Guidelines and suggestions for keeping the office safe with firewalls, antivirus, antispam, patch management, wireless networking, and vulnerability prevention are provided for small-business owners or the employees they have assigned the task of handling security. The firewall chosen should offer SPI (stateful packet inspection), and a spam filtering solution should be installed, even if the techniques used are only whitelists and blacklists. A perimeter security solution and desktop antivirus program should be installed, and patch management should be streamlined by tracking company assets. Wi-Fi Protected Access (WPA) should be enabled on the wireless network, and the wireless signal should remain in the office. Servers should be kept in a locked room and access should be allowed only for those personnel who require it. PCs should be locked down, and mobile workers should be urged to keep laptops safe. Snoopers or thieves should be kept out of the office, and workers should lock desktops, and avoid writing down passwords. Visitors to the office should sign in and out, and they should not have free access to navigate the premises. The firewall chosen should provide a history of data traffic, and ALF (application layer filtering)-enabled firewalls are recommended. The NAT filter should be configured, and the features of the firewall should be able to hide the office's presence on the Internet. Multi-function appliances are recommended for small offices, but another choice is outsourcing. Employees should not use work e-mail addresses when signing up for newsletters or filling out registration forms. Many other suggestions are provided, and among recommended products are CheckPoint Safe@Office 225U, ServGate EdgeForce, Postini Perimeter Manager, and IBM Director 4.1.