ShieldIOShieldIO
  • Technology
    • How it works
    • Supported Databases & Applications
  • Solutions
    • Products
    • Use Cases
  • About Us
    • At the Core
    • Newsroom
  • Blog
  • Contact Us

FTC Safeguards Rule:  Coming to a Small Business Near You

FTC Safeguards Rule:  Coming to a Small Business Near You

Nearly 1,000,000 Companies and Sole Proprietors Now Required to Encrypt Data

Until now, State and Federal privacy laws were being enacted in fairly narrowly defined industries with broad definitions of cybersecurity technology requirements.  Then on June 9, 2023, the Safeguards Rule mandated in the Gramm-Leach-Bliley Act began affecting the broadest range of industries and professions with specific technology adoption and new information technology costs.

Let’s study a primary technology requirement challenge and who it impacts.

Encryption Technology

According to Part 314.2(f) of the Rule, ‘Encryption means the transformation of data into a form that results in a low probability of assigning meaning without the use of a protective process or key, consistent with current cryptographic standards and accompanied by appropriate safeguards for cryptographic key material.’  This is going beyond the need for a firewall or simple email encryption solutions and to the data field itself. 

What is not clear is if this includes data-at-rest and in transit.  This is of concern as 35% of attacks are from those fetching unencrypted data traveling across a network.

Industry Impact

The FTC Safeguards Rule applies to any company offering  “any product or service that a financial holding company could offer by engaging in a financial activity under section 4(k) of the Bank Holding Company Act of 1956”.  Many people assume that this would include commercial banks, wealth management firms, investment banking, and insurance companies. Counter-intuitively for many people, however, the rules apply to a broad swath of small, medium and enterprise level companies.

Summary information in the Rule cites these general industries as examples and we have included how many firms are operating in the United States.  An untold, but high percentage are small businesses.

  • Mortgage Lenders – 4,338
  • Pay Day Lenders – 23,000
  • Finance Companies – 11, 652
  • Mortgage Brokers – 25,150
  • Account Servicers – 88,600
  • Check Cashers – 13,000
  • Collection Agencies – 7,023
  • Credit Counselors – 29,090
  • Tax Preparers – 763,749 professionals with a PTIN, 37% are sole proprietors.
  • Investment Advisors – 15,114

Many more professions and companies, most of them SMBs, are included. Examples cited by the FTC include:

  • A retailer that extends credit by issuing its own credit card directly to consumers is a financial institution because extending credit is a financial activity.
  • An automobile dealership that, as a usual part of its business, leases automobiles on a nonoperating basis for longer than 90 days is a financial institution.
  • A personal property or real estate appraiser is a financial institution because real and personal property appraisal is a financial activity.
  • A career counselor that specializes in providing career counseling services to individuals currently employed by or recently displaced from a financial organization, individuals who are seeking employment with a financial organization, or individuals who are currently employed by or seeking placement with the finance, accounting or audit departments of any company is a financial institution.
  • A business that prints and sells checks for consumers, either as its sole business or as one of its product lines, is a financial institution.
  • A business that regularly wires money to and from consumers is a financial institution because transferring money is a financial activity.
  • A check cashing business is a financial institution because cashing a check is exchanging money, which is a financial activity.
  • An accountant or other tax preparation service that is in the business of completing income tax returns is a financial institution because tax preparation services is a financial activity.
  • A business that operates a travel agency in connection with financial services is a financial institution because operating a travel agency in connection with financial services is a financial activity.
  • An entity that provides real estate settlement services is a financial institution because providing real estate settlement services is a financial activity.
  • A company acting as a finder in bringing together one or more buyers and sellers of any product or service for transactions that the parties themselves negotiate and consummate is a financial institution.

Resolution

These new regulations, which protect the consumer, put new I.T. cost burdens on entities large and small.  ShieldIO is the leading data protection and encryption services provider which offers affordable solutions for both small and medium sized businesses, as well as large enterprises.  For guidance, feel free to contact us directly or your MSP or MSSP at info@shieldio.com.

