http://www.choosewhat.com/ (ChooseWhat.com) brings small business owners and entrepreneurs a Step-By-Step Guide to Keeping Your Sensitive Information Secure. Embed this on your own blog, share it with your social network or let us know if we can help!
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Small Business Guide to Information Security
1. Small Business Guide
to
4 Simple Steps To Protecting You & Your Customers
Evaluate Remove Prevent Dispose
2. EvaluateYour Company’s Assets & Identify Sensitive
Information
Step1
Develop a list of physical and digital assets located within
each room of your company
*Don’t forget storage, equipment, software & networks for each room
Treat each digital device as an “office room”
Take inventory of all personal and sensitive information stored or transmitted through
these devices.
Answer the following questions for each piece of office
equipment:
4. RemoveAll identified security threats & unsecure
practices
Step2
Review your physical & digital asset log to identify sensitive
data you do NOT need
Only request sensitive data on the LAST step of transactions
*Financial data should only be requested for processing payment or tax documents.
NEVER include the expiration date or more than 5 digits on
a sales receipt
All online transactions or sharing of sensitive data should be
done on a Secure Sockets Layer (SSL)
*See final slide of Small Business Guide for secure payroll and ecommerce software
5. PreventFuture Security Breaches by Addressing Digital
Security
Step 3
Take inventory of new IT equipment that collects sensitive data
*Log each VIN # and check it periodically to ensure it has not been switched
Identify all connections to computers, servers & IT
equipment that may contain sensitive data
*iPhone’s, Dropbox accounts, online fax storage, digital copiers, etc.
Do NOT email sensitive data, use an online fax service
*Faxing is the most secure way to transfer sensitive information, although fax machines are
built with an internal hard drive that is often hacked when a company disposes of it.
Use a Password Management Service
Don’t store sensitive data on electronic devices that are easily
stolen or lost
*If needed, use an online backup service with an encryption & auto-destroy function
6. PreventFuture Security Breaches by Addressing Physical
Security
Step 3
Define employee guidelines, responsibilities & restrictions upon
new employee hire & in company handbook.
Make sure your employees log-off their computers and lock all
cabinet doors prior to leaving each day.
*iPhone’s, Dropbox accounts, online fax storage, digital copiers, etc.
Do NOT email sensitive data, use an online fax service.
*Faxing is the most secure way to transfer sensitive information, although fax machines are
built with an internal hard drive that is often hacked when a company disposes of it.
Lock all file cabinets with sensitive information & start a “sign
in/out” system each time they are accessed.
*This should be true of off-site storage facilities as well.
7. DisposeOf any and ALL sensitive information
Step 4
Make shredders available throughout the office,
especially around mail areas, copy or fax machines
*Do not create a “To Be Shredded” box, this will only increase your risk
Erase electronic devices COMPLETELY before removal.
*There are software options available to clean all electronics periodically or wipe
completely
Mail centers and fax machines should be placed in
private area, AWAY from foot traffic
*According to a GFI study, 49% of employees claimed to have seen a paper fax that
was not intended for them
8. Security Software Recommendations
Explain this point in a few sentences. An infographic
doesn’t necessarily mean you aren’t allowed to use words.
Secure Online Shopping & Payroll
• Intuit GoPayment
• Intuit Online Payroll
Password Management
• Lastpass
• Dashlane
Secure Online Backup
• iDrive
• Carbonite Online Backup
External Hard Drive with “Auto Destroy” Feature
• Apricorn Aegis Padlock 1 TB USB 3.0 256-bit AES XTS Hardware Encrypted Portable External
Hard Drive
• Apricorn Aegis Padlock 500 GB USB 2.0 256-bit Encrypted Portable External Hard Drive
• Apricorn Aegis Secure Key FIPS Validated 16 GB USB 2.0 256-bit AES-CBC Encrypted Flash
Drive
Security Software for Portable Electronics
• LoJack for Laptops
Secure Online Fax Plans
• MetroFax Essential
• Nextiva Single User
• eFax – eFax Plus
9. Sources
Explain this point in a few sentences. An infographic
doesn’t necessarily mean you aren’t allowed to use words.
ChooseWhat.com would like to thank the following websites for their
help in developing this information security guide.
• http://business.ftc.gov/documents/bus75-medical-identity-theft-faq-health-care-
health-plan
• business.ftc.gov/privacy-and-security
• David of FindAFax.com
• www.OnGuardOnline.gov
• Electronic Code of Federal Regulations
• http://business.ftc.gov/documents/bus69-protecting-personal-information-guide-
business
• http://www.sba.gov/category/navigation-structure/starting-managing-
business/managing-business/business-guides-industry
• http://business.ftc.gov/privacy-and-security/data-security
A detailed version of this guide is available here:
http://www.choosewhat.com/starticles/small-business-security-essentials