{"id":2255,"date":"2016-12-29T14:36:09","date_gmt":"2016-12-29T14:36:09","guid":{"rendered":"https:\/\/tsisupport.com\/?p=2255"},"modified":"2021-10-29T00:40:57","modified_gmt":"2021-10-29T04:40:57","slug":"business-needs-wisp","status":"publish","type":"post","link":"https:\/\/tsisupport.com\/tsistaging\/?p=2255","title":{"rendered":"Small Business Cyber Security Plan: Why Your Business Needs a WISP"},"content":{"rendered":"<p style=\"text-align: justify;\">Not having a written information security program (WISP) for your business could be putting your data at risk of not only theft, but substantial legal\/punitive damages. The laws in Massachusetts enforce strict guidelines to safeguard any personal information of individuals stored on your network.<\/p>\n<p style=\"text-align: justify;\">Sadly, many SMBs brush it off as a minimal danger that is unlikely happen to them.\u00a0 Despite studies that show the assumption to be untrue, in fact, <a href=\"https:\/\/tsisupport.com\/tsistaging\/study-reveals-more-than-50-of-smbs-have-experienced-a-data-breach-in-past-year\/\">SMBs are often targeted<\/a> due to their <a href=\"https:\/\/tsisupport.com\/tsistaging\/avoid-getting-hooked-this-phishing-season\/\">common ease to infiltrate<\/a>.<\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #800000;\"><strong>Having a WISP is not Optional<\/strong><\/span><\/p>\n<p style=\"text-align: justify;\">The Massachusetts Data Security Regulations developed one of the most stringent data privacy laws, <a href=\"http:\/\/www.mass.gov\/ocabr\/docs\/idtheft\/201cmr1700reg.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">201 CMR 17.00<\/a>. It serves as the gold standard most businesses who work nationally abide by, because if it is CMR compliant, they are most likely compliant in all other states, and it isn\u2019t just for large corporations. 201 CMR 17.00 specifies:<\/p>\n<p style=\"text-align: justify;\"><em>\u201cEvery person that owns or licenses personal information about a resident of the Commonwealth shall develop, implement, and maintain a comprehensive information security program that is written in one or more readily accessible parts and contains administrative, technical, and physical safeguards\u201d<\/em><\/p>\n<p style=\"text-align: justify;\">This means any business who operates, or even has a single customer living in the state of Massachusetts, <span style=\"color: #800000;\"><strong><u>must<\/u><\/strong> <\/span>comply.\u00a0 If a data breach occurs and personal information is stolen, your business will have more than reputational damage to recover from, the Attorney General will likely levy considerable fines against you for failing to be compliant.<\/p>\n<p style=\"text-align: justify;\"><strong><span style=\"color: #800000;\">Considerations While Developing a WISP<\/span> <\/strong><\/p>\n<p style=\"text-align: justify;\">The details involved with developing a proper WISP are substantial.\u00a0 You must consider not only how data is transmitted, but how it is stored within your network.<\/p>\n<ul class=\"ULStyle\" style=\"text-align: justify;\">\n<li>Implementing full encryption is a must, as well as controlling access to the personal information by employees, as well as any third-party vendors who have access to your network.<\/li>\n<li><a href=\"https:\/\/tsisupport.com\/tsistaging\/mobile-new-normal\/\">BYOD mobility and integration<\/a> within your network are practically standard fare now, so a solid firewall solution, as well as an anti-virus and anti-malware protection should be installed. If you use a lot of cloud-based services, or store data offsite, all the same rules must be applied.<\/li>\n<li>User training and education are key components to keep in mind while curating a secure security program, and should be extended to any third-party vendors to ensure complete coverage of your liabilities.<\/li>\n<li>Minimum review and sign-off for your WISP should be annual, or sooner if there are changes that may impact your business.<\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"color: #800000;\"><strong>Learn More<\/strong><\/span><\/p>\n<p style=\"text-align: justify;\">One important note to keep in mind, having a written information security program will not magically eliminate the potential risk of a data breach.\u00a0 Ensuring compliance does not guarantee protection, but it does serve as the building blocks for a comprehensive security program.\u00a0 To learn how TSI can develop your WISP, as well as create a complete security protection plan for your business, <a href=\"https:\/\/tsisupport.com\/tsistaging\/contact\/\">Contact Us<\/a> today!