Welcome to the Research Assistant Weekly Newsletter - a subscriber-only resource for insight into emerging compliance challenges, details on peer calls, and links to new Research Assistant reports, documents, tools, and more.

Sponsored by TCN and Finvi

Our most recent RA Member Weekly Meeting focused on the importance of implementing safeguards to protect systems and data from the type of breaches that have hit just about every major industry over the last decade. To safeguard businesses from cybersecurity threats, it’s important to implement multiple layers of protection. A common question received when advocating for new cybersecurity measures is “How much is this going to cost?” 

To assist in answering this question, here are some of the best and most cost-efficient practices to protect against cybersecurity threats:

• VPN Access: Ensure that employees are only accessing the system (especially remotely or on mobile devices) through a secure VPN (Virtual Private Network) to encrypt all data transmitted between the device and the network.
• Multi-Factor Authentication: This means that besides a password, another form of identification, such as a fingerprint or a token will need to be used to access the system. This can apply both to employees logging in for work, as well as consumers accessing a payment portal.
• Strong Passwords: Use strong passwords or pass phrases that change monthly to prevent unauthorized access to systems.
• Encryption at Rest and in Transit: This will ensure that even if a hacker gains access to data, it will be unreadable without the decryption key.
• Role-Based Data Access: Limit data access to employees with specific job responsibilities. This will reduce the chances of accidental or intentional data breaches.
• Internet Firewalls: Use internet firewalls to monitor and filter inbound and outbound traffic to prevent unauthorized access to the network.
• Employee Training: Educate employees about cybersecurity best practices, such as identifying and reporting phishing scams and using strong passwords.
• Visual Reminders: Posters placed around the office can be an effective and cost-efficient way to remind employees about things like phishing scams, clean desk policies, password changes and logout routines.

It’s important to take steps to protect data while also recognizing that no system is 100% secure. At some point there is only so much that can be done, and cyber threats are constantly evolving. Implementing several of these practices is crucial, not only to prevent breaches, but also to show that a business has taken all reasonable and prudent measures to protect client information in the event a breach does occur.

Documents and Crowdsourced Materials:

• Member Questions: e-OSCAR 4.0, Credit Reporting Bill, and Cybersecurity

• TABLE OF CONTENTS FOR POLICY MANUALS TEMPLATE

• Don’t forget about the State Law Matrix- here. 

Top Reads:

• CFPB Uses Aged Data in Report on Judgments and Why it’s a Big Deal

• Florida State Court of Appeals Holds No Standing to Sue for Receipt of Single Unwanted Text Message

• CFPB Focuses on Medical Credit Cards and Installment Loans in Latest Report

Upcoming Webinars/ Other Announcements:

• Work Smarter Not Harder – Getting the Most Out of Speech Analytics and QA Controls, TOMORROW at 2:00 on May 16th. Register here.

• Reminder: Send any topics or questions that you want to discuss to sara@insidearm.com by Thursday to ensure it makes it on our agenda!