Small Business Internet Security Planner
The arrival of computers and high speed internet has completely revolutionised the way people go about running their businesses, especially small businesses. Many rely on the internet to expand their reach and stay competitive, allowing them to access customers they would otherwise never be able to. The internet is a great enabler of small business success, but it’s not without its drawbacks.
Internet or ‘cyber’ security is not something to be ignored, it’s vital that businesses make vast efforts to protect themselves and the information the hold from common external threats. Small businesses in particular are much easier targets for cyber criminals looking to get hold of valuable information.
While the thought of someone maliciously accessing confidential documents and wreaking havoc on your internal networks does sound intimidating, there are simple preventative measures you can implement immediately.
Small Business Internet Security can be broken down into the below key areas:
Privacy & Data
Privacy & Data
Includes an audit of current data, categorising sensitive data, creating sufficient layers of security around sensitive data and data collected by your website, creating a privacy policy and creating a plan in the unfortunate event of a data breach.
Network Security
Includes securing your internal network and Wi-Fi access, encrypting sensitive data, employing a strong password policy, regularly updating systems and software and ensuring remote access is secure.
Website Security
Includes ensuring web hosting and servers are secure and safe, web content is protected from unauthorised access and the posting of sensitive information on your site is avoided.
Includes filtering out malicious emails, ensuring sensitive information is not sent via email and employing email retention and email use policies.
Scams & Fraud
Includes providing ‘social engineering’ training to employees and implementing protection against online fraud, phishing, fake anti-virus software, malware, spyware and adware
Payment Cards
Includes conducting an inventory of and organising payment data, ensuring your business withholds to PCI security standards, ensuring the security payment systems and keeping up to date with the latest security tools and methods.
Employees
Includes creating a secure hiring process including concise background checks, creating an employee access control policy, providing security training for staff and introducing an employee departure policy.
Essential Reading
If you feel any of the above aspects appeal to you and your business, there are several great sources of information online from reputable organisations:
- https://www.fcc.gov/cyberplanner
- https://www.us-cert.gov/security-publications
- https://www.uschamber.com/sites/default/files/legacy/issues/technology/files/ISEB-2.0-CyberSecurityGuide.pdf
- https://www.onguardonline.gov/features/feature-0007-featured-info-small-business
The Small Business Internet Security Planner 2015 by SSLs.com compiles the above information and presents it in a visual and easy to digest manner, allowing you to progress through each section and mark off completed tasks to receive a ‘security score’.
Whichever method you choose to secure your business online, it’s important to ensure that you are taking preventative measures in securing your customer’s information.
