How to Secure Your Business for Free [16 Great Security Tools]

Posted on February 22, 2019 - by Darren Gallop - in Building Your InfoSec Program

Many companies, especially small businesses or startups, start off with an information security program that relies on free security tools.

One of the biggest hurdles to overcome in setting up a security program is, and will forever be, money. Budget is always the biggest obstacle to improving security. However, people believe this myth that having a security program means that they have to break the bank.

But that’s not the case. There are so many things that organizations can be doing to run more securely, at no cost.

1. Run Tests

To get the ball rolling on your securing your business, you should first run some tests. Risk assessments and vulnerability scans can help determine where the organization is most exposed.

After that, testing employees on security best practices will give you a general idea of where their basic security knowledge lies.

2. Turn on Free Security Tools You Already Have

Mac and Windows PCs and laptops have security tools built into them. They are often not automatically turned on but the process of turning them on isn’t difficult. Also, CRM software like Salesforce or Hubspot have security tools that are free to use.

3. Research New Security Tools

There are so many free tools at the tips of your fingers. A quick search will lead you to antivirus programs or VPNs. But first, you want to get an understanding of what kind of data the organization will be storing. This will help you to determine which tools you need. While the free tools may not be as strong as the paid versions, they are better than having no security at all.

4. Train Your Staff

We’ve talked in the past about how employees can be the weakest link when it comes to security. A large percentage of breaches happen because people are easily deceived by phishing attacks. There are plenty of resources out there (YouTube) that can be helpful you raise your team’s awareness of phishing and social engineering. It’s much better to find a free cybersecurity awareness training program than to do nothing.

5. Implement Security Policies

Security policies will be helpful in guiding your team through the organization’s guidelines. But if there are no policies in place right now, you can start with a simple set (for free!) As your company grows over time, the policies will be able to be expanded upon.

6. Leadership Takes it Seriously

Having a team that cares about information security is easier to do when management is actively displaying that they are about it as well. If the CEO is not following through on policies then the rest of the team is going to slack off as well. Leaders must prove to their team that this is a serious issue.

Here is a list of 16 free tools that our security experts have approved:

  1. PrivacyHPI Identity Leak
  2. Vulnerability AssessmentOpenVAS Assessment Scanner
  3. PhishingPhishing Test Google/Jigsaw
  4. AntivirusAvira Free Security Suite
  5. PasswordsHowSecureIsMyPassword.net
  6. Password ManagerLastpass Free
  7. CommunicationSignal
  8. Safe BrowsingHTTPS Everywhere
  9. GeneralGoogle Security Checkup
  10. Social MediaFacebook Security Checkup
  11. Network MonitoringNmap.org
  12. Intrusion DetectionSecurity Onion or EasyIDS
  13. Penetration TestingKali Linux
  14. FirewallpfSense.org
  15. LoggingGraylog Open Source
  16. Policy Generator and Infosec Program Management Securicy

Okay yes, that last one is us. We’re proud of what we’ve built and are excited to offer free tools that help businesses improve their security. We’re firm believers that any company should start their information security program out by creating or updating their policies.

If you want more beyond this list — sign up for our free app, try out the policy builder, and check out more tools you can use to secure your business in our Marketplace.

Do your security policies need updating?


Get custom information security policies generated for your business in minutes. Securicy guides you through creating, implementing, and managing your cybersecurity plan.

Try Securicy Free

About the author

Darren Gallop is a tech entrepreneur, information security expert, Techstars alumni, board member, and the CEO of Securicy. He co-founded Securicy and led the team to develop a SaaS product that guides businesses through creating, implementing, and managing their information security and privacy compliance program. Gallop previously co-founded Marcato and was CEO there for 10 years, until the successful event management software company was acquired by Patron Technology. He is fluent in English, French, and adept in Spanish. Gallop spends much of his non-work time traveling or engaging in the outdoors. Swimming, fly fishing, canoeing, camping, and surfing (basically in that order). He is from Nova Scotia, Canada.