FTC Safeguards Rule: What You Need to Know
in Compliance
in Compliance
Organizations that fall under scope of compliance with the Federal Trade Commission (FTC)’s Safeguard Rule must implement new cybersecurity controls to help secure their customers’ financial information.
To get ahead of the deadline, it’s important for these organizations to prepare now.
The deadline for implementing some requirements is December 9, 2022, while other requirements have an extended deadline of June 9, 2023. Penalties for violation of the rule are $45k.
This may be news for “non-banking financial institutions, such as mortgage brokers, motor vehicle dealers, and payday lenders” who must also comply with the FTC Safeguards Rule.
The FTC Safeguards Rule helps protect consumers and ensure that institutions are keeping pace with current technology to keep consumers’ financial information safe.
According to FTC.gov, the FTC’s authority covers for-profit entities such as mortgage companies, mortgage brokers, creditors, and debt collectors – but not banks, savings and loan institutions, and federal credit unions.
There are many new requirements that you can see in this handy checklist, including ones for policies, reports, documentation, technical and training requirements.
The technical requirements call for cybersecurity solutions that all FTC-compliant organizations need to implement:
According to the FTC, you must implement a solution to monitor when authorized users are accessing customer information on your system and to detect any unauthorized or suspicious access to customer information.
One way to address this requirement is with a solution like Blumira that collects, centralizes and automatically analyzes your log data for user activity. Ideally, the solution should also be able to detect unauthorized access, alert you to it in real-time, provide next steps to respond and easy access to historical log reports of user activity for investigation and audits.
Blumira’s SIEM platform helps helps auto dealers, mortgage brokers and other FTC-compliant organizations meet the monitoring and detection requirement with:
Blumira can help support many other FTC security requirements, including:
Learn more in Blumira for FTC Safeguards Rule Compliance.
With Blumira, you can help meet new FTC requirements for monitoring and logging user activity quickly and easily, by deploying in minutes to hours for faster time to security. We help you do more with our all-in-one SIEM platform that combines logging with automated detection and response:
Sign up for Blumira for free for Microsoft 365, or contact us to trial Advanced edition and learn how we can help you meet FTC compliance quickly.