Previous article451 Research Market Insights Report Dives Deep to Understand how ShieldIO Is Addressing ‘Encryption-In-Use’​

Recent Posts

FTC Safeguards Rule:  Coming to a Small Business Near YouJuly 26, 2023
451 Research Market Insights Report Dives Deep to Understand how ShieldIO Is Addressing ‘Encryption-In-Use’​November 4, 2019
ShieldIO Developer Shield™ is Powered by Oracle Cloud and Now Available in the Oracle Cloud MarketplaceOctober 4, 2019

Categories

  • Data Sheets
  • Events
  • News
  • Post
  • Press Releases
  • Spotlight
  • Uncategorized
  • White Papers

About This Sidebar

You can quickly hide this sidebar by removing widgets from the Hidden Sidebar Settings.

Recent Posts

FTC Safeguards Rule:  Coming to a Small Business Near YouJuly 26, 2023
451 Research Market Insights Report Dives Deep to Understand how ShieldIO Is Addressing ‘Encryption-In-Use’​November 4, 2019
ShieldIO Developer Shield™ is Powered by Oracle Cloud and Now Available in the Oracle Cloud MarketplaceOctober 4, 2019

Categories

  • Data Sheets
  • Events
  • News
  • Post
  • Press Releases
  • Spotlight
  • Uncategorized
  • White Papers

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

FINANCE

Financial industry transaction data is the new oil providing a valued source of new revenue and delivering innovative competitive differentiators in a highly competitive market. In a time when data and content is absolutely critical to business success, data hacks are an alarming and regular occurrence, damaging reputations and undermining consumer confidence.

The market is in flux as technologies such as cloud migration, add to the complexities organizations face as increasing regulatory compliance combines into the perfect storm.

Today the cyber security market is flooded with many solutions for securing networks and applications. ShieldIO secure autonomous drivers is the only solution that ensures your data is encrypted no matter where it is in its lifecycle, while enabling searching and analytics on encrypted data without opening it up to risk.

HEALTHCARE

Healthcare is in a transformative state. With data sources on the rise, giving providers the ability to mine information giving unparalleled benefits to their users. This data explosion comes at a cost. Increased regulatory compliance with PHI and GDPR regulations and more extensive data theft by hackers who also wish to profit from the valuable data.

With ShieldIO secure autonomous drivers healthcare providers now have a solution that ensures sensitive patient data remains encrypted to deliver higher quality care while reducing cost with confidence that patient data is protected and compliant with privacy regulations. Data is secured without disruption to healthcare providers ability to mine the data for information, enabling them to deliver better more advanced services to their patients.

INSURANCE

Insurance companies have used different technologies and databases to better understand their customers and changing regional and geo market needs. As a result, they might have a mix of new – as well as out dated – mix-and-match security solutions. In an environment with ever increasing value in insurance providers’ data, the cyber criminals are using the most advanced cyber weapons available to get access to that data.

With ShieldIO secure autonomous driver solution, insurance providers can use their full data with sensitive patient or fi nancial data remaining encrypted to deliver higher quality care while reducing cost with confidence that patient data is protected and compliant with privacy regulations.

The ShieldIO secure autonomous driver secures data at rest, intransit and in memory protecting diverse data requirements of insurance companies delivering a true protection from breach.

ECOMMERCE

Predicting trends, optimizing pricing and forecasting demand, are just some of the ways that eCommerce businesses are using data to gain a competitive advantage. But the challenge is capturing and analyzing all the interactions consumers have throughout the purchasing cycle – products viewed, clicks, past purchases etc. – and deliver personalized product recommendations based on what that eCommerce provider knows about an individual customer.

For eCommerce providers’ predictive intelligence recommendations can significantly improve the business bottom line.

With ShieldIO secure autonomous driver solution, eCommerce providers can use their full data with sensitive consumer or financial data remaining encrypted to deliver higher quality data analytics while reducing cost. It enables the delivery of data-rich profiles of different audience segments with confidence that data is protected and compliant with privacy regulations such as GDPR.