Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Securing Data & Devices
This page contains guidance to help you protect the security of your business information and devices (like cell phones and laptops).
Topics
Authentication
Supplementing Passwords – provides an overview of authentication methods more secure than passwords
Department of Homeland Security
Choosing and Protecting Passwords – tips for choosing good passwords and protecting them from unauthorized people who might exploit them
Department of Homeland Security
Data Protection
Using Caution with USB Drives – summarizes security risks associated with USB drives and how to protect the data on them
Department of Homeland Security
Effectively Erasing Files – tips on how to securely erase files to protect disclosure of sensitive data
Department of Homeland Security
Understanding Digital Signatures - overview of digital signatures, which are used to validate the authenticity and integrity of a message
Department of Homeland Security
Understanding Encryption – overview of how encryption can be used to protect your data
Department of Homeland Security
Denial of Service
Understanding Denial-of-Service Attacks – description of the threat of denial-of-service attacks and tips for protecting your business
Department of Homeland Security
Internet of Things
Securing the Internet of Things – tips for ensuring Internet of Things devices are secure
Department of Homeland Security
Careful Connections: Building Security in the Internet of Things - advice for businesses about building security into products connected to the Internet of Things, including proper authentication, reasonable security measures, and carefully considered default settings
Federal Trade Commission
Malware (Ransomware, Viruses, Spyware, etc.)
Ransomware – a consolidated website with information on ransomware alerts, reports, and resources from CISA, the FBI, and other federal partners.
CISA
Understanding Anti-Virus Software – an overview of how to use anti-virus software to protect your business
Department of Homeland Security
Coordinating Virus and Spyware Defense – cautions about installing too many or the wrong type of malware defense software
Department of Homeland Security
Protecting Against Malicious Code – a description of viruses, worms, and Trojan horses and tips for protecting your business from these types of malicious code
Department of Homeland Security
Handling Destructive Malware – an overview of the threat of destructive malware, potential distribution vectors, and tips for protecting your business
Department of Homeland Security
Understanding Hidden Threats: Rootkits and Botnets – an overview of rootkits and botnets and tips for protecting your business
Department of Homeland Security
Recognizing Fake Antiviruses – description of the fake antivirus threat and tips for avoiding and recovering from fake antivirus software
Department of Homeland Security
Understanding Hidden Threats: Corrupted Software Files – an overview of how malicious files can impact your electronic devices and tips for protecting your business
Department of Homeland Security
Ransomware – an overview of ransomware and tips to protect your business
Federal Trade Commission
Recognizing and Avoiding Spyware – an overview of spyware, why malicious spyware could be damaging to your business, how to detect spyware, and tips for protecting your business
Department of Homeland Security
Recovering from Viruses, Worms, and Trojan Horses
Department of Homeland Security
Mobile Devices
Protecting Portable Devices: Physical Security – risks to mobile devices and tips for protecting them
Department of Homeland Security
Protecting Portable Devices: Data Security – tips to prevent data theft from mobile devices
Department of Homeland Security
Defending Cell Phones and PDAs Against Attack – risks to cell phones and personal data assistants and tips to protect them
Department of Homeland Security
FCC Smartphone Security - FCC consumer tool designed to help the many smartphone owners who aren't protected against mobile security threats.
Federal Communications Commission
Phishing, Email, & Social Engineering
Email Authentication – overview of email authentication methods and tips for what to do if you suspect your business emails are being spoofed
Federal Trade Commission
Understanding Your Computer: Email Clients – overview of different types of email clients
Department of Homeland Security
Phishing – an overview of phishing and tips for protecting your business from phishing attacks
Federal Trade Commission
Avoiding Social Engineering and Phishing Attacks – tips for protecting your business from social engineering and phishing
Department of Homeland Security
Physical Security
Physical Security – tips on protecting your business equipment, paper files, and data
Federal Trade Commission
Proper Disposal of Electronic Devices – the importance of and methods for disposing of electronic devices securely
Department of Homeland Security
Protecting Portable Devices: Physical Security – risks to mobile devices and tips for protecting them
Department of Homeland Security
Privacy
Privacy is Good for Business – tips for creating a culture of respecting privacy, safeguarding data and enabling trust in your organization
National Cybersecurity Alliance and U.S. Small Business Administration
Protecting Your Privacy – tips for protecting the privacy of your information
Department of Homeland Security
Protecting Personal Information: A Guide for Business - practical tips for business on creating and implementing a plan for safeguarding personal information
Federal Trade Commission
Securing a New Computer
Before You Connect a New Computer to the Internet – tips for securing a computer prior to connecting it to a network
Department of Homeland Security
Software & Applications
Understanding Your Computer: Operating Systems – overview of an operating systems, which is the main program on a computer
Department of Homeland Security
Understanding Patches and Software Updates – description of the importance of applying periodic fixes and updates to software
Department of Homeland Security
Understanding Voice over Internet Protocol (VoIP) – overview of voice over Internet Protocol and its security implications
Department of Homeland Security
Risks of File-Sharing Technology – security risks of file sharing and peer-to-peer applications
Department of Homeland Security
Web and Social Networking
Website Security – an overview of threats from website attacks and tips on how to protect your business
Department of Homeland Security
Understanding Website Certificates – basics of certificates used by websites that use encryption and tips for how to tell whether to trust a website certificate
Department of Homeland Security
Evaluating Your Web Browser's Security Settings – overview of common web browser security settings and tips for securing your web browser
Department of Homeland Security
Browsing Safely: Understanding Active Content and Cookies – description of the purpose of active content in websites and potential associated security and privacy concerns
Department of Homeland Security
Staying Safe on Social Networking Sites – security risks of social networking sites and tips on preventing the disclosure of sensitive data
Department of Homeland Security
Content outlined on the Small Business Cybersecurity Corner webpages contain documents and resources submitted directly to us from our contributors. These resources were identified by our contributors as information they deemed most relevant and timely—and were chosen based on the current needs of the small business community. Certain commercial entities may be identified in this Web site or linked Web sites. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.