360 Advanced: FTC Suits Against Firms That Are Hacked Underscores Need for Emphasis on Compliance Audits
October 1, 2015 prod360
TAMPA, Fla., Sept. 30, 2015 (GLOBE NEWSWIRE) — The recent appeals court ruling that allows the Federal Trade Commission to punish firms whose data management systems have been breached by hackers underscores the need for companies to undergo rigorous audits of data security compliance standards and practices.
“This is very much like punishing a bank for being robbed,” said Eric Ratcliffe, Director at 360 Advanced, a national, multi-service, licensed Certified Public Accountant (CPA) and Qualified Security Assessor (QSA) firm that specializes in integrated compliance solutions for service providers. “Instead, the federal government should be doing all it can to help firms protect themselves against hacking.”
Ratcliffe said the recent ruling by the U.S. Third District Court of Appeals affirming the FTC’s right to take punitive measures against firms victimized by hackers will have companies scrambling to make sure their data security compliance audits are current – as well as those of their third party data management vendors.
The appeals court ruled that the Federal Trade Commission has the authority to sue Wyndham Hotels for allowing hackers to steal more than 600,000 customers’ data from its computer systems in 2008 and 2009, leading to more than $10 million in fraudulent charges.
ABOUT 360 Advanced, Inc.
Known for its responsiveness, collaboration, experience and professionalism, 360 Advanced, Inc. has clients in more than 35 states that are major service providers in various industries, including cloud and SaaS based organizations. 360 Advanced is one of only a few specialized firms in the U.S. that assist service providers as their independent assessor in developing, maintaining and communicating security and compliance to their clients.
360 Advanced’s services are provided, but not limited to, the following industries: Hosted and Managed IT, Data Center and Colocation, Software as a Service (SaaS), Healthcare, Financial Services, Insurance, HR | Payroll | PEO, Legal and Collections, Bulk Mail Printing and Distribution, Business Process Outsourcing and Marketing.
Services provided by 360 Advanced include SOC 1 (SSAE 16), SOC 2, SOC 3, PCI DSS, HIPAA Security/HITECH, Microsoft Supplier Security and Privacy Assurance Program (MSSPA) and other Security Consulting and Compliance services.
CONTACT: Eric Ratcliffe/360 Advanced