The Safeguards Rule
Federal compliance is not a choice, how you handle it...is.
The Federal Trade Commission's Safeguards Rule is a federal law requiring financial institutions to have certain processes & safeguards in place to protect consumer information in line with modern technologies. As a business that collects personal/financial information on your customers, you are required to have controls in place to ensure the security of consumer data. Automotive/power sports dealerships are an example of such regulated businesses.
The most important element of the Safeguards Rule is that as a regulated business, you do not have a choice whether or not you comply. The FTC can illicit fines of over $45,000 per day, per violation. It is solely your responsibility to protect consumer information in a manner that aligns with current technology against data hacks.
The deadline for compliance with the Safeguards Rule is December 9, 2022. You can find a full description of the Safeguards Rule, here.
What does "compliance" mean?
There are nine (9) elements of security strictly required by the FTC to be considered compliant with the Safeguards Rule. These nine steps include designating a qualified individual to implement & supervise your organization's information security (InfoSec) program, conducting regular risk assessments, implementing modern safeguards & controls - like multi-factor authentication & data encryption, training your staff on proper digital hygiene & creating written policies & procedures.
Large financial organizations address this with their own, internal InfoSec teams, led by a CISO (Chief Information Security Officer). The yearly cost of a CISO starts at $175k, with security experts going for $150k or more. There is a shortage of InfoSec expertise in the market, so even well-funded businesses are struggling to find the right people.
Security consultancies bill at $2k-$3k per day & the cost of software licensing alone can eclipse $500k, with many businesses going into InfoSec projects with little or no experience.
A better way.
We started ATTM Technologies to address the cost, complexity & time needed to comply with regulations like the Safeguards Rule.
Our Proton 365 platform-as-a-service delivers a secure, reliable & fast digital workspace, powered by Microsoft Azure. We automatically monitor the reputation of every email, prevent sensitive files from leaving the organization & block malware on your smartphone, tablet or PC. All for a reasonable monthly subscription. No CISO, no consultants & no up-front capital expenses - pay-as-you-go, grow or shrink as your business changes.
Plus, we can take you from zero controls to full compliance in days or weeks, not months or years.
Contact us at email@example.com