Download a PDF copy of the whitepaper
Introduction
Part 1: Required Policies
Part 2: Reports and Documentation
Part 3: Technical Requirements
Part 4: Training Requirements
How Blumira Helps Check Boxes
Why Blumira?
Updates to the FTC Safeguard Rule were originally going into effect on December 9, 2022, but the FTC extended the deadline on some requirements to June 9, 2023. To help, we've highlighted the requirements affected by the extended deadline in yellow. *
An individual on the IT/security team who oversees the security program. They must have skills that are considered “adequate” for the amount of data you're storing.
This plan details a series of actions that the security team must take in the event of a cyber incident: preparation; identification; containment, eradication; recovery; and lessons learned.
Financial institution means any institution that is financial in nature or incidental to such financial activities
Dynamic blocklists are an excellent example of a network-based containment technology. Blumira supports several next-gen firewalls that you can configure to perform this containment step automatically
Information access controls restrict who can make changes and creates an audit trail of all changes
Change management details what process you should follow when your technology stack changes.
A disposal plan lays out the process for secure disposal of customer information. The Safeguards Rule requires a limit of two years — with some exceptions.
Blumira can automate this process by reducing the time necessary to conduct access reviews and directing your attention to access events that matter
Review your vendors that have access to your customer information. They too must comply with all of these safeguards. Remember, you’re responsible for your data and your service providers who handle it.
Share this checklist with your vendors and keep it handy for future vendor discussions. Make sure they’re aware these safeguards apply to them.
Just like you have to track the cars on your lots, the FTC requires you have an inventory of all data you have stored and the systems they’re on.
Check out the CIS Critical Security Controls SME Companion Guide for best practices developed by IT experts
Using our saved report, "Blumira Summary: Parsed Source Types And Log Counts" you can export a list of all devices sending logs to Blumira.
This involves identifying threats to an environment — both internal and external — to the security, confidentiality, and integrity of customer information. This written assessment must include criteria for evaluating those risks and threats.
While it doesn't replace a professional Risk Assessment, you can use our free threat assessment guide to prepare for the real thing.
Really, this whole checklist is part of your information security program. Developing one is an ongoing process that requires an understanding of the different facets of security described here, and more.
When building a security program, it’s best to work with experts who have experience creating them before. Work with a service provider who already safeguards their own data and has helped numerous customers with their security program. Remember: People, Process, Technology, you need all 3 to make a security program successful.
Your Qualified Individual must give an update to your Board of Directors (or a Senior Officer if there isn’t a board) on a regular basis — at least once a year.
Enable multi-factor authentication on all systems that employees and contractors log into. MFA is an easy way to add another layer of verification of a user's identity and prevent the success of attacks like phishing, stolen credentials and account takeovers.
Take advantage of built-in features from tools that you already use. For example, if you already run Microsoft 365, take advantage of the ability to enable MFA for free across your environment.
Blumira sends a finding to notify when a user bypasses or disables MFA, skips enrollment, or has unusual or impossible logins.
Encrypt customer information at rest and when it’s in transit. If it’s not feasible to use encryption, secure it by using effective alternative controls approved by the Qualified Individual who supervises your information security program.
Penetration testing, vulnerability assessments and continuous monitoring all help to detect and prevent both actual and attempted attacks.
Without continuous monitoring, you must conduct annual penetration testing and vulnerability assessments, including system-wide scans every six months to test publicly-known vulnerabilities.
With Blumira, you can test your SIEM to ensure its readiness against an upcoming pentest.
Implement a solution to monitor when authorized users are accessing customer information on your system and to detect unauthorized or suspicious access.
Prioritize a SIEM that fits the resources of your team. Traditional SIEMs, while powerful, take a lot of time and expertise to manage. Blumira, on the other hand, is designed for small teams without expertise and does a lot of the heavy lifting for you, making it easy to run with limited resources.
Built for small teams, Blumira’s cloud-based SIEM provides monitoring and logging along with built-in detections and step-by-step response playbooks
Provide your people with security awareness training and schedule regular refreshers.
Your service provider likely has a solution for this that can be implemented upon request.
Provide specialized training for employees, affiliates, or service providers who are hands-on with your information security program and verify that they’re monitoring the latest word on emerging threats and countermeasures.
This is a great opportunity to promote growth on your team. Helping individuals in leveling up their career is a great way to show support.
It’s what we do. Built for small teams, Blumira’s cloud-based SIEM provides monitoring and logging along with built-in detections and step-by-step response playbooks.
Blumira detects attacker behavior also used during a penetration test out of the box, without any complex configuration, or weeks of tuning.
Blumira encrypts the data collected from your systems in transit and at rest within our platform. Additionally, Blumira can help you look for and eliminate legacy protocols in your environment.
Blumira automatically logs user access and when their access levels change to give you insight into your current access activity and controls.
Part of your response plan should include using data and insights from your SIEM (like Blumira) to help figure out what went wrong. Our built-in playbooks provide stacked evidence, which can drastically speed up the incident response process by ensuring that all of the data is in one place.
Meet compliance controls, save time on security tasks, focus on real threats and protect against a breach faster than ever with Blumira.
Reduce reliance on humans to complete manual security tasks to save time and refocus efforts
Accelerate breach prevention and ransomware protection with security automation
All-in-one open platform simplifies workflows with hybrid coverage, satisfying more compliance controls
*The FTC has provided documentation around what requirements are included in the six-month extension, but what’s less clear is which requirements are not included. Here, we’ve provided our interpretation on the extended deadline, based on FTC documentation and expert knowledge. Blumira is not acting in any advisory capacity and any impacted companies should seek legal counsel if they need clarification on what requirements may be delayed.