cyber-security-cybersecurity-device

Cybersecurity for Small Business: Physical Security

  • by Bryan Antepara

SHARE

used with permission from FTC.gov
by Andrew Smith, Director, FTC Bureau of Consumer Protection

An employee catches up on some work while visiting the local coffee shop. She grabs her Double Mocha to go, but accidentally leaves behind a flash drive with hundreds of Social Security numbers on it. When she returns, the flash drive is gone. Then there’s the staff member who needs to free up file room space. After he tosses a stack of old company bank records into the garbage, a dumpster diver spots the trash and walks away with a windfall.

At meetings with small business owners across the country, you told us you wanted straightforward guidance on how to step up cybersecurity at your company. To help meet that need, the FTC has introduced new resources on a dozen topics. This week’s focus: A key component of cybersecurity is effective physical security, as the examples above illustrate. And it begins with a plan to safeguard your equipment and paperwork.

How to Protect Equipment and Paper Files

As our factsheet describes, the starting point for any business is an up-to-date inventory of computers, flash drives, point-of-sale devices, files, etc. If they contain sensitive information, they belong in a secure part of your facility or in a locked file or cabinet. Make it office policy to log out of your network and applications when not in use. Never leave sensitive data unattended and limit access to employees who need the data to do their jobs.

How to Protect Data on Your Devices

The second step is to protect the data on those devices. Require passwords that are long, complex, and unique. To access parts of your network where sensitive information is kept, use multi-factor authentication. In other words, in addition to logging on with a password, require something extra like a temporary code on a smartphone or a key inserted into a computer. To stymie hackers, block access after several unsuccessful login attempts. Use encryption on laptops, flash drives, etc., that store sensitive data. Also encrypt confidential information you send outside of your company.

Train Your Employees

Finally, the FTC’s new resources make it easier to enlist your staff in your cybersecurity efforts. Talk about physical security at an upcoming staff meeting. There’s no need to start from scratch when you can use the factsheet to guide the discussion. Train your staff to maintain effective physical security even if working remotely from home or on business travel. And every employee should know what to do if a device or confidential file goes missing.

To learn more, contact us today.

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | JAN. 15

LEARN MORE / REGISTER

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

LEARN MORE / REGISTER

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

LEARN MORE / REGISTER

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

VIEW ALL RESOURCES

Watch On-Demand

sb-watch-on-demand

Cyber Security Master Class Series | 3 Sessions

22 Years of Learning | 28 Sessions

Ransomware in the Cloud

WATCH MORE EVENTS

Recent Articles

The Executive’s Guide to Security Operations Center Models

Introduction to Azure Services

Introduction to Microsoft Copilot

Project Management: Why is it important?

Enhancing Website Performance and User Experience Through Caching Strategies

NEWSLETTER

Categories