There have been many articles over the past year about hackers using “Automated Clearing House” fraud to steal money from small and medium-sized businesses. The basic premise is that a hacker will compromise the machine that handles bank transactions for your company and steal money directly from your business account.
I would distill my advice down to one key step: Designate a secure machine to do bank transactions that isn’t used for anything else. Don’t use this machine to browse the internet, check e-mail, or open any documents not necessary to complete transactions. When we talk about a secure machine, it should of course have all updates, anti-virus, etc. It would also be preferable to have this machine on an isolated network. Putting it behind a simple broadband router would provide a lot of benefit for little cost. Even internal networks should be considered suspect in this sort of situation.