TheÂ National Institute of Standards and Technology has released a cybersecurity guide meant to help small businesses secure information systems.
NIST said WednesdayÂ it createdÂ theÂ Small Business Information Security: The Fundamentals guideÂ in an effort toÂ provide basic cybersecurity steps and walk small business owners through a risk assessment process.
“Businesses of all sizes face potential risks when operating online and therefore need to consider their cybersecurity,” said Pat Toth, lead author of the NIST guide.
“Small businesses may even be seen as easy targets to get into bigger businesses through the supply chain or payment portals,” Toth added.
The guide also contains worksheets to help small businesses identify information they store and use; determine the information’s value; and assess potentialÂ risks in case the information’s confidentiality, integrity or availability is compromised, NIST said.
The agency noted the publication outlinesÂ strategiesÂ toÂ regulateÂ employee access to data and information; conduct information security training for employees; establishÂ information securityÂ policy and procedures; encrypt data; install web and email filters; and update operating systems and applications.
NIST added the guide recommends that small businessesÂ install surge protectors and uninterruptible power supplies; look intoÂ cybersecurity insurance; andÂ find reputable cybersecurity contractors.
The documentÂ is basedÂ on the agency’sÂ Framework for Improving Critical Infrastructure Cybersecurity that was published in 2014 to provideÂ standards and best practices fromÂ the federal government and industry.