This week’s #BusinessTipTuesday is all about cybersecurity and that is because it is National Fingerprint Day on July 27th. Fingerprints are completely unique to the individual, as the tip of each person’s finger is made up of tiny ridges, whorls, and valley patterns and were formed from pressure on a baby’s developing fingers in the womb. In fact, fingerprints are even more unique than genetic material and DNA! When it comes to security, people often use fingerprints are as a form of protection. Security is very important when it comes to your business and although it can be overwhelming, we understand and we can help!
Let’s drill down to the basics of cybersecurity. There are five central topics in which the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) discusses for cybersecurity. The central concepts are listed below:
- Identify- What structures and practices do you have in place to identify cyber threats?
- Protect- What are the best practices that you have in place to protect your system?
- Detect- What do you use to identify someone or something malicious?
- Respond- How will you deal with a breach if and when it occurs?
- Recover- How will you get your business back to normal after a breach?
Simply put, for Identify we are looking at who, what, and where? Knowing who is responsible for cybersecurity and what systems you have or what software you are using, is vital for long term success. Without knowing these answers you are unable to address them when issues come about. From there it is important to prioritize what data, systems, and software are necessary for the business to function. As well, when doing this note what information would be profitable to a hacker? Next, note what devices need protecting.
For Protect there are ways in which you can successfully ensure that your data is guarded. First, it is important to manage user identities as you are determining who is accessing data and at what time; then for passwords, guaranteeing that they are complex, frequently changed, and not reused. As well, remember to lock your systems after inactivity. As for data, it should be encrypted.
Detection is the process to recognize if something is going wrong on your network and, if possible, stopping it. All systems need some form of antivirus application that is installed, updated, and run regularly. Anti-malware applications are similar to antivirus applications, but most systems do typically require some combination of the two as they are designed to address different areas. Both antivirus and anti-malware are important in detecting any problems.
If a breach occurs, a Response needs to happen immediately; but for some companies, they may not have a plan in place that allows you to handle the breach as soon as possible. Creating a response plan before you are in need of it, is key. Another aspect of this would be to perform backups and have a regular schedule in which you do. Additionally, as incidents occur you learn lessons and you must incorporate what you have learned from one time to the next; you will know what works and what does not and then make sure to implement them for the next time.
Finally, when Recovery comes around it is time to put the pieces back together. This is the time to get your business back to a pre-incident state as quickly and smoothly as possible.
This brings to light the importance assessing your business and creating a plan in case of security breach. This can definitely be a daunting task but the University of Scranton Small Business Development Center is here to help. Visit www.scrantonsbdc.comfor more information and to sign up for consulting.
Danielle Guari
Business Consultant
The University of Scranton
Small Business Development Center
#pennsylvania #pa #sbdc #nepa #scranton #business #smallbiz #PASBDC #fingerprintday #fingerprint #cybersecurity #identity
