You must first complete Securing Wireless Networks before viewing this Lesson
Reading Time: 23 minutes

Data Security

Many companies keep sensitive personal information about customers or employees in their files or on their network. Having a sound security plan in place to collect only what you need, keep it safe, and dispose of it securely can help you meet your legal obligations to protect that sensitive data. The FTC has free resources for businesses of any size.
App developers: How does your app size up? Have your built security in from the start? The FTC has a dozen tips to help you develop kick-app security for your product.
For debt buyers and sellers, keeping sensitive information secure should be business as usual. The FTC has seven tips for members of the industry to help reduce the risk of unauthorized disclosure.
Advice for businesses about building security into products connected to the Internet of Things, including proper authentication, reasonable security measures, and carefully considered default settings.
Guidance for business on complying with the FTC’s Health Breach Notification Rule. Who’s covered by the Rule and what companies must do if they experience a breach of personal health records.
If you report information about consumers to consumer reporting agencies (CRAs) — like a credit bureau, tenant screening company, or check verification service — you have legal obligations under the Fair Credit Reporting Act’s Furnisher Rule.
Learn the basics for protecting your business from cyber attacks. The business cybersecurity resources in this section were developed in partnership with the National Institute of Standards and Technology, the U.S. Small Business Administration, and the Department of Homeland Security.
This guide addresses the steps to take once a breach has occurred. For advice on implementing a plan to protect consumers’ personal information, to prevent breaches and unauthorized access, check out the FTC’s Protecting Personal Information: A Guide for Business and Start with Security: A Guide for Business.
Does your company keep sensitive data — Social Security numbers, credit reports, account numbers, health records, or business secrets? If so, then you’ve probably instituted safeguards to protect that information. Your information security plans also should cover the digital copiers your company uses. If the data on your copiers gets into the wrong hands, it could lead to fraud and identity theft.
Once your business is finished with sensitive information derived from consumer reports, what happens to it then? Under the Disposal Rule, your company must take steps to dispose of it securely.
Tips for organizations under FTC jurisdiction to determine whether they need to design an identity theft prevention program.
Under the Safeguards Rule, financial institutions must protect the consumer information they collect. Learn if your business is a “financial institution” under the Rule. If so, have you taken the necessary steps to comply?
Under the FTC’s Health Breach Notification Rule, companies that have had a security breach must: 1. Notify everyone whose information was breached; 2. In many cases, notify the media; and 3. Notify the FTC.
Explains how medical identity theft occurs, and how health care providers and insurers can minimize the risk and help their patients if they’re victimized.
When developing a health app, sound privacy and security practices are key to consumer confidence. Here are some best practices to help you build privacy and security into your app. These practices also can help you comply with the FTC Act.
You’re developing a health app for mobile devices and you want to know which federal laws apply. Check out this interactive tool.
Most businesses collect and store sensitive information about their employees and customers. If you use Peer-to-Peer (P2P) file sharing software in your business, consider the security implications and minimize the risks associated with it.
Practical tips for business on creating and implementing a plan for safeguarding personal information.
It’s just common sense that any company or organization that collects personal information from customers or employees needs a security plan. Learn more about designing and implementing a plan tailor-made to your business.
What’s on the credit and debit card receipts you give your customers? Under federal law, you must delete the card’s expiration date and shorten the account information to include no more than the last five digits of the card number.
If you’re running a small business with only a few employees, you’ve learned about a lot of things – accounting, marketing, HR, you name it. And you probably depend on technology, even if it’s only a computer and a phone. You can’t afford to get thrown off-track by a hacker or scammer.

Data Security

Many companies keep sensitive personal information about customers or employees in their files or on their network. Having a sound security plan in place to collect only what you need, keep it safe, and dispose of it securely can help you meet your legal obligations to protect that sensitive data. The FTC has free resources for businesses of any size.

GUIDANCE

Outreach materials to use outside the library

From ebooks to avoiding email scams (print)

Everything from ebooks to avoiding email scams. It’s at your local library.

FBI

External Links & Resources 

Mailing Lists and Feeds

US-CERT offers mailing lists and feeds for a variety of products including the National Cyber Awareness System and Current Activity updates. The National Cyber Awareness System was created to ensure that you have access to timely information about security topics and threats.

