Information Security for Small Business

30 Oct Information Security for Small Business

Every business, no matter how small has data security issues.  Almost all small business have and email these days.  the second you have email you have data security issues.  Add employees and customers and you have even more to protect.  When you are a ten thousand employee company with a security department identity protection and information security can be much more manageable, but the small business has a real challenge ahead.  Here are some basic tips to help you protect your data.  

1. Use a complex password.  Your dog’s name and your date of birth are probably not the most secure choices.  Make sure you set a password on your Quickbooks.
2. Review your technology protection with you computer department or a technology consultant.
3. Have a WISP (written information system protection) Compliance document and follow it.  If you don’t have one contact someone to help you create one.  It can be as simple as completing a basic questionnaire.  Download our WISP questionnaire to get an idea of where to start.  Wisp Questionaire(97-03)
4. Be sure to have a log of keys issued and even more importantly returned.  Make sure you know who has access to your physical space.
5. Review data security measures with your vendors.  Be sure their standards meet or exceed yours if they supply you or have access via shared services.  Does the data backup website you use meet your standards?  Many of these vendors are located outside the United States and may be governed by different laws.  Don’t assume you are protected because the laws in the U.S. demand a certain standard.
6. Review security compliance with employees.  If the person who opens and sorts the mail doesn’t understand about what should be shredded it doesn’t matter what your WISP document says.
7. Shred paper documents that have sensitive information.

These are all basic, inexpensive, easy to implement ways to to secure your business.