The online marketplace is the new Main Street in America. The National Broadband Plan estimates that 97% of small businesses use email and 74% have a company website. Small businesses are more dependent on the Internet for their day-to-day operations than they were a year ago. That should come as no surprise as the proliferation of smart phones, tablets, and apps enables businesses and households to conduct more and more of their daily activities online—from paying bills to shopping to communicating with colleagues, employees, and customers.
Small businesses handle an array of sensitive information (e.g., customer data, financial records, and intellectual property) that warrants protection from bad actors. As larger companies improve their defenses and resilience against cyber threats, small businesses have become the low-hanging fruit for cyber criminals.
Through the U.S. Chamber of Commerce’s Internet Security Essentials for Business 2.0 guide, business owners, managers, and employees are urged to adopt fundamental Internet security practices to reduce network weaknesses and make the price of successful hacking increasingly steep. The guide emphasizes the following points:
- All businesses should understand common online risks that may lead them to become victims of cybercrime. This guide is ultimately about business preparedness, defense, and resilience.
- Perfect online security is unattainable, even for large businesses. But there are inexpensive practices that can be implemented to improve the security of your information, computers, and networks.
- Businesses need to know how and to whom to report cyber incidents and online crime.
- Cybersecurity is a team sport. Taking the actions recommended in this guide will have positive consequences for the security of businesses, communities, and the country. The interconnectedness of computers and networks in cyberspace means that the public and private sectors share responsibility.
Download Free Internet Security Resources
The U.S. Chamber, Bank of America, Microsoft Trustworthy Computing, Splunk, and Visa have teamed up to provide businesses with the cyber guidebook, which gives small and medium-size businesses tools for protecting computers and networks and responding to cyber incidents. Here are some educational resources:
Internet Security at Work Toolkit
Microsoft offers the toolkit free to help you teach employees how to protect company, customer, and employee information. It includes the following resources with instructions on how to use them:
- Tip Card: Top Tips for Internet Security at Work
- Information condensed into a printable, double-sided card.
- Presentation: Internet Security at Work PowerPoint
- 30-minute slide presentation with speaker’s notes.
- Video: Stay Sharp on Internet Safety at Work
- Presentation information condensed into a 3-minute video.
- Quiz: Test Your Internet Security IQ
- Printable 10-question quiz to help spread awareness among your employees.
- Poster: Internet Security Begins With You
- Let employees know about the presentation.
For a copy of the complete toolkit on a flash drive, email firstname.lastname@example.org.
Security Intelligence and Compliance
Splunk helps businesses make machine data accessible, usable, and valuable to everyone. Splunk takes terabytes of data in variable formats and allows you to effortlessly mine and continuously monitor them for information and insight. Here are some links to online resources to get started:
Data Security Resources
There are a number of common best practices that companies can adopt to protect payment data from online and other threats. Here are resources from Visa:
- Data Security Guide for Small Businesses
- Security Sense for Retailers
- Interactive Business Guide to Data Security
- PCI DSS Data Security Compliance Program with Informational Alerts, Bulletins, and Webinars
STOP. THINK. CONNECT.—online safety and security education and awareness campaign
National Cyber Security Alliance—tools and resources for business and home users
Federal Communication Commission (FCC) and partners’ Small Biz Cyber Planner—an online resource to help small businesses create customized cybersecurity plans
Multi-State Information Sharing and Analysis Center (MS-ISAC)—cybersecurity guides, toolkits, and newsletters
National Institute of Standards of Technology (NIST), Computer Security Division, Computer Security Resource Division; NIST Small Business Corner
Department of Homeland Security (DHS) Cybersecurity Awareness Month and related resources
United States Computer Emergency Readiness Team (US-CERT) cybersecurity tips
Department of Justice (DOJ) Computer Crime and Intellectual Property Security Section—links to report Internet-related and intellectual property crime
Secret Service Electronic Crimes Task Force (ECTF)—links to more than 20 state and local ECTFs
The White House, Cyberspace Policy Review: Assuring a Resilient and Trusted Information and Communications Infrastructure
The U.S. Chamber of Commerce does not endorse any of the products or services contained here and in the guidebook.