The Federal Trade Commission’s (FTC) primary focus is to protect American consumers. One of the many ways they do this is to provide education to businesses on topics such as data security. The FTC recently released a great tool for businesses – Start with Security: A Guide for Business. This 20 page publication provides tips on how to protect your customers’ data.
The guide highlights 10 key steps for better data security:
1. Start with security.
2. Control access to data sensibly.
3. Require secure passwords and authentication.
4. Store sensitive personal information securely and protect it during transmission.
5. Segment your network and monitor who’s trying to get in and out.
6. Secure remote access to your network.
7. Apply sound security practices when developing new products.
8. Make sure your service providers implement reasonable security measures.
9. Put procedures in place to keep your security current and address vulnerabilities that may arise.
10. Secure paper, physical media, and devices.
The information is easy to read and you can download a PDF or request printed copies. Think about sharing this guide with your employees as well as your third party providers.
The FTC has a Business Center section on their website with links to additional information on data security. You can also read about their law enforcement activities on the website. The Start with Security guide draws on over 50 data security settlement cases. Businesses can be liable for data security lapses and the FTC has enforcement authority.
Another outreach effort by the FTC are public events to help businesses learn security issues. One Start with Safety conference is scheduled for San Francisco on September 9, 2015 and a second conference is planned for Austin on November 5, 2015. You can get details from the FTC website.
For information on building a career in cybersecurity please see our courses offered through Excelsior College: http://www.nationalcybersecurityinstitute.org/programs/