How to Strengthen Your Security in a Cost-effective Manner
August 17, 2016
By Matthew Froning and Christopher Gulotta
Striving to be a data secure company does not necessarily mean spending a ton of money. You can strengthen your security posture through “quick wins” and by instilling a sense of urgency from the top-down in your office culture.
A one-time payment for creating and implementing policies and procedures is a small cost that will set the stage for a more compliant and secure environment. Having guidelines in place shows lenders, auditors and regulators that you’ve created a baseline for compliance and articulates for staff, what the new compliance-oriented requirements are. Making sure your employees are armed with the knowledge to safeguard NPI and become more wary of various risks will go a long way in creating a more secure environment. Keeping items such as passwords complex and file cabinets locked are just some of the actions you can take that have no cost. Policies and procedures not only help to prevent a data breach by enacting a level of security compliance staff should uphold, but in the event of a breach, can help a company avoid a severe loss of data by guiding a company on how to react in an efficient manner.
Training employees is a small cost that can strategically enhance a company's compliance posture. Remember, you are only as strong as your weakest link, and because humans are the greatest single risk vector in the security world, training all staff will help prevent human error or negligence from being the cause of a breach. Training can be in the form of online web-based training, speakers or free literature provided by ALTA, the FTC and CFPB.
Employee training and strong policies and procedures are the smartest and most cost-effective strategies your company can take to avoid a security breach and ensure compliance with federal and state laws, rules and regulations, and are a great first step in the compliance journey.
Matthew Froning is Chief Information Officer at Security Compliance Associates, Inc. He can be reached at [email protected]. Christopher Gulotta is CEO and Founder of Real Estate Data Shield. He can be reached at [email protected]. Froning and Gulotta will speak more in depth about this topic during a session titled "Protecting Customers Data Doesn’t Have to Cost an Arm and a Leg" during ALTA's Annual Convention. Click here to register.