With massive data breaches making headlines on a regular basis, it’s hard to ignore the fact that data security is becoming increasingly important. Trust is an essential element of customer relationships. When it comes to Internet security, your customers trust you to protect the personal information they share with you. You would never knowingly put them at risk, but lax computer security practices can do just that -- jeopardize your customers' sensitive information and expose them to threats. If your company has a website, communicates with customers via email, or stores customer information in an electronic database, you could be putting them at risk if you aren't taking the right precautions. Security breaches hurt small businesses the most. More than 70 percent of attacks target small businesses. It is estimated that 60 percent of hacked SMBs go out of business only after six months.
This page provides resources to assist businesses in protecting their most critical information assets. Check out the links below for valuable security information.
What Are The Threats?
Best Practice Videos
Creating a new app or software package? Includes tips for keeping data secure during product design, development, testing and roll-out.
Companies need to manage who gets their hands on their data. Includes tips for controlling access to sensitive data in your business.
Ransomware can wreak havoc on your business. Learn about ransomware – what it is, how to defend against it, and what to do if your business is the victim of a ransomware attack.
- Delaware Small Business Development Center (SBDC) - Data Assured Toolkit
Delaware SBDC has a collection of cybersecurity material for all small businesses. Their Data Assured Program is a robust cybersecurity program that offers not only their award-winning Cyber Workbook that is designed to help small businesses develop an information security plan. They also offer many one-pagers such as Delaware's Data breach law, low cost cyber solutions, and much more.
- Digital Copier Data Security: A Guide for Businesses
Today’s generation of networked multifunction devices — known as “digital copiers” — are “smart” machines that are used for more than just copying; they can do everything from copying, printing, scanning, faxing to emailing documents. The hard drive in a digital copier stores data about the documents it copies, prints, scans, faxes or emails. If you don’t take steps to protect that data, it can be stolen from the hard drive, either by remote access or by extracting the data once the drive has been removed.
- Small Offices, Big Security - Guide for Securing Telework Environments from the Center for Internet Security (CIS)
Security for network devices such as routers and modems is essential. In order to protect their systems and data, teleworkers and small organizations are encouraged to configure their network devices using the guidance found in the CIS Telework and Small Office Network Security Guide.
- Social Media Cyber-Vandalism Toolkit
Cyber-vandalism presents a serious challenge to online-based communication tools. Users need available resources to counter intrusions of social media accounts. Developed by the SBA in conjunction with the US General Services Administration’s SocialGov program, the Social Media Cyber-Vandalism Toolkit provides guidance and security practices to businesses using these tools in their online operations.
We've Had a Breach - Now What?
Data Breach Response: A Guide for Businesses
You just learned that your business experienced a data breach. What steps should you take and whom should you contact if personal information may have been exposed? Although the answers vary from case to case, the following guidance from the Federal Trade Commission (FTC) can help you make smart, sound decisions.
You’ve worked hard to have a successful business. Don’t let a power outage, hacker disruption, fire, earthquake or other disaster take it away. If you’re not prepared, a disaster could put your business at risk, possibly shutting down your business forever.
Roughly 40 to 60 percent of small businesses never reopen their doors following a disaster. Planning and preparedness can be your lifeline to staying in business. With proper education, planning, testing and disaster assistance, you will be able to stay in business through any interruption and beyond.
Disaster Recovery is the process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans.
Additional Business Resources
- Delaware Small Business Development Center
The Delaware Small Business Development Center (SBDC) delivers training programs and free professional consulting services to innovators, startups, and existing businesses (with 0-500 employees) formulate and execute strategies to grow and succeed.
- Delaware State Chamber of Commerce
The mission of the Delaware State Chamber of Commerce is to promote an economic climate that strengthens the competitiveness of Delaware businesses and benefits citizens of the state.
- NIST Small Business Cyber Security Corner
Congress has given NIST responsibility to disseminate consistent, clear, concise, and actionable resources to small businesses. All resources are free and draw from information produced by federal agencies, including NIST and several primary contributors, as well non-profit organizations and several for-profit companies.
- US-CERT - Getting Started for Business
The resources below are available to businesses and aligned to the five Cybersecurity Framework Function Areas. Some resources and programs align to more than one Function Area. This page will be updated as additional resources — from DHS, other Federal agencies, and the private sector — are identified.
- US CERT - Getting Started for Small and Midsize Businesses (SMB)
Cybersecurity is critical to any business enterprise, no matter how small. However, leaders of small and midsize businesses (SMB) often do not know where to begin, given the scope and complexity of the issue in the face of a small staff and limited resources.