Keep Your Security Current

Data security requires ongoing vigilantes technologies tactics and

threats change constantly it’s critical to make sure your company keeps pace the

start with security video series and resources at business dot FTC dot gov

offer tips for keeping your business’s security currants and building processes

to address new vulnerabilities quickly one guideline to remember keep your

third party software updated and patched when a retail company failed to updated

anti-virus software and FTC case was only one of the consequences

a hacker exploited the resulting vulnerabilities to steal the personal

information for over 400,000 customers and a charge millions of dollars to

their credit and debit cards to reduce the risk of a breach set policies for

updating and patching software and follow them it’s also important to have

a sound process for receiving and reviewing security warnings act quickly

to address the credible ones the FTC brought a case against a major

smartphone manufacturer for not having a process to collect and address reports

about security vulnerabilities the company’s delay in responding to

warnings left millions of devices open to malicious applications that could

text make recordings and access sensitive data without the smartphone

owners consent in another FTC case a mobile application business relies on

its general customer service system to respond to warnings about security risks

when a security researcher emailed the company about a vulnerability the system

incorrectly flagged report as a password reset request a mark that has resolved

make sure important warnings get to the people in your company who need to know

about them consider setting up a well-publicized dedicated channel like

an email address for receiving reports and flagging them for your security

staff for more useful tips about keeping your security current addressing

vulnerabilities as their eyes and building a culture of data security in

your business visit FTC died I’ll start with security

Learn more about this subject on the FTC’s website: