IT Compliance Advisor

Sep 11 2009   8:46PM GMT

The fundamentals of information security for SMBs — easy to read, free



Posted by: Linda Tucci
Tags:
Information security
NIST

Information security pros weary of explaining the basics of protecting their companies’ information, systems and networks to employees who really don’t want to be bothered might want to take a look at “Small Business Information Security: The Fundamentals.” This straightforward, easy-to-read, free guide from the National Institute of Standards and Technology (NIST) is aimed at SMBs with up to 500 employees, as its title states. I think it would prove just as useful for employees at remote offices where IT staffs are small or nonexistent and it’s important that employees bear responsibility for information security. The draft guide, slated for final form by October, is written for people with little or no technical expertise. Author and NIST computer scientist Richard Kissel said the decision to keep the fundamentals, well, fundamental, stemmed from many years on the road teaching small business owners how to make themselves “less of a target” for malicious attacks and security snafus.

“What we found was that our audiences weren’t technical at all. They were small-business people. They were mechanics, they were printers, they were doctors and dentists. They were good at what they did, but what they did was not IT and it wasn’t information security,” Kissel said. “They had no idea what to do.”

The 20 pages of advice lay out 10 “absolutely necessary” actions, 10 “highly recommended” and include a section on business continuity and disaster recovery. Worksheets for prioritizing and protecting data, as well as estimating the cost of bad stuff happening to that data, round out the packet.

If you don’t think users would appreciate the primer, it might make an early holiday gift for those neighbors and relatives who call you in a panic when viruses, spam or other nastiness put their computers out of commission. I enjoyed it, then promptly sent a copy to my 20-something daughter, who, like most employees her age, takes her work wherever she goes, turning her personal laptop into a small business.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: