On June 30, 2015, the Federal Trade Commission announced its new “Start With Security” business education initiative, which will provide businesses with information on data security and how to protect consumer information.
The initiative includes a guidance document that provides data security guidance based on the FTC’s 53 cases related to data security, and lays out “ten key steps to effective data security.” The steps include (1) controlling access to data, (2) requiring secure passwords and authentication, and (3) establishing procedures to ensure security measures are current and address vulnerabilities. The FTC also has launched “a one-stop website that consolidates the Commission’s data security information for businesses.”
In addition to the guidance and website, the initiative will include a series of conferences to be held across the country, the first of which will be held in San Francisco on September 9, 2015.
Discussing the initiative, Jessica Rich, the Director of the FTC’s Bureau of Consumer Protection, stated, “[a]lthough we bring cases when businesses put data at risk, we’d much rather help companies avoid problems in the first place.”