FTC settlement shows key compliance area
A settlement between the Federal Trade Commission (FTC) and computer vendor Asus shows employers one way to stay on the feds’ good side – act quickly when you receive vulnerability reports.
According to the complaint, Asus misrepresented its security policies, and failed to act on vulnerability reports quickly.
Delayed notification
Specifically, the FTC alleges that Asus took too long to address reported vulnerabilities and notify its customers that the flaws could lead to cyberattacks.
That delay was a key factor in the company’s poor security practices, the FTC said. To settle the suit, Asus has agreed to implement a more thorough security program that fixes these issues, along with other steps.
To keep out of federal regulator’s crosshairs, be sure you have solid procedures to address vulnerabilities and notify consumers if those flaws could endanger their data security.
- Share on
Free Training & Resources
Further Reading
Year-end close is when many finance teams are vulnerable to burnout from a seemingly endless, high-priority to-do list of generating annual...
If you’ve used Excel to create a database table with fixed formulas, and that table will be used by multiple people, there’s a ...
The demand for finance chiefs is growing. Yet more companies are replacing their CFOs. Even so, CFOs are a lot less worried about AI taking...
The Financial Accounting Standards Board (FASB) is calling on publicly traded companies to report employee compensation. And that’s n...
Wealthy investors are about to lose a tax loophole that IRS allowed for years. The tax cops say its new policy and enforcement will net bil...
Ever wondered why Excel features a currency format as well as an accounting format? You’re not alone. The reason is, creating Exce...
