Cybersecurity risks aren’t deterred by current world events. While many of us find ourselves working from home this spring, it may be the perfect time to shore-up our online security and privacy with a spring digital cleaning.

Small to medium size businesses (SMBs) should take particular care of their digital safety right now because many aspects of day-to-day operations are becoming digital in the wake of social distancing and stay-at-home orders.

The National Cyber Security Alliance (NCSA) and Better Business Bureau (BBB) recommend several quick-win action items for SMB owners and managers that will not only improve the cyber safety stance of  the business, but also help protect employees and customers, too. Here is what they recommend:

  • Take a moment to re-evaluate what data your business collects and stores—be it from customers, vendors or even employees. Determine whether you need that information for a legitimate business purpose. If you don’t, safely dispose of it and stop collecting it.
  • Make spring a time when you and your managers consider your organization’s readiness for a security or privacy incident. Review and update plans and responsibilities as a cross-functional team.
  • Consider who in your business has access to what information and when. Then, lessen the risk of security or privacy incidents impacting your employees or customers by granting access only to individuals who need it to complete their assigned job responsibilities. Consider allocating access privileges based on job duties, not job titles.

These are just a few things you can do this spring; but, what about throughout the year? The NCSA says security and privacy are year-round efforts for SMBs and involve all employees.

“Make digital security part of your business’s culture,” said Kerry Kremke, chief security  and privacy officer for Blue Cross and Blue Shield of Nebraska. “Owners and managers can think of it like a security awareness loop with employees: you analyze your current situation, plan how to best handle any areas of opportunity, train employees, reinforce that training throughout the year and repeat that cycle.”

For a toolkit to get started with security and privacy in your SMB, check out this resource from the NCSA or visit