The U.S. Federal Trade Commission’s Standard for Safeguarding Customer Information (the Safeguards Rule) is a compliance regulation passed in 2003 that expands on requirements in the Gramm Leach Bliley Act (GLBA). Specifically, the Safeguards Rule requires financial institutions to develop, implement, and maintain an information security program. The program design must be reasonably designed to protect customer information from both external and internal threats.
Following widespread data breaches in recent years, the FTC updated the Safeguards Rule in 2021 with stronger security requirements to protect customers’ financial information. Now, the FTC requires multi-factor authentication (MFA) for all individuals with access to networks where customer information is stored.
UserLock and FileAudit by IS Decisions can support your FTC compliance strategy with strong protections against unauthorized network and file access. Both software solutions complement each other to help control system access, identify employees with lightweight, secure MFA, respond quickly to suspicious activity, and better protect customer information.