<\/p>\n<div class=\"fl-builder-content fl-builder-content-8352 fl-builder-template fl-builder-row-template fl-builder-global-templates-locked\" data-post-id=\"8352\"><div class=\"fl-row fl-row-full-width fl-row-bg-photo fl-node-5ecccdbce25c0 fl-row-default-height fl-row-align-center fl-row-bg-overlay BlogCTA\" data-node=\"5ecccdbce25c0\">\n\t<div class=\"fl-row-content-wrap\">\n\t\t\t\t\t\t\t\t<div class=\"fl-row-content fl-row-fixed-width fl-node-content\">\n\t\t\n<div class=\"fl-col-group fl-node-5ecccdbce2d8e fl-col-group-equal-height fl-col-group-align-center fl-col-group-custom-width fl-col-group-responsive-reversed\" data-node=\"5ecccdbce2d8e\">\n\t\t\t<div class=\"fl-col fl-node-5ecccdbce2f49 fl-col-bg-color fl-col-small-custom-width\" data-node=\"5ecccdbce2f49\">\n\t<div class=\"fl-col-content fl-node-content\"><div class=\"fl-module fl-module-heading fl-node-5eccce25ec3d2 sec-title title-img-none\" data-node=\"5eccce25ec3d2\">\n\t<div class=\"fl-module-content fl-node-content\">\n\t\t<h2 class=\"fl-heading\">\n\t\t<span class=\"fl-heading-text\">Confident with Your IT Strategy?<\/span>\n\t<\/h2>\n\t<\/div>\n<\/div>\n<div class=\"fl-module fl-module-rich-text fl-node-5eccce77546d9\" data-node=\"5eccce77546d9\">\n\t<div class=\"fl-module-content fl-node-content\">\n\t\t<div class=\"fl-rich-text\">\n\t<p>If you found the information in this blog post helpful and you'd like to discuss your business' technology strategy, then we'd be happy to hear from you.<\/p>\n<\/div>\n\t<\/div>\n<\/div>\n<div class=\"fl-module fl-module-button fl-node-5ecccec3237e8 primary-btn\" data-node=\"5ecccec3237e8\">\n\t<div class=\"fl-module-content fl-node-content\">\n\t\t<div class=\"fl-button-wrap fl-button-width-auto fl-button-left\">\n\t\t\t<a href=\"https:\/\/tsisupport.com\/tsistaging\/contact\/\"  target=\"_self\"  class=\"fl-button\" >\n\t\t\t\t\t\t\t<span class=\"fl-button-text\">Get in touch with tsi<\/span>\n\t\t\t\t\t<\/a>\n<\/div>\n\t<\/div>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t<div class=\"fl-col fl-node-5ecccf1e8a49c fl-col-bg-color fl-col-small fl-col-small-custom-width\" data-node=\"5ecccf1e8a49c\">\n\t<div class=\"fl-col-content fl-node-content\"><\/div>\n<\/div>\n\t<\/div>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n<\/div><div class=\"uabb-js-breakpoint\" style=\"display: none;\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Not having a written information security program (WISP) for your business could be putting your data at risk of not only theft, but substantial legal\/punitive damages. The laws in Massachusetts enforce strict guidelines to safeguard any personal information of individuals stored on your network. Sadly, many SMBs brush it off as a minimal danger that&hellip;<\/p>\n","protected":false},"author":2,"featured_media":8504,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[7],"tags":[307,308,239,173,309,310,138,311],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Why You Need a Written Information Security Program (WISP) | TSI<\/title>\n<meta name=\"description\" content=\"Learn why your small business needs a written information security program (WISP) and things you should consider while developing one.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why You Need a Written Information Security Program (WISP) | TSI\" \/>\n<meta property=\"og:description\" content=\"Learn why your small business needs a written information security program (WISP) and things you should consider while developing one.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/tsisupport.com\/tsistaging\/?p=2255\" \/>\n<meta property=\"og:site_name\" content=\"TSI Support\" \/>\n<meta property=\"article:published_time\" content=\"2016-12-29T14:36:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-29T04:40:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Site-Header-1140x380-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1140\" \/>\n\t<meta property=\"og:image:height\" content=\"380\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Roger Murray\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roger Murray\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2255\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2255\",\"name\":\"Why You Need a Written Information Security Program (WISP) | TSI\",\"isPartOf\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2255#primaryimage\"},\"image\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2255#primaryimage\"},\"thumbnailUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Site-Header-1140x380-1.png\",\"datePublished\":\"2016-12-29T14:36:09+00:00\",\"dateModified\":\"2021-10-29T04:40:57+00:00\",\"author\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9\"},\"description\":\"Learn why your small business needs a written information security program (WISP) and things you should consider while developing one.