Cybersecurity pdf notes

CYBERSECURITY FOR

SMALL BUSINESS


CYBERSECURITY BASICS
Cyber criminals target Knowing some cybersecurity basics and
putting them in practice will help you

companies of all sizes. protect your business and reduce the risk
of a cyber attack.



PROTECT
YOUR FILES & DEVICES



Update your software Secure your files Require passwords
This includes your apps, web Back up important files offline, Use passwords for all laptops,
browsers, and operating on an external hard drive, or in tablets, and smartphones.
systems. Set updates to the cloud. Make sure you store Don’t leave these devices
happen automatically. your paper files securely, too. unattended in public places.




Encrypt devices Use multi-factor authentication
Encrypt devices and other media that Require multi-factor authentication to access areas
contain sensitive personal information. of your network with sensitive information. This
This includes laptops, tablets, requires additional steps beyond logging in with a
smartphones, removable drives, backup password — like a temporary code on a smartphone
tapes, and cloud storage solutions. or a key that’s inserted into a computer.




LEARN MORE AT:
FTC.gov/SmallBusiness

, CYBERSECURITY FOR

SMALL BUSINESS

PROTECT YOUR WIRELESS NETWORK
Secure your router
Change the default name and password, turn off remote management,
and log out as the administrator once the router is set up.


Use at least WPA2 encryption
Make sure your router offers WPA2 or WPA3 encryption, and that it’s
turned on. Encryption protects information sent over your network so it
can’t be read by outsiders.



MAKE
SMART SECURITY
YOUR BUSINESS AS USUAL




Require strong passwords Train all staff Have a plan
A strong password is at least Create a culture of security Have a plan for saving data,
12 characters that are a mix of by implementing a regular running the business, and
numbers, symbols, and capital schedule of employee training. notifying customers if you
lowercase letters. Update employees as you experience a breach. The FTC’s
Never reuse passwords and find out about new risks and Data Breach Response: A Guide
don’t share them on the phone, vulnerabilities. If employees for Business gives steps you
in texts, or by email. don’t attend, consider blocking can take. You can find it at
their access to the network. FTC.gov/DataBreach.
Limit the number of
unsuccessful log-in attempts to
limit password-guessing attacks.




LEARN MORE AT:
FTC.gov/SmallBusiness

, CYBERSECURITY FOR

SMALL BUSINESS
Understanding

THE NIST CYBERSECURITY
FRAMEWORK
You may have heard about the businesses of all sizes better understand,
manage, and reduce their cybersecurity risk
NIST Cybersecurity Framework, and protect their networks and data. The
Framework is voluntary. It gives your business
but what exactly is it? an outline of best practices to help you decide
where to focus your time and money for
And does it apply to you? cybersecurity protection.
NIST is the National Institute of Standards and You can put the NIST Cybersecurity Framework
Technology at the U.S. Department of Commerce. to work in your business in these five areas:
The NIST Cybersecurity Framework helps Identify, Protect, Detect, Respond, and Recover.



1. IDENTIFY 2. PROTECT
Make a list of all equipment, software, and data • Control who logs on to your network and uses
you use, including laptops, smartphones, tablets, your computers and other devices.
and point-of-sale devices.
• Use security software to protect data.
Create and share a company cybersecurity
policy that covers: • Encrypt sensitive data, at rest and in transit.
• Conduct regular backups of data.
Roles and responsibilities
for employees, vendors, and • Update security software regularly, automating
anyone else with access to those updates if possible.
sensitive data. • Have formal policies for safely disposing of
electronic files and old devices.
Steps to take to protect against • Train everyone who uses your computers,
an attack and limit the damage if devices, and network about cybersecurity.
one occurs. You can help employees understand their
personal risk in addition to their crucial role
in the workplace.



LEARN MORE AT:
FTC.gov/SmallBusiness