Like many business owners, you’re tuned into media stories about security, both physical and digital. It can be daunting to try to figure out what’s a must-have and what’s overkill for your particular company, especially when you have so many aspects of your business to look after.

We’ve identified the 5 big ones to seriously consider: physical, computer network, malware and ransomware, insider threats and data breaches.

1. Physical security will always be number one

Businesses are burglarized at higher rates than homes, according to the Arizona State University Center for Problem-Oriented Policing. Having valuable equipment, merchandise, paper files or cash stolen from your business premises can be devastating, perhaps even as great as having your computers or cloud files hacked. Take these steps to help make your business less of a target.

• Make sure that all doors and windows to your business can be securely locked. Have protocols in place to ensure that they’re locked when the business is closed and that entrances are limited when it’s open. ASIS International, a professional organization for security professionals, offers advice on how to comply with your local fire code and other laws about the kinds of locks, security bars, gates and other equipment you can use to secure your premises during and after business hours.

• Put warning systems in place. Alarms and surveillance cameras are important tools to notify you and, potentially, the police or a private security firm if there’s an incident. Carefully research the security system providers in your area. Compare the types of monitoring available and corresponding fees. A smart system typically lets you monitor alarms, authorize keyless entry and view on-site cameras remotely.

• Work with your security vendor to look for vulnerabilities in your physical space. If you’re in a rental property, whether in an office building or a retail store location, talk to your landlord about what sort of security services and equipment are provided under the terms of your lease and what you’ll need to provide.

2. Maximize your computer network security

Keep hackers out of your network, whether they’re specifically looking to target your business or just probing systems across the internet for vulnerabilities.

• Install firewalls. Tools that limit what can go in and out of your network. You or an IT or cybersecurity professional should configure your firewalls to allow the software you choose to run without interruption, while blocking unwanted traffic that could include malware.

• Use complex passwords. Password manager services can help make sure your passwords have the right level of complexity. Consider enabling two-factor authentication for sensitive systems, as recommended by the Electronic Frontier Foundation. This process will require employees to verify their identities when they log in to your system, first by a password, then with a special code. This can help keep your network secure even if someone guesses or steals employee passwords.

• Check your public Wi-Fi network. If you offer Wi-Fi access to the public or to your clients, you may want to separate that network from your other networks with firewall settings so no one can access sensitive data from your customer network.

• Consult your internet provider for advice on setting up your secure network. Many offer a security package, including firewalls, antivirus software and other tools to help keep your network safe.

3. Protect against malware and ransomware

Malware can cause serious disruptions. Ransomware is a particular type of malware that uses encryption to make your data unreadable or simply deletes it until a ransom is paid to those who deployed it. If you’re unable to access your business files, you could reduce the confidence of your customers and suppliers if you must reveal that you were struck by such an attack.

• Ask your internet provider about antivirus software to install. Such software can detect the latest viruses and malware. Also, keep aware of scams that are used to trick people into installing malware, often including phishing emails claiming the software is something useful. Educate your employees about the risks as well as the protections they can take, such as not downloading files from unknown sources or connecting outside devices to your business network unnecessarily.

• Set security policies for personal devices. If you or your employees do use personal devices on the business network or to work from home, you can set security policies, such as requiring antivirus software and keeping operating systems up to date. This is often referred to as a bring-your-own-device, or BYOD, policy.

• Schedule regular data backups. Data backups protect you so that if data is compromised by malware or other issues, such as hard drive failure, you’ll still have copies of critical data. For this, you can build your own data backup system, hire someone to do it or use off-the-shelf software. Modern operating systems from Microsoft, Apple and other vendors have their own built-in backup tools that may work for you.

4. Control your employees’ access to data

There is always the chance that an employee may cause a security risk at your business, unwittingly or not. This can be as simple as stealing cash or valuables to a complex scheme of tampering with computer security settings to enable data theft. These scenarios are often referred to collectively as insider threats.

• Limit employee access to valuables, sensitive files and software. You can limit the risk of insider threats by  giving data access only to those who actually need it. When it comes to software, many programs and operating systems allow you to log in to see when and how they were used. Talk to a computer security professional or your internet provider about how best to lock down your systems.

• Take steps to protect physical security. When it comes to your physical sites, limit who has a key and consider using cameras to monitor activity within your business. Make sure any methods you use comply with applicable privacy laws in your area.

• Review files and systems of employees who leave. If an employee leaves, especially under contentious circumstances, do a review of the files and systems that individual could have accessed and change shared passwords and locks.

5. Prevent data breaches

A data breach is a potentially dangerous situation that can expose your business to legal risk, including lawsuits and fines from regulators, depending on the kind of data exposed. Even a breach of your internal data can compromise your business if it’s ultimately exposed to the public or to competitors.

• Take all preventative measures. Make it difficult to access sensitive data. Keep your network secure. Install updates to your operating systems and other software. Use encryption tools, or software with built-in encryption, to store sensitive data. Encryption requires that a user must provide a password or other kind of secure identification even if your disks are accessed without permission. For any cloud-based software, follow the maker’s recommended security practices.

• After a breach reach out to security experts. Contact your insurer if you have a policy covering cybersecurity risk and, potentially, an attorney. Work with these experts to quickly safeguard your systems, determine the extent of the breach and, if need be, notify anyone who’s affected.

In the end, security protection is like wearing a helmet on a bicycle or buckling your seatbelt. You use safeguards because you never know what might happen. But you’ll be ready for it.