Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

This guide is intended for small businesses that have a pretty straightforward setup - eg you do not have a server in your back room, you use cloud services by default, and do not do any custom software development.

(If you have a server, or do custom software development, read ahead, and there will be more for you to do than is mentioned here).

Step 0 - The 6 Knows

Telstra has a great methodology called The Five Knows. I will add one more.

Know why you are embarking on this journey:

  • How does having good cybersecurity fit into your business values?

  • What benefit will good cybersecurity have for your business? Eg will it be that you are 20% better than your competitors, or just that you can sleep better at night?

Easy Mode

Get it Done

The Journey

Think about who, what, why, when:

  • What data do you store?

  • What data do you collect from your customers?

  • Where do you store that data? (Paper? Laptop? Cloud?)

  • Who in your business has access to that data?

  • What do you do with that data?

  • Where do you send that data?

Make lists of data, people, software, logins, hardware, devices:

  • Answer the Five Knows in notes to yourself.

  • Tip: If you have a Password Manager, use that as the list of Software, and make notes about what the software does, who accesses it, how much it costs, when is it due for renewal.

Start some Registers:

  • A Register of Software used

  • A Register of all Laptops, Phones, iPads, and any device connected to the internet. Include your home if you do a lot of work at home.

  • A register of all places data is stored, and what data is stored there Eg Dropbox, Google Drive, Xero…

  • Keep these registers in a place and format that can be easily updated.

Think about what would you like to be doing better?

Write down something about what being better at cybersecurity will look like.

Plan how you are going to bring your staff along on this journey.

Step 1 - Knowledge

Easy Mode

Get it Done

The Journey

Read the Australian Government Small Business Cybersecurity Guide.

  • Identify the areas you really don’t understand.

  • Ask for some help.

Decide if SMB1001 Gold self attestation may be good fit for your business.

  • Get your Technical Specialist onboard with your plan.

Heading for ISO27001? Wanting to do more government Work?

  • Decide which level you would like to get to, and within what time frame.

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.