Cybersecurity

Cybersecurity to Manage Your Business

An effective cybersecurity program is essential to all businesses, especially small businesses. It is critical for business owners to understand how to proactively protect themselves from cyber-attacks.

Types of Cyber Attacks and Threats

  • Malware is software used to perform unauthorized functions
  • Ransomware is malicious software designed to extort money by blocking systems or functions.
  • Phishing is the practice of sending fraudulent emails to obtain sensitive data.
  • Spyware is software that is secretly installed into an information system, typically through emails or websites.
  • Virus is a type of program that replicates and infects a computer.

10 Tips to Protect Your Business:

  1. Backup & Encrypt Data: Use external storage devices and never store important data in a single place. However, data is only safe when it is secure. Install encryption on all devices.
  2. Firewalls: Placing firewalls on your network should be one of your first priorities to prevent outsiders from accessing data.
  3. Virus Protection: Any device connected to the internet is at risk. Be sure to keep anti-virus protection updated.
  4. Password Authentication: Require employees to use unique passwords and to change passwords at least once a quarter.
  5. Third Party Security: Be wary of granting anyone access to your systems and require all third parties to follow similar security practices to you.
  6. Avoid Freeware: Cyber security is not a good place to cut cost, avoid freeware when it comes to protecting data.
  7. Train Employees: Ensure all employees understand the importance of maintaining cyber security best practices.
  8. Separate Work & Pleasure: Avoid using the same devices for business and personal activities. Do not store business information on personal devices and vice versa.
  9. Limit Employee Access: Do not provide any one employee with access to all data systems. Employees should only be given access to specific data and systems needed for their jobs.
  10. Physical Theft: Do not forget that hardware can be stolen. Ensure all employees are aware of how to secure data on laptops and cell phones.

The below regulations govern data security and consumer privacy, which directly affects small businesses. It is critical to ensure your business operates within federal laws.

Federal Trade Commission Act (FTCA)

Prohibits deceptive practices regarding offline and online privacy and data security; has authority to fine companies that fail to protect consumer personal data.

Title V Gramm-Leach Bliley Act (GLB)

Regulates the collection, use and disclosure of financial information and requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data.

Health Insurance Portability and    Accountability Act (HIPAA)

Sets standards for the collection and use of protected health information, medical data, and electronic transmissions. These regulations protect patient’s rights related to health information.

Additional regulations to be familiar with:

  • Computer Fraud and Abuse Act
  • Electronic Communications Privacy Act
  • Fair Credit Reporting Act
  • Cybersecurity Information Sharing Act

SBA Cybersecurity to Manage Your Business

SBA offers various Cyber Security Training and best practices as outlined on Stay Safe CyberThreats

SBDCNet provides comprehensive collection of information, resources and tools for small business cybersecurity. Learn everything from the basics of cybersecurity to how to protect your business to advanced topics such as security plan development/implementation and requirements for government contracting.

Google’s “Simple Steps to Online Safety is another resource.

For more information contact us.