Complying with FTC Safeguard Standards
Does your company collect personal information about your customers or clients? Information like names, addresses, phone numbers, credit card numbers, income or credit history, and so on? If so, does your company comply with the FTC Safeguard Standards?
The FTC Safeguard Rule applies to businesses like tax preparers, mortgage brokers, real estate appraisers, and other financial institutions. It requires a written information security plan that describes their program to protect customer information. It requires that companies assess, manage and monitor risks of customer data in all areas of operations. It requires that companies secure customer data. Examples from the FTC website include things like:
- Locking filing cabinets
- Encrypting sensitive customer data when it is transmitted via public networks (like the Internet)
- Employee training
- Strong password policies
- Storing backup data off-line and in a physically secure area
- SSL for customer credit card data
- Install patches of operating system and key software applications
- Automatically updating anti-virus software
- Password activated screen saver
For more, check out the FTC Safeguards web page.