Blog

Cybersecurity for Small Business: Physical Security

used with permission from FTC.gov
by Andrew Smith, Director, FTC Bureau of Consumer Protection

An employee catches up on some work while visiting the local coffee shop. She grabs her Double Mocha to go, but accidentally leaves behind a flash drive with hundreds of Social Security numbers on it. When she returns, the flash drive is gone. Then there’s the staff member who needs to free up file room space. After he tosses a stack of old company bank records into the garbage, a dumpster diver spots the trash and walks away with a windfall.

At meetings with small business owners across the country, you told us you wanted straightforward guidance on how to step up cybersecurity at your company. To help meet that need, the FTC has introduced new resources on a dozen topics. This week’s focus: A key component of cybersecurity is effective physical security, as the examples above illustrate. And it begins with a plan to safeguard your equipment and paperwork.

How to Protect Equipment and Paper Files

As our factsheet describes, the starting point for any business is an up-to-date inventory of computers, flash drives, point-of-sale devices, files, etc. If they contain sensitive information, they belong in a secure part of your facility or in a locked file or cabinet. Make it office policy to log out of your network and applications when not in use. Never leave sensitive data unattended and limit access to employees who need the data to do their jobs.

How to Protect Data on Your Devices

The second step is to protect the data on those devices. Require passwords that are long, complex, and unique. To access parts of your network where sensitive information is kept, use multi-factor authentication. In other words, in addition to logging on with a password, require something extra like a temporary code on a smartphone or a key inserted into a computer. To stymie hackers, block access after several unsuccessful login attempts. Use encryption on laptops, flash drives, etc., that store sensitive data. Also encrypt confidential information you send outside of your company.

Train Your Employees

Finally, the FTC’s new resources make it easier to enlist your staff in your cybersecurity efforts. Talk about physical security at an upcoming staff meeting. There’s no need to start from scratch when you can use the factsheet to guide the discussion. Train your staff to maintain effective physical security even if working remotely from home or on business travel. And every employee should know what to do if a device or confidential file goes missing.

To learn more, contact us today.

Bryan Antepara

Bryan Antepara: IT Specialist Bryan Antepara is a leader in Cloud engagements with a demonstrated history of digital transformation of business processes with the user of Microsoft Technologies powered by the team of eMazzanti Technologies engineers. Bryan has a strong experience working with Office 365 cloud solutions, Business Process, Internet Information Services (IIS), Microsoft Office Suite, Exchange Online, SharePoint Online, and Customer Service. He has the ability to handle the complexity of moving data in and out of containers and cloud sessions, makes him the perfect candidate to help organizations large and small migrate to new and more efficient platforms.  Bryan is a graduate of the University of South Florida and is Microsoft Certification holder.

Recent Posts

Shared Mailbox vs. Regular Mailbox in Microsoft Exchange

Microsoft Exchange provides multiple ways to control email communication in a business. Shared Mailboxes and…

1 day ago

Remote Work Rising: The New<br>Way We’ll Work

Remote working was once a niche specialty, only used by tech-savvy and freelancers. But in…

1 day ago

The Role of Print Servers In<br>An Organization

While we live in a digital age, print is still a staple for many businesses.…

1 day ago

Implementing Anti-Spoofing Rules for Email Protection

Increasingly, email communication is playing a pivotal role in business operations, facilitating collaboration, customer engagement,…

2 days ago

The Comprehensive Benefits of MSP Management for Servers, Exchange, O365, VPN, and Networks

As the digital landscape evolves, businesses of all sizes face the challenge of managing complex…

2 days ago

Cost-Benefit Analysis of On-Premises Network/Server Infrastructure vs. Azure-Based Cloud Infrastructure

In the evolving landscape of information technology, businesses constantly seek the most efficient and cost-effective…

2 days ago