Ron Teixeira, executive director of the NCSA, warned that as small businesses continue to rapidly adopt networking, wireless and internet technologies, the lack of security controls within these organizations is becoming more apparent.
According to Symantec's 2005 Small Business Information Security Readiness Report, 56 percent of small businesses have experienced at least one security incident in the past year, yet only 30 percent have increased spending on information security solutions.
"The lack of security awareness among small businesses is a growing concern," said Teixeira. "With continued focus on education efforts tailored for the small business community, we hope to increase understanding and provide small businesses with the basic tools necessary to run their organizations securely and productively."
As part of NCSA's small business campaign, and in conjunction with the Cyber Security Industry Alliance (CSIA), the following tips have been developed to help small businesses operate more securely:
Ensure that all employees use effective passwords. Encourage passwords that are comprised of different characters and change them every 60 to 70 days, but no longer than 90 days.
Consider using multi-factor authentication as a way to better secure your systems.
Protect your systems. Install and use anti-virus, anti-spyware and anti-adware programs on all computers in your business.
Ensure that your computers are protected by a firewall.
Keep all software up-to-date. Ensure that all computer software is up-to-date and contains the most recent patches (i.e., operating system, anti-virus, anti-spyware, anti-adware, firewall and office automation software).
Create backups. Make regular (weekly) back-up copies of all of your important data/information. Store a secured copy away from your office location and use encryption to protect any sensitive information about your company and customers.
Be prepared for emergencies. Create a contingency plan for your business so you can recover if you experience an emergency. Include plans to continue business operations at an alternate location when necessary. Test your plan annually.
Make sure to erase all data on the hard drive before recycling or throwing away a computer.
Report internet crime. Locate and join an organization of your peers for information sharing purposes.
If you suspect fraud or criminal intent, report it to local law enforcement agencies, FBI, U.S. Secret Service or state attorney general's office.
More information regarding the National Cyber Security Alliance's small business efforts and cyber security tips can be found at www.staysafeonline.org.