The new amended FTC Safeguards Rule was intended to modernize the cybersecurity rules for financial institutions. This includes a few very specific IT security tools and policies that many companies do not have in place.

What are the important yet quick wins that you can implement?

Conduct a risk assessment

A tabletop exercise is a popular starting point, where someone will walk through a pretend security incident, and your team reacts to it, identifying gaps in your current defenses and policies. Combine that with information about the existing risks you know of, and then produce a report/spreadsheet identifying which ones you are addressing, how, and when. Keep in mind some risks may be acceptable to keep as a risk - no one is 100%. CGP has a free sample template that covers some common areas of risk to get things started.

Encryption everywhere

Data encryption is critical these days, due to stolen equipment and man in the middle (MitM) attacks. Luckily, most software and equipment has encryption built in and does not need a third party product. For example, a company using Windows 10 & 11 can take just a few hours of work to enable centrally managed & logged encryption for their computers.

Multifactor authentication (MFA) everywhere

MFA is one of the best defenses you can have, in fact Microsoft showed it stopping 99.9% of attacks. MFA should be protecting all external access to your network and resources, and you should avoid SMS/text/call based MFA which is easily bypassed.

Want a turnkey security package that meets the new FTC requirements? Clear Guidance Partners has offered this high level of security since they day we were founded, along with industry high customer retention. Contact a partner today!

Have a CGP Partner Contact me

First Name

Last Name

Email

Subject

Message