It's peak season for Groople, a small online travel site that caters to groups, and it cannot afford any technology hiccups. In the last two years, Groople has invested $55,000 to upgrade information technology security at the request of large customers like Travelocity and Cendant. And it considers that a small price to pay.

"Honestly, we do not believe it's an option," said Scott Larsen, information technology director for the company, which is based in Centennial, Colo. "If we want to do business with companies like Travelocity and the big hotel corporations, it's a requirement for us to meet their security requirements, otherwise we're just another small company that wants to play with the big boys but really can't."

These days, when a small company wants to do business with a large vendor over the Internet, having a high-speed connection is not nearly enough. The connection, and everything transmitted over it — financial, customer and product data — has to be secure and out of the reach of hackers, cyberthieves and even disgruntled employees.

"Right now, security is a big issue for small and medium-sized businesses," said Gary Chen, an analyst for the Yankee Group, a research firm in Boston. Larger customers, he added, do a bit of "arm twisting."

Get the full story at The New York Times