Get FTC Safeguard-Ready with Sophos
New FTC Safeguard rules mandate that by June 9, 2023, any business that collects sensitive consumer data must have rigorous security protocols in place to block potential data breaches and shield customer data from attacks.
Let Us Help You Meet FTC's Deadline
Schedule an FTC Safeguard consultation with our experts to review the requirements and make sure you’re covered.
Secure Your Data and Protect Your Business
The FTC Safeguard amendment identifies nine elements that your security program must include by June 9, 2023:
- Designate a Qualified Individual to implement and supervise your company’s information security program; a Qualified Individual can be an employee or work for an affiliate or service provider and does not require a particular degree or title
- Conduct a risk assessment
- Design and implement safeguards to control the risks identified through your risk assessment
- Regularly monitor and test the effectiveness of your safeguards
- Train your staff
- Monitor your service providers
- Keep your information security program current
- Create a written incident response plan
- Require your Qualified Individual to report to your Board of Directors
Read more on the FTC Standards
Time is running out to get FTC Safeguard-ready — that’s where Sophos comes in. Our industry-leading experts can guide you every step of the way
How Sophos Helps You Get FTC Safeguard-Ready
We make it easy to implement the following safeguards:
| REGULATION | HOW SOPHOS CAN HELP | |
|---|---|---|
| Designate a Qualified Individual to implement and supervise your company’s information security program |
|
|
| Conduct a risk assessment |
|
Provided by select Sophos Partners |
| Design and implement safeguards to control the risks identified through your risk assessment | Implement and review your access controls |
Sophos MDR Identity Integration Pack* (requires an existing IAM solution) |
| Identify risks and their potential impact |
Sophos MDR with Sophos NDR |
|
| Encrypt customer information on your systems and when it's in transit | ||
| Assess your apps |
|
|
| Implement multi-factor authentication for anyone accessing customer information on your systems |
Sophos MDR Identity Integration Pack* (requires an existing MFA solution) |
|
| Dispose of customer information securely |
|
|
| Anticipate and evaluate changes to your information systems or networks |
We perform security configuration health checks with Sophos Intercept X and find anomalies with Sophos Cloud Native Security. |
|
| Maintain a log of authorized user activity and keep an eye out for unauthorized access | ||
|
|
||
| Regularly monitor and test the effectiveness of your safeguards | Sophos MDR | |
| Train your staff |
|
|
| Monitor your service providers |
|
|
| Keep your information security program current |
|
|
| Create a written incident response plan |
|
Many of the requirements in an IR plan are covered by Sophos MDR. Sophos systems engineers can also assist. |
| Require your Qualified Individual to report to your Board of Directors |
|
|
Don't Wait Any Longer to Get FTC Safeguard-Ready
Sophos can help you however you need us. We can optimize your security protocols, keep your data secure and private, and block active threats — all through a single cloud security platform.