Cyber Security Assessment

This assessment will take approximately 15 minutes. It will help you identify areas of strengths and weaknesses in your current cybersecurity policies and procedures. At the end of the assessment you will receive your results via email, a grade, and have an opportunity to ask for further assistance.
To begin, have you identified the confidential data (credit card numbers, social security numbers, etc...) collected or stored on your servers/computers?(Required)
Have your employees been trained to identify phishing emails?(Required)
How do you restrict employee access to confidential information stored on your servers/computers?(Required)
How often does your business update the operating systems on devices that have access to confidential information?(Required)
Have you identified all of the devices that store or have access to confidential information?(Required)
Do you remove non-essential applications from business hardware?(Required)
Does you business require the use of a Password Manager (Dashlane, Lastpass, etc.)?(Required)
How do you manage your employees' passwords?(Required)
How complex are your passwords?(Required)
How often do you change your passwords?(Required)
Do your computers automatically time-out after a duration of inactivity?(Required)
How does your company utilize firewalls in order to block unauthorized access?(Required)
How often do you train your employees on the company's cybersecurity policy and procedure?(Required)
Do you allow your employees to access company files remotely?(Required)
Does your business have anti-virus software?(Required)
Does your business have anti-malware protection?(Required)
Is your business up to date in order to detect viruses or malware?(Required)
How often do you check your devices for any malware attacks?(Required)
How often do you backup your data?(Required)
In the event of a cyber-attack, what response plan do you have in place? (Select all applicable responses)(Required)
If a breach has occurred in the past, have you made changes to your system to ensure that this same breach will not occur again?(Required)
A good practice for when a cyber-attack does occur, is to have an individual or group of individuals assigned to not only control the attack, but also to discover how or where the attack occurred. Do you have an individual or group assigned to do that?(Required)
Do you have easy access to contact information for the following resources that can help you recover? (Check all that apply)(Required)
Do you have a detailed recovery plan that says what action you and your employees will take to bring your business back to normal following a cyber-attack?(Required)
Is there someone in your organization who is designated to manage recovery after a cyber-attack?(Required)
You should notify customers if their confidential information has been or might have been stolen. Does your business have a plan in place to notify customers if this occurs?(Required)
If you would like your results emailed to you enter your email address above. Information that you provide is highly confidential. We encourage you to print these results and request a meeting with a Nevada SBDC adviser to discuss methods to improve your small business cybersecurity. Visit our website: to find the location closest to you, and register for an appointment.