FTC settlement shows key compliance area
A settlement between the Federal Trade Commission (FTC) and computer vendor Asus shows employers one way to stay on the feds’ good side – act quickly when you receive vulnerability reports.
According to the complaint, Asus misrepresented its security policies, and failed to act on vulnerability reports quickly.
Delayed notification
Specifically, the FTC alleges that Asus took too long to address reported vulnerabilities and notify its customers that the flaws could lead to cyberattacks.
That delay was a key factor in the company’s poor security practices, the FTC said. To settle the suit, Asus has agreed to implement a more thorough security program that fixes these issues, along with other steps.
To keep out of federal regulator’s crosshairs, be sure you have solid procedures to address vulnerabilities and notify consumers if those flaws could endanger their data security.
Free Training & Resources
White Papers
Provided by Anaplan
White Papers
Provided by UJET
Further Reading
Federal rulemakers are requiring more transparency and detail in companies’ audits. Turns out all that extra detail is exactly what i...
The Biden administration is planning to add another reporting requirement for publicly traded companies. This time it’s taxes paid to...
The wave of tech fraudsters landing in the slammer rolls on. Elizabeth Holmes of Theranos infamy, crypto hustler Sam Bankman-Fried … ...
It’s December, and month-end still isn’t closed. Day six drags on with bank recs unfinished and support scattered across spreadsheets w...
The median time to complete a monthly financial close is six days – and for some organizations, it takes as long as 10, according to the ...
Mastering the basics of Excel is the gateway to understanding more advanced features. Starting with basic cells and progressing to Pivot Ta...