\",\"breadcrumb\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2255#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/tsisupport.com\/tsistaging\/?p=2255\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2255#primaryimage\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Site-Header-1140x380-1.png\",\"contentUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Site-Header-1140x380-1.png\",\"width\":1140,\"height\":380},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2255#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/tsisupport.com\/tsistaging\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Small Business Cyber Security Plan: Why Your Business Needs a WISP\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/\",\"name\":\"TSI Support\",\"description\":\"TSI - Technical Support International\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9\",\"name\":\"Roger Murray\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g\",\"caption\":\"Roger Murray\"},\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?author=2\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why You Need a Written Information Security Program (WISP) | TSI","description":"Learn why your small business needs a written information security program (WISP) and things you should consider while developing one.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Why You Need a Written Information Security Program (WISP) | TSI","og_description":"Learn why your small business needs a written information security program (WISP) and things you should consider while developing one.","og_url":"https:\/\/tsisupport.com\/tsistaging\/?p=2255","og_site_name":"TSI Support","article_published_time":"2016-12-29T14:36:09+00:00","article_modified_time":"2021-10-29T04:40:57+00:00","og_image":[{"width":1140,"height":380,"url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Site-Header-1140x380-1.png","type":"image\/png"}],"author":"Roger Murray","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Roger Murray","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2255","url":"https:\/\/tsisupport.com\/tsistaging\/?p=2255","name":"Why You Need a Written Information Security Program (WISP) | TSI","isPartOf":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#website"},"primaryImageOfPage":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2255#primaryimage"},"image":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2255#primaryimage"},"thumbnailUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Site-Header-1140x380-1.png","datePublished":"2016-12-29T14:36:09+00:00","dateModified":"2021-10-29T04:40:57+00:00","author":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9"},"description":"Learn why your small business needs a written information security program (WISP) and things you should consider while developing one.","breadcrumb":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2255#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/tsisupport.com\/tsistaging\/?p=2255"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2255#primaryimage","url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Site-Header-1140x380-1.png","contentUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Site-Header-1140x380-1.png","width":1140,"height":380},{"@type":"BreadcrumbList","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2255#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/tsisupport.com\/tsistaging\/"},{"@type":"ListItem","position":2,"name":"Small Business Cyber Security Plan: Why Your Business Needs a WISP"}]},{"@type":"WebSite","@id":"https:\/\/tsisupport.com\/tsistaging\/#website","url":"https:\/\/tsisupport.com\/tsistaging\/","name":"TSI Support","description":"TSI - Technical Support International","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9","name":"Roger Murray","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g","caption":"Roger Murray"},"url":"https:\/\/tsisupport.com\/tsistaging\/?author=2"}]}},"_links":{"self":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2255"}],"collection":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2255"}],"version-history":[{"count":0,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2255\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/media\/8504"}],"wp:attachment":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2255"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2255"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2255"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}