Privacy and Data Security
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Does your business handle or store sensitive data or data that includes personal information about your employees or your customers?
Scams and Fraud
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about phishing, social engineering, online fraud, identity theft, malicious software, telephone scams and more.
All businesses can be susceptible to scams and fraud. Therefore, we recommend this topic be part of any basic cyber security plan. Do you wish to include this section?
Network Security
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about computer networks, password policies, secure wireless connections, encryption, remote access, Internet access and more.
Does your business have an internal network - a group of computers connected together a�� and/or a Wireless Local Area Network (e.g, a WiFi router)?
Website Security
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about securing a public website, including server security, login and transaction encryption, Web applications, links and redirects.
Does your small business have a public website?
Email
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about filtering, employee training, email retention and management, and creating email policies.
Do you use either a business email account or personal email account to conduct business or interact with customers and/or employees?
Mobile Devices
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about mobile security practices, threats and emergency preparedness planning for small businesses and their employees.
Does your business use any Internet-connected mobile technology, such as smartphones, laptops and tablets?
Employees
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about hiring, background checks, partner companies, access controls and security training.
Does your business have more than one employee?
Facility Security
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about your companya��s physical security, including protection pf printed material, mail security and disposal of trash and electronic equipment.
Does your small business have physical assets that need to be protected, including printed material and electronic equipment?
Operational Security
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about developing a plan to secure information and networks critical to business operations.
Does your small business store data that would be valuable to cyber criminals, such as proprietary information valuable to your company's operations or sensitive customer data, such as personally identifiable information?
Payment Cards
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about electronic transactions, secure services, access to payment systems, protecting and storing customer data and more.
Does your business accept credit card payments or other electronic payments?
Incident Response and Reporting
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about phishing, social engineering, online fraud, identity theft, malicious software, telephone scams and more.
All businesses should include an understanding of how to respond to a cyber attack as part of any basic cyber security plan, and thus we recommend you include this section. Do you wish to include?
Policy Development, Management
Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.
Include this topic for information about developing security policies, roles and responsibilities, employee behavior and protecting your companya��s reputation.
All business with employees can benefit from having written security policies and procedures. Do you wish to include this section?
