The Updated FTC Safeguards Rule Signals New Cybersecurity Changes
On October 27, 2021 the Federal Trade Commission (FTC) announced changes to the FTC Safeguards Rule in order to protect consumer data. The new cybersecurity rules were published on December 9, 2021 and will require compliance by December 9, 2022.
Does the FTC Safeguards Rule affect you?
If you are not sure what the new security requirements are or if they affect your business or organization, don’t worry – we put together a webinar to help answer those questions. Watch Cisco Duo CISO Advisor, Wolfgang Goerlich and Duo Product Marketing Manager, Desdemona Bandini as they discuss the implications of the ruling, how it will affect businesses and what you need to do to stay compliant.
Watch the FTC Safeguards Rule Webinar here...
The definition of financial institutions includes non-financial institutions.
The important thing to note is the new and expanded rules have updated security requirements for financial and non-financial institutions that do transactions that use personal consumer data. These institutions must take steps to secure that data. This includes those companies taking measures to ensure their affiliates and service providers also safeguard consumer data in their care. Some of the new required security measures include:
Designate a qualified individual to oversee information security
Designate a qualified individual responsible for overseeing and implementing your information security program and enforcing your information security program (for purposes of this part, “Qualified Individual”). The Qualified Individual may be employed by you, an affiliate, or a service provider.
Conduct written expanded risk assessments
Base your information security program on a risk assessment that identifies reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assesses the sufficiency of any safeguards in place to control these risks.
Includes encryption and Multi-factor authentication
Multi-factor authentication (MFA) is now a mandatory requirement (regardless of company size) by December of 2022.
This means that, in addition to a username and password, users with access to consumer data will need another factor, such as a token, biometric, or application that can verify the user’s identity.
While these changes can seem confusing to navigate and intimidating to implement, BizCare has extensive experience partnering with industries who have complex security requirements, including healthcare, education, and, of course, finance. BizCare’s Unified MFA solution can quickly and efficiently ensure your company’s compliance while also protecting your customer data.
Quickly meet compliance deadlines
BizCare specializes in cybersecurity solutions to small and medium organizations.
Starting with a cybersecurity risk assessments, leading to fractional CISOs and out-of-box solutions for more than 200 applications as well as secure access to cloud-based, on-premises and custom applications,
VPNs, servers and more.
Provisioning authentication for applications, users and devices in minutes, leading to full deployment in weeks, not months or years. BizCare scales to meet companies at their security needs, providing continuous vulnerability scans, offline MFA, compliance-friendly reporting and logs, and the ability to add users and devices at any time.
BizCare helps organizations across industries comply with regulations to ensure their security strategy is in line with all relevant requirements.
Ease of use
Authentications are simple for all users, without compromising productivity. Flexible authentication methods such as push notifications, tokens, biometrics and more empowers users to choose the best fit for their workflow.
BizCare security enables fast secure and reliable authentication with one tap on a smartphone app, making security frictionless. BizCare security pairs with your existing single-sign on (SSO) for a consistent login experience across all applications and sync with directories to ensure policies stay current even as users change.
Frustrate hackers, not users
BizCare helps protect every device and every application, allowing your users to continue working with the tools they love, anywhere, anytime.
When a user attempts to access a protected application or resource, BizCare examines the device’s health and security posture, and only permits secure access when all requirements are met. It works with both bring your own devices (BYOD) and managed devices.
BizCare gives you the policies and control you need to limit access based on endpoint or user risk, without interrupting employees’ ability to use the tools they need to get their job done.
Concerned about your cybersecurity? Get these 5 simple signs any CEO (and even CIOs or IT managers) can use to figure out if your organization is secure from hackers, crooks, and internet thieves.
Contact us to learn more: www.bizcare.com/contact-us (925) 293-2222