The National Institute of Standards and Technology has published a free guide to the Fundamentals of Small Business Information Security. It offers tips on information security and cybersecurity that are specific to the needs, resources and restraints of small businesses.
The National Association of Tax Professionals recommends this guide not only for small business owners, but for their accounting practitioners. The nature of the work we do is inherently sensitive, and we should be protecting both our businesses and our clients by “making data security a daily priority”.
In order to do this, the guide suggests we first understand and manage our risks, and then safeguard that information. Their five-step-plan for this includes:
- Identify
- Protect
- Detect
- Respond
- Recover
The pdf publication not only provides details on how to accomplish each of these steps, it also includes an appendix of worksheets and another of templates for policy and procedure statements.
From the NIST:
For some small businesses, the security of their information, systems, and networks might not be their highest priority. However, an information security or cybersecurity incident can be detrimental to their business, customer, employees, business partners, and potentially their community. It is vitally important that each small business understand and manage the risk to information, systems, and networks that support their business.
Download the free guide here. Protect your data and your clients’ data, and be a value to those you serve by recommending they do the same.