Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Securing Data & Devices

This page contains guidance to help you protect the security of your business information and devices (like cell phones and laptops).

Topics

Authentication

Supplementing Passwords – provides an overview of authentication methods more secure than passwords
Department of Homeland Security

Choosing and Protecting Passwords – tips for choosing good passwords and protecting them from unauthorized people who might exploit them
Department of Homeland Security

Data Protection

Using Caution with USB Drives – summarizes security risks associated with USB drives and how to protect the data on them
Department of Homeland Security

Effectively Erasing Files – tips on how to securely erase files to protect disclosure of sensitive data
Department of Homeland Security

Understanding Digital Signatures -  overview of digital signatures, which are used to validate the authenticity and integrity of a message
Department of Homeland Security

Understanding Encryption – overview of how encryption can be used to protect your data
Department of Homeland Security

Denial of Service

Understanding Denial-of-Service Attacks – description of the threat of denial-of-service attacks and tips for protecting your business
Department of Homeland Security

Internet of Things

Securing the Internet of Things – tips for ensuring Internet of Things devices are secure
Department of Homeland Security

Careful Connections: Building Security in the Internet of Things - advice for businesses about building security into products connected to the Internet of Things, including proper authentication, reasonable security measures, and carefully considered default settings
Federal Trade Commission

Malware (Ransomware, Viruses, Spyware, etc.)

Ransomware – a consolidated website with information on ransomware alerts, reports, and resources from CISA, the FBI, and other federal partners.
CISA

Understanding Anti-Virus Software – an overview of how to use anti-virus software to protect your business
Department of Homeland Security

Coordinating Virus and Spyware Defense – cautions about installing too many or the wrong type of malware defense software
Department of Homeland Security

Protecting Against Malicious Code – a description of viruses, worms, and Trojan horses and tips for protecting your business from these types of malicious code
Department of Homeland Security

Handling Destructive Malware – an overview of the threat of destructive malware, potential distribution vectors, and tips for protecting your business
Department of Homeland Security

Understanding Hidden Threats: Rootkits and Botnets – an overview of rootkits and botnets and tips for protecting your business
Department of Homeland Security

Recognizing Fake Antiviruses – description of the fake antivirus threat and tips for avoiding and recovering from fake antivirus software
Department of Homeland Security

Understanding Hidden Threats: Corrupted Software Files – an overview of how malicious files can impact your electronic devices and tips for protecting your business
Department of Homeland Security

Ransomware – an overview of ransomware and tips to protect your business
Federal Trade Commission

Recognizing and Avoiding Spyware – an overview of spyware, why malicious spyware could be damaging to your business, how to detect spyware, and tips for protecting your business
Department of Homeland Security

Recovering from Viruses, Worms, and Trojan Horses
Department of Homeland Security

Mobile Devices

Protecting Portable Devices: Physical Security – risks to mobile devices and tips for protecting them
Department of Homeland Security

Protecting Portable Devices: Data Security – tips to prevent data theft from mobile devices
Department of Homeland Security

Defending Cell Phones and PDAs Against Attack – risks to cell phones and personal data assistants and tips to protect them
Department of Homeland Security

FCC Smartphone Security - FCC consumer tool designed to help the many smartphone owners who aren't protected against mobile security threats.
Federal Communications Commission

Phishing, Email, & Social Engineering

Email Authentication – overview of email authentication methods and tips for what to do if you suspect your business emails are being spoofed
Federal Trade Commission

Understanding Your Computer: Email Clients – overview of different types of email clients
Department of Homeland Security

Phishing – an overview of phishing and tips for protecting your business from phishing attacks
Federal Trade Commission

Avoiding Social Engineering and Phishing Attacks – tips for protecting your business from social engineering and phishing
Department of Homeland Security

Physical Security

Physical Security – tips on protecting your business equipment, paper files, and data
Federal Trade Commission

Proper Disposal of Electronic Devices – the importance of and methods for disposing of electronic devices securely
Department of Homeland Security

Protecting Portable Devices: Physical Security – risks to mobile devices and tips for protecting them
Department of Homeland Security

Privacy

Privacy Framework Quick Start Guide  – Getting Started with the NIST Privacy Framework: A Guide for Small and Medium Businesses is intended to help any organization get a risk-based privacy program off the ground or improve an existing one.    
National Institute of Standards and Technology

Privacy is Good for Business – tips for creating a culture of respecting privacy, safeguarding data and enabling trust in your organization
National Cybersecurity Alliance and U.S. Small Business Administration

Protecting Your Privacy – tips for protecting the privacy of your information
Department of Homeland Security

Protecting Personal Information: A Guide for Business - practical tips for business on creating and implementing a plan for safeguarding personal information
Federal Trade Commission

Securing a New Computer

Before You Connect a New Computer to the Internet – tips for securing a computer prior to connecting it to a network
Department of Homeland Security

Software & Applications

Understanding Your Computer: Operating Systems – overview of an operating systems, which is the main program on a computer
Department of Homeland Security

Understanding Patches and Software Updates – description of the importance of applying periodic fixes and updates to software
Department of Homeland Security

Understanding Voice over Internet Protocol (VoIP) – overview of voice over Internet Protocol and its security implications
Department of Homeland Security

Risks of File-Sharing Technology – security risks of file sharing and peer-to-peer applications
Department of Homeland Security

Web and Social Networking

Website Security – an overview of threats from website attacks and tips on how to protect your business
Department of Homeland Security

Understanding Website Certificates – basics of certificates used by websites that use encryption and tips for how to tell whether to trust a website certificate
Department of Homeland Security

Evaluating Your Web Browser's Security Settings – overview of common web browser security settings and tips for securing your web browser
Department of Homeland Security

Browsing Safely: Understanding Active Content and Cookies – description of the purpose of active content in websites and potential associated security and privacy concerns
Department of Homeland Security

Staying Safe on Social Networking Sites – security risks of social networking sites and tips on preventing the disclosure of sensitive data
Department of Homeland Security

Content outlined on the Small Business Cybersecurity Corner webpages contain documents and resources submitted directly to us from our contributors. These resources were identified by our contributors as information they deemed most relevant and timely—and were chosen based on the current needs of the small business community.  Certain commercial entities may be identified in this Web site or linked Web sites. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.

Created February 7, 2019, Updated September 20, 2022