In the most release of Circuits, Pierre Grosdidier and Cassidy Daniels share a thorough article on the Federal Trade Commissions guidelines. Their research and reference to supporting materials sheds light on the FTC guidelines. Just a small sampling of suggestions the FTC’s guidelines offer:

•  Do not collect unneeded information.
•  Restrict access to data.
•  Require secure passwords. “Qwerty” and “121212” are no better than having no password at all.
• Suspend or disable users after a certain number of unsuccessful login attempts.
• Store and transmit sensitive information securely. Train personnel and use accepted encryption methods—no need to reinvent the wheel.
• Segment networks and monitor who is trying to get in and out.
• Secure remote network access.

Read the article by Pierre and Cassidy in its entirety here.