IT security services are crucial to keeping your small business information safe. But how do you know where to start?
To help, NIST (National Institute of Standards and Technology) recently released Small Business Information Security: The Fundamentals. It provides guidance, in plain English, on how small businesses can provide basic security for their information, systems, and networks.
These tips provide a solid security foundation, especially if you’re new to using IT security services in your business. Review these ideas with your IT provider to evaluate where you stand now and what incremental steps you can take to improve.
IDENTIFY who has access to your information.
- Identify and control who has access to your business information
- Conduct background checks on potential employees
- Require individual user accounts for each employee
- Create policies and procedures for information security
PROTECT yourself from the risk of a security event as much as possible.
- Limit employee access to data and information
- Install Surge Protectors and Uninterruptible Power Supplies (UPS)
- Patch your operating systems and applications
- Install and activate software and hardware firewalls on all your business networks
- Secure your wireless access point and networks
- Set up web and email filters
- Use encryption for sensitive business information
- Dispose of old computers and media safely
- Train your employees
DETECT the event if it occurs.
- Install and update anti-virus, -spyware, and other –malware programs
- Maintain and monitor logs
RESPOND to contain or reduce the impact of an event.
- Develop a plan for disasters and information security incidents
RECOVER to resume normal operations after an event.
- Make full backups of important business data/information
- Make incremental backups of important business data/information
- Consider cyber insurance
- Make improvements to processes / procedures / technologies
Other ways to stay safer:
- Pay attention to the people you work with and around
- Be careful of email attachments and web links
- Use separate personal and business computers, mobile devices, and accounts
- Do not connect personal or untrusted storage devices or hardware into your computer, mobile device, or network
- Be careful downloading software
- Do not give out personal or business information
- Watch for harmful pop-ups
- Use strong passwords
- Conduct online business more securely
IT security services are part of CRU Solutions’ managed IT for small businesses. If you’d like to know more, contact us.