FTC settlement shows key compliance area
A settlement between the Federal Trade Commission (FTC) and computer vendor Asus shows employers one way to stay on the feds’ good side – act quickly when you receive vulnerability reports.
According to the complaint, Asus misrepresented its security policies, and failed to act on vulnerability reports quickly.
Delayed notification
Specifically, the FTC alleges that Asus took too long to address reported vulnerabilities and notify its customers that the flaws could lead to cyberattacks.
That delay was a key factor in the company’s poor security practices, the FTC said. To settle the suit, Asus has agreed to implement a more thorough security program that fixes these issues, along with other steps.
To keep out of federal regulator’s crosshairs, be sure you have solid procedures to address vulnerabilities and notify consumers if those flaws could endanger their data security.
- Share on
Free Training & Resources
White Papers
Provided by Anaplan
White Papers
Provided by UJET
Further Reading
How did a diversity, equity and inclusion (DEI) program manager defraud Facebook and Nike of more than $5 million? With the help of crooked...
Many businesses are hesitant to spend big bucks on capital improvements or new equipment due to inflation, high interest rates and economic...
The Financial Accounting Standards Board (FASB) is taking a scalpel to its still-in-the-works expense reporting standard. If and when the b...
The Biden administration is planning to add another reporting requirement for publicly traded companies. This time it’s taxes paid to...
Not all companies handle payroll records the same way. Firms may keep data in multiple systems — payroll, HR, timekeeping and the gen...
How many times has your Finance team seen the word “processing” on their laptop screens this week? Instant payments, both via T...