Subscribe to a Mailing List

To make it easier for you to receive the information, US-CERT offers four mailing lists that you can subscribe to. You may choose one or more of the following types of documents:

  • Alerts — timely information about current security issues, vulnerabilities, and exploits
  • Analysis Reports — in-depth analysis on new or evolving cyber threats
  • Bulletins — weekly summaries of new vulnerabilities. Patch information is provided when available
  • Tips — advice about common security issues for the general public
  • Current Activity — up-to-date information about high-impact types of security activity affecting the community at large

To learn more or subscribe, visit the subscription system. and complete the process. You will need to confirm your subscription by responding to an email message that will be sent to the address you provide. If you have any questions, read the FAQ.
 

Feeds for Some of Our Security Documents

You can view US-CERT security documents on our website or use the below RSS feeds. You can also add these feeds to your MSN or Yahoo! homepage if you have one.

National Cyber Awareness System (NCAS) Feeds

 

Embed Our Tweets in Your Website

This code snippet is provided “as is” for informational purposes only.  The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding the code or its operation. The DHS does not endorse any commercial product or service.

Copy the code below and paste it anywhere in your website/webpage/blog where full HTML is permitted to add a timeline of Tweets from USCERT_gov. In the case of a content management system, please ensure the editor is configured to allow full HTML.

<a class=”twitter-timeline” data-dnt=”true” href=”https://twitter.com/USCERT_gov” data-widget-id=”714836104025935873″>Tweets by @USCERT_gov</a>
<script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?’http’:’https’;if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+”://platform.twitter.com/widgets.js”;fjs.parentNode.insertBefore(js,fjs);}}(document,”script”,”twitter-wjs”);</script>

 

STOP. THINK. CONNECT. ™

National Cyber Security Awareness Month logoThe STOP.THINK.CONNECT.™ Campaign is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. Cybersecurity is a shared responsibility. We each have to do our part to keep the Internet safe. When we all take simple steps to be safer online, it makes using the Internet a more secure experience for everyone. 

National Cybersecurity Awareness Month (NCSAM) 2019 will promote personal accountability and encourage proactive behavior to enhance cybersecurity. Stay up to date on everything NCSAM 2019 here!

Cyber Tips and Resources

Are you safe online? Visit the online resource guide to find out. Brought to you by DHS Stop.Think.Connect.

There are some simple habits you can adopt that, if performed consistently, may dramatically reduce the chances that the information on your computer will be lost or corrupted.

Homeland Security

Federal Virtual Training Environment

The Federal Virtual Training Environment (FedVTE) is a free, online, on-demand cybersecurity training system managed by DHS that is available to federal and SLTT government personnel, veterans, and federal government contractors, and contains more than 800 hours of training on topics such as ethical hacking, surveillance, risk management, and malware analysis. The department’s efforts focus on building a strong cyber workforce that can keep up with evolving technology and increasing cybersecurity risks.

Resource benefits include:

  • Diverse courses – The program offers more than 300 demonstrations and 3,000 related materials, including online lectures and hands-on virtual labs.
  • Certification offerings – Offerings include Network +, Security +, Certified Information Systems Security Professional (CISSP), Windows Operating System Security, and Certified Ethical Hacker.
  • Experienced instructors – All courses are taught by experienced cybersecurity subject matter experts.

For more information, visit niccs.us-cert.gov/training/federal-virtual-training-environment-fedvte. To register for an account and for more information on available courses, visit fedvte.usalearning.gov.

Five products in the National Cyber Awareness System offer a variety of information for users with varied technical expertise. Those with more technical interest can read the Alerts, Analysis Reports, Current Activity, or Bulletins. Users looking for more general-interest pieces can read the Tips.

A subscription to any or all of the National Cyber Awareness System products ensures that you have access to timely information about security topics and threats. To learn more or to subscribe, visit the subscription system. You can also visit our Mailing Lists and Feeds page to learn more about how to subscribe or use our syndicated feeds. If you’re having trouble subscribing, read the FAQ.

Tips IconCheck out our tips and security publications for additional security information.

Cyber Resilience Review Downloadable Resources

FCC

Cybersecurity Resources for Small Businesses

The descriptions and links below are provided for informational purposes only. The FCC does not endorse any non-FCC product or service and is not responsible for the content of non-FCC websites, including their accuracy, completeness, or timeliness.

The FCC’s Cybersecurity and Small Business page provide links to information about government agencies and private that have educational resources and tools related to cybersecurity. If you would like information about your organization included in the Clearinghouse, please send an e-mail with a brief description and Internet link to your organization’s resource along with your contact information, to csroundtable@fcc.gov.

Back to: 🔥Synchronous Post Broker Course-2020s > Intra/Inter Office Confidentiality