Advice and counsel?

Share This Page

According to the proverbs of Solomon, “Plans fail for lack of counsel, but with many advisers they succeed.” Of course, there’s no one-size-fits-all plan to guarantee the security of personal information in your company’s possession. But one effective strategy is to consider what experts at different agencies and organizations are saying. They offer a variety of tips and techniques, but the foundational principles of sound security remain the same. Just in time for Privacy Awareness Week – an initiative of the Asia Pacific Privacy Authorities, of which the FTC is a member – here are sites that some FTC staffers have bookmarked for reference:

States have helpful resources, too. For example, the California Attorney General’s Cybersecurity in the Golden State outlines practical steps for reducing the risk of cyberthreats. Check the website of your state AG or small business office for more guidance.

Can we officially endorse everything other groups suggest? Of course not. But if you scroll through resources from different agencies, nonprofits, and industry groups, you’ll see remarkable consistency in bedrock security principles for small businesses.

We also hope you consult the FTC’s data security resources. For starters, there’s Protecting Personal Information: A Guide for Business; the accompanying 20-minute online tutorial; our Privacy & Security portal for business, which links to the latest cases and guidance; and more than 200 Business Blog posts on privacy- and security-related topics.


Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.