At the recent RSA Conference, I heard an MIT professor quip, "is it safe to keep passwords written on a piece of paper in your wallet?" Kidding aside, most of the mid-market customers I interacted with at RSA-in retail, healthcare, and manufacturing-understood the point. They all had similar security requirements. It was common to hear "we want a security solution that protects our customers, employees, and businesses. Something that's simple, easy to use, and will protect our intellectual property."

That's often easier said than done. Your mid-market company's security isn't simply a matter of choosing the right solution. The experience of your IT staff and the way they set your security strategy also has an impact, as we've discussed in#ciscomidsize.

Here are some questions to ask when considering security strategies:

• How do you protect your employees from malware while allowing them to engage with social media?
• What do you protect against when you can't distinguish between trusted traffic and threatening traffic?
• How can you increase personalization without risking data breaches and intrusion?
• Once you've identified a threat, will your tools be enough to combat it?
• Do you have the right IT professionals with the right expertise in place?

These challenges become even more intense within the mid-market, where limited resources and tight budgets can become an obstacle. In a fast-moving environment, it's no longer a matter ofifyou will be compromised, butwhen. Here are three things you can do to tighten security as your business grows.

Take a Threat-Centric Approach to Security

As social media traffic and other Internet-related activity have increased, the number and severity of threats entering from the web has skyrocketed. Even browsing a reputable news website can expose your network to malware.

• Analyze all traffic entering and leaving your network. With BYOD, networks can be exploited through devices.
• If the perimeter is attacked, see how your tools respond and examine the damage done, so that you can close those security gaps.

Be More Pervasive and Guard More Than the Perimeter

According to Adi Shamir, a leading Cryptographer at the Weizmann Institute of Science, most attacks originate from inside your organization.

• Protection that safeguards your entire organization, and every endpoint, is now essential.
• Reduce your discovery time for malicious threats operating inside the network.
• As organizations grow, they become more vulnerable. Combat advanced threats with an end-to-end solution.

Maintain Your Vigilance

Review your organization's security strategy regularly and frequently.

• Address security measures before, during, and after an attack.
• Use intelligent threat analytics with behavioral modeling and anomaly detection.
• Intruders have become more creative, so your security policy must automatically adapt to evolving threats.

In addition to our recommendations, consider  Gartner's recommendations on strategies for dealing with advanced targeted attacks.  Even the best security solutions can be breached. We can't eliminate attacks, but we can decrease the havoc they wreak. For example, the Texas Healthcare Institution instituted a HIPPA-compliant security solution by leveraging Cisco's made for mid-market security portfolio, which minimizes the harm done by security breaches. By becoming more strategic, comprehensive, and vigilant, we can protect our assets. Even the passwords in our pockets.

Learn more about security for your midsize organizations by visiting www.cisco.com/go/midsize. Or follow us on#ciscomidsize to learn how we can assist with your security needs.Made for the Mid-market. Made by Cisco.