FTC Releases Data Security Guidance
The Federal Trade Commission (FTC) has released new guidance for businesses on cybersecurity. The “Start with Security” program is intended to help businesses protect consumer information through best practices for data security. The business guidance outlines 10 recommended steps for effective data security drawn from the FTC’s data breach enforcement cases. The 10 steps include factoring security into decision making in every department of the business, controlling access to data, requiring secure passwords and authentication, securely storing information and protecting it during transmission, segmenting networks and monitoring access, securing remote access, applying security practices to new products, requiring security procedures for vendors and suppliers, keeping security measures up-to-date, and securing paper, physical media, and devices.
