Ensure FTC Compliance in Inland Empire: Get compliant

Tech Guardian guides organizations through the FTC Safeguard Rule to become secure and compliant.

Get Compliant With
The FTC Safeguard Rule

Back in 2021, The Federal Trade Commission (FTC) revised to the “Standards for Safeguarding Customer Information” previously issued under the Gramm-Leach-Bliley Act in 2002. The updates are a result of increased cyber threats since the COVID-19 pandemic.

The purpose is to protect consumer information from misuse or a data breach and ultimately identity theft or privacy violations.

The Safeguards Rule applies broadly to all “financial institutions,” including other entities that provide or facilitate financial services. The first FTC compliance deadline for automotive dealerships has been extended to June 9, 2023.

The updated “Standards for Safeguarding Customer Information”, requires dealers to develop, implement and maintain a comprehensive written information security program by June 9, 2023.

Below Is A Brief Outline Of The Compliance Requirements:

This is a simple outline of the compliance regulation. For compliance help and a cybersecurity assessment, please call us at 951-319-4080.

Preparation & Evaluation

  • Written documentation & best practices evidencing compliance:
    • Security Risk Assessment
    • Information Security Program
    • Incident Response Plan
  • Ongoing written reports to board of directors (or equivalent) on IT & Security, at least annually, prepared by the designated “qualified” employee or third party

Implementation Of Security Tools

  • Implementation of required tools supporting encryption (at rest and transmission), multifactor authentication and system monitoring
  • Partnerships & documentation for penetration testing and vulnerability scans

Implementation Of Best Practices, Controls, & Procedural Requirements

(Including Ongoing Monitoring)

  • Access controls to customer information
  • Inventory of systems that access customer information
  • Secure software development & utilization practices
  • Disposal procedures for customer information
  • Change management plan

Accountability & Ownership

  • Designation of a “qualified” employee to oversee information security
  • This person may be an employee, or a third party overseen by a senior member of your personnel

Change Management & Employee Training

Establish Routines for Auditing & Reviewing Cybersecurity Provider’s Best Practice

Get Started With A Free Consultation Today

With a full suite of cutting edge IT solutions, we know we can help your company grow. What’s more important to us is our clients and we’re ready to prove it to you. Contact us today to start a conversation and find out how.

Call: 951-319-4080 Get Started