« Best Practices Manual is Not a Rotisserie Oven | Main | The Anatomy of Local Commercial Deals »


How to Strengthen Your Security in a Cost-effective Manner   



By Matthew Froning and Christopher Gulotta

Striving to be a data secure company does not necessarily mean spending a ton of money. You can strengthen your security posture through “quick wins” and by instilling a sense of urgency from the top-down in your office culture.

A one-time payment for creating and implementing policies and procedures is a small cost that will set the stage for a more compliant and secure environment. Having guidelines in place shows lenders, auditors and regulators that you’ve created a baseline for compliance and articulates for staff, what the new compliance-oriented requirements are. Making sure your employees are armed with the knowledge to safeguard NPI and become more wary of various risks will go a long way in creating a more secure environment. Keeping items such as passwords complex and file cabinets locked are just some of the actions you can take that have no cost.  Policies and procedures not only help to prevent a data breach by enacting a level of security compliance staff should uphold, but in the event of a breach, can help a company avoid a severe loss of data by guiding a company on how to react in an efficient manner.

Training employees is a small cost that can strategically enhance a company's compliance posture. Remember, you are only as strong as your weakest link, and because humans are the greatest single risk vector in the security world, training all staff will help prevent human error or negligence from being the cause of a breach. Training can be in the form of online web-based training, speakers or free literature provided by ALTA, the FTC and CFPB.

Employee training and strong policies and procedures are the smartest and most cost-effective strategies your company can take to avoid a security breach and ensure compliance with federal and state laws, rules and regulations, and are a great first step in the compliance journey.

Matthew Froning is Chief Information Officer at Security Compliance Associates, Inc. He can be reached at mfroning@scasecurity.com. Christopher Gulotta is CEO and Founder of Real Estate Data Shield. He can be reached at cgulotta@redatashield.com. Froning and Gulotta will speak more in depth about this topic during a session titled "Protecting Customers Data Doesn’t Have to Cost an Arm and a Leg" during ALTA's Annual Convention. Click here to register.


Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment