Following Facebook’s sharing of user’s personal data and the Equifax data breach exposing consumer information of more than half the country, the Federal Trade Commission is upping its examinations of proper data handling.
Jim Elliott, the FTC’s assistant regional director for the Southwest region, gave a detailed presentation to attendees of the Auto Finance Performance and Compliance Summit covering all the areas the commission looks for when determining proper cybersecurity at auto lending institutions.
It reads like a laundry list of somewhat obvious, but vitally important, areas of personal information to secure: Don’t collect information you don’t need, only keep data you have a legitimate business need for, restrict administrative access to that data, make passwords complex, store passwords securely, and much more.
When all else fails, he suggests thinking about your own personal experiences when companies have asked for extraneous information they don’t need.
Check out a portion of Elliott’s presentation below. Additionally, read about how the FTC is prioritizing deceptive debt collection and his top 10 tips.