Section 1: Securing Your Business
Chapter 1 – Lock the Doors
The first step is to control access to the business. Gangs and organized crime have moved into cybercrime and their first step is to “case the joint.” Lock the door, lock the closet where you keep the servers and lock the registers.
Chapter 2 – Cyber Awareness
Next we move on to some basic cyber awareness. We describe phishing, proper cyber-hygiene at the high-level and discuss industries (those that take credit cards, those that provide healthcare services) that have specific rules.
Chapter 3 – Protecting Your Network
We keep it simple and talk about Anti-virus/Anti-Malware software, network, routers and firewalls, WiFi basics, VPNs, and performing regular updates.
Chapter 4 – Updates and Backups
Taking regular backups is a critical step that requires its own chapter. We address onsite and offsite and what the objectives are with backups – to protect you from mistakes, to protect you from losing files due to server or disk failure, and to protect you from ransomware.
Chapter 5 – Access Management and Strong Passwords
Next we tackle three more technical issues. We start with access, and talk about specific access by function, giving access to employees that is not all powerful and knowing when and how to use virtual private networks (VPNs) and multi-factor authentication (MFA).
Section 2: Securing Your Brand
Chapter 6 – Web and Social Media Security
The small business owner’s web presence has changed a lot over the years. We’ll discuss the basic procedures that are needed, such as updating regularly, checking emails or other customer interaction and paying for the key protections that their hosting companies offer. Social media is more than just Facebook and Twitter. We talk about the key services, including those two and Instagram and listing sites, such as Yelp! and Google. We also talk about messaging, social profiles, and behavior. Given that there are so many platforms for ratings and listings, we suggest ways of searching for your business online and the importance of managing your online reputation.
Chapter 7 – Data Privacy
In this chapter we discuss the requirements that small businesses have for handling credit card data and medical records. This high-level, explains basic duties and training for staff and provide some resources for PCI (for merchants) and HIPAA (for sole-practitioner and small doctor offices).
Chapter 8 – Cyber Insurance
This is a great time to talk about the insurance policy, what you should look for, what it covers and what it doesn’t and how to work with carriers to be an acceptable customer. Verifying riders and terms and conditions.
Chapter 9 – Be Ready
The last chapter is devoted to what the reader should do once they have finished this book.