cyber-security-cybersecurity-device

Cybersecurity for Small Business: Physical Security

SHARE

used with permission from FTC.gov
by Andrew Smith, Director, FTC Bureau of Consumer Protection

An employee catches up on some work while visiting the local coffee shop. She grabs her Double Mocha to go, but accidentally leaves behind a flash drive with hundreds of Social Security numbers on it. When she returns, the flash drive is gone. Then there’s the staff member who needs to free up file room space. After he tosses a stack of old company bank records into the garbage, a dumpster diver spots the trash and walks away with a windfall.

At meetings with small business owners across the country, you told us you wanted straightforward guidance on how to step up cybersecurity at your company. To help meet that need, the FTC has introduced new resources on a dozen topics. This week’s focus: A key component of cybersecurity is effective physical security, as the examples above illustrate. And it begins with a plan to safeguard your equipment and paperwork.

How to Protect Equipment and Paper Files

As our factsheet describes, the starting point for any business is an up-to-date inventory of computers, flash drives, point-of-sale devices, files, etc. If they contain sensitive information, they belong in a secure part of your facility or in a locked file or cabinet. Make it office policy to log out of your network and applications when not in use. Never leave sensitive data unattended and limit access to employees who need the data to do their jobs.

How to Protect Data on Your Devices

The second step is to protect the data on those devices. Require passwords that are long, complex, and unique. To access parts of your network where sensitive information is kept, use multi-factor authentication. In other words, in addition to logging on with a password, require something extra like a temporary code on a smartphone or a key inserted into a computer. To stymie hackers, block access after several unsuccessful login attempts. Use encryption on laptops, flash drives, etc., that store sensitive data. Also encrypt confidential information you send outside of your company.

Train Your Employees

Finally, the FTC’s new resources make it easier to enlist your staff in your cybersecurity efforts. Talk about physical security at an upcoming staff meeting. There’s no need to start from scratch when you can use the factsheet to guide the discussion. Train your staff to maintain effective physical security even if working remotely from home or on business travel. And every employee should know what to do if a device or confidential file goes missing.

To learn more, contact us today.

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories