The FTC Safeguards Rule, or Standards for Safeguarding Customer Information, was updated in early 2022 to require all non-banking financial institutions – such as mortgage brokers, auto dealerships and others – develop, implement and maintain a comprehensive security system to keep customer information safe.
The new guidelines require organizations within scope of compliance to implement technology for audit trails and to monitor all unauthorized activity.
The deadline to comply is December 9, 2022, with penalties at $45k per violation.
How Blumira Helps With FTC Compliance
See our compliance checklist for guidance on how to implement a comprehensive security system to meet FTC requirements.
Specifically, Blumira provides small and medium-sized businesses with an easy and fast all-in-one SIEM solution that combines logging with detection and response. Small teams can deploy the solution within hours to help satisfy FTC requirements.
- Up to one year of log data retention (audit trails), with immediate availability to help with investigation and incident response
- Unauthorized activity monitoring to help identify attacker behavior with real-time automated detection under 50 seconds and guided playbooks to help you respond to threats faster
- Access to our security team to help with guided response, available 24/7 for urgent priority issues
Deploy in minutes to see how it works with your Microsoft 365 environment by signing up for Blumira’s free edition.
FTC Guidelines: Audit Trails
The Commission believes logging user activity is a crucial component of information security because in the event of a security event it allows financial institutions to understand what was accessed and when.
Audit trails are chronological logs that show who has accessed an information system and what activities the user engaged in during a given period.
Financial institutions are expected to use logging to “monitor” active users and reconstruct past events.
Other FTC Requirements Blumira Can Help Support
- Incident Response Plan. Part of your response plan should include using data and insights from your SIEM (like Blumira) to help figure out what went wrong. Our built-in playbooks surface all relevant data in our findings, which can speed up the incident response process by ensuring that all of the data is in one place.
- Customer Information Access Controls. Once integrated with your systems, Blumira automatically logs user access and when their access levels change to give you insight into your current access activity and controls.
- Data Encryption. While this requirement is about encrypting your customers and organization’s data, we do encrypt all log data collected from your systems while within Blumira’s platform and in transit from your systems. Using Blumira, you can also look for and eliminate legacy protocols in your traffic to further reduce your security risks.
- Penetration Testing & Vulnerability Assessments. Testing our SIEM on a regular basis will help you pass your penetration test with flying colors by verifying your technology can detect attacker behaviors. Blumira detects behavior on a penetration test that most SIEMs will not, such as AS-REP Roasting.