Blog - FTC and SBA Guidance on Cybersecurity - Physical Security

The FTC and SBA have published guidance for small businesses regarding cybersecurity. As they work through the gamut of cyber risks and protections - they cover one topic that many business owners aren’t considering, physical security.

In the realm of cybersecurity, businesses must keep track of any devices that may create, store, or utilize sensitive data. There are many such devices including laptops, desktops, smartphones, tablets, USB thumb drives, cameras, and backup media.

However, in the broader realm of information security, it is also important to consider physical copies of sensitive data. Is your business properly protecting printouts? Are these paper records protected from theft? Are these records properly disposed of?

  • Store Securely. Is sensitive data, whether printed or on physical devices, secured from physical theft?

  • Limited Physical Access. The company should control who has physical access to sensitive data.

  • Send Reminder. User education is necessary to support this critical protection. Is there regular education on expectations for physical security?

  • Keep Stock. Companies should keep track of devices that may utilize sensitive data.

  • Shred Document. Physically destroy paper records.

  • Safe Disposal of Devices. Similar to paper records, companies must ensure that digital devices are properly disposed of - to ensure sensitive data is not recoverable.

The protection of data goes beyond simple bits and bytes. Physical protections must be enabled to ensure that bad guys don’t get a hold of sensitive business information.

—————————————————————————————————————-

The Federal Trade Commission and Small Business Administration have collaborated to publish guidance (https://www.ftc.gov/tips-advice/business-center/small-businesses/cybersecurity) for these companies. This guidance is a great place to start for business leadership that is worried about cyber issues but aren’t sure where to begin.

North Wonders has produced a self-guided security assessment tool based on the SBA guidance referenced above. This tool (https://www.northwonders.com/offering/#self-guided) allows small businesses to quickly see their cyber hot spots and get actionable guidance on correcting any issues. For more information please contact us at Info@NorthWonders.com.