delete dated information, especially old records that may contain sensitive client information
• Update your policies on the use of mobile computing and data storage devices such as laptops, smartphones, CDs, external drives and USB flash drives. Be sure your employees know how to encrypt data on mobile devices so that if the device is lost, the data can't easily be accessed
• Encourage your employees to use strong passwords, eight or more characters, with a mix of upper and lower case letters as well as numbers, and to change them on a regular basis

Institute email and online-use policies

Educate your employees about safe email practices. For example, mandate that they avoid opening attachments from unknown senders, delete all spam emails without responding, and type in URLs to sensitive sites instead of clicking on links in emails. They should also avoid free software downloads and file-sharing programs.

For more information on keeping your business IT systems secure, Tech Republic (www.techrepublic.com) offers a range of articles and blog postings for business managers and IT staff alike.