Financial Industry Cybersecurity Compliance
We recently assisted a financial services customer of ours with a cybersecurity compliance review against their key service providers financial policy. This provided them peace of mind and left the assessment and detailed review up to us so they could concentrate on their core business.
Assessments like these will become more and more prevalent as we hold, and are responsible for our customer data.
Customer Data: Who is responsible?
As a business owner, you’re responsible for protecting your customers’ personal information – it’s the law. No matter how a business uses customer data, you are responsible for maintaining customer data protection and privacy.
The guidelines published here provide a good summary of how to assess this. Additional due diligence and protection policy enforcement is needed for sensitive information.
Key Points to remember:
- Customer data is everyone's responsibility
- Get a reqular check of compliance against your policy before its too late
- Apply a least privileged access policy as a starting point
- Most areas that need attention are easily rectified and do not need to cost much
- Ensure extra protection for sensitive data
- It helps to have an understanding of the data classifications for ease of assessment and risks