In today’s edition of Daily Compliance News:
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly (the coolest guy in compliance) and I take things in a different direction as we welcome Francine McKenna, reporter at MarketWatch. And blogger extraordinaire at Re: The Auditors. After one full week of writing, thinking and talking about the SEC enforcement action against KPMG, we provide our initial reflections.
McKenna discusses:
Kelly discusses:
Fox discusses:
For additional reading, check out the following resources:
You should start with McKenna’s great piece on the scandal in MarketWatch, “The KPMG cheating scandal was much more widespread than originally thought”
Matt’s blog post-Questions on the KPMG Ethics Fiasco
Tom’s blog post-Day of Reckoning for KPMG-Failures in Ethics
In this episode of Trekking Through Compliance, we consider the episode Errand of Mercy which aired on March 16, 1967, Star Date 3194.8.
Compliance Takeaways:
In this episode of Trekking Through Compliance, we consider the episode Devil in the Dark which aired on March 9, 1967, Star Date 3196.1.
Compliance Takeaways:
In this episode of the Innovation in Compliance Podcast, Tom Fox has a discussion about data security for smaller companies with the president of Choose Networks: Chris Hoose.
Choose Networks is described on its website as Chris Hoose’s youngest child – and that’s something many entrepreneurs can relate to. The idea of family, however, is very important to the culture of Choose Networks. Maintaining that kind of family culture, where you have friends at work, and even in terms of how you think about your clients and vendors is a major priority for Chris – and a key element in how they provide a consistent product to their client. This matters because they really serve as an extension of their clients’ staff – the IT department.
Small Businesses are Tempting
The biggest reason hacking is an issue for small companies is that they often have access to the databases of much bigger companies. A small business can be a tempting target for a hacker, who thinks of them as an easy way into a much bigger organization.
Small companies can demonstrate that their systems are secure, and in compliance with all relevant regulations to communicate to large clients that they’re on top of and careful about, security. The technical requirements are the easy part – more difficult is behavior, and making sure that teams are adhering to policy.
Passwords are Still Key
It’s important to be careful with your passwords – believe it or not, many people still have to be told not to write them down and stick them to your monitor! Adding 2-factor authentication methods takes security one step further, and can be valuable for organizations who have access to sensitive information. Still – the number one thing to do to prevent cyber threats is to educate their employees about how to be mindful.
Storing Information on the Cloud
Cloud storage is everywhere – and it’s great in terms of ease of access, but relying on someone else to protect your data can be risky. On the other hand, they’re often much better at protecting things than you are. Choosing the right provider is important: you don’t want to trade security for convenience.
Have you Updated Your OS?
Vulnerabilities in operating systems are one of the most common ways for hackers to gain access to sensitive information. Since companies don’t know what the vulnerabilities are when they release an OS, they release security patches as they are discovered. At a certain point, the creators of Operating Systems have to stop producing security patches for their software – and when that happens, it’s open season. Update your OS on a regular basis – and upgrade it when it’s getting too old to protect.
When you’re dealing with teams that work remotely, your cloud provider is the most important data security consideration – and another major one is who owns the hardware your team uses. If your employees use their own equipment, you need to make sure you have certain privileges on them – like monitoring any recording, and remote wiping.
Resources:
ChooseNetworks.com
ChrisHoose.com
In today’s edition of Daily Compliance News:
In this episode of Trekking Through Compliance, we consider the episode This Side of Paradise which aired on March 2, 1967, Star Date 3417.3.
Compliance Takeaways:
In today’s edition of Daily Compliance News:
Over this five-part podcast series, I have visited with Terry L Orr, a Managing Director at Kroll, a division of Duff & Phelps, and the sponsor of this podcast series. We have taken a comprehensive look at state of compliance at the half-year mark of 2019. In the concluding episode, Part V, we consider some of the latest challenges for healthcare compliance, including legislative changes and a recent corruption trial which Orr believes will be seen as a landmark event.
There are some safe harbor exceptions but outside of those exceptions a broad interpretation of value is used. For more information on Kroll, a division of Duff & Phelps, click here. For more information on Terry Orr, click here.
In this five-part podcast series, I visit with Terry L Orr, a Managing Director at Kroll, a division of Duff & Phelps, the sponsor of this podcast series. We visit on the current state of compliance through the lens of recent Foreign Corrupt Practices Act (FCPA) enforcement actions and the Evaluation of Corporate Compliance Programs, 2019 Guidance, consider some of the specific issues in compliance for private equity and the increased importance of compliance in the healthcare industry. It is a comprehensive look at state of compliance at the half-year mark of 2019. We have previously considered how compliance programs might be updated based upon lessons learned in recent FCPA enforcement actions, then we considered the Department of Justice’s (DOJ’s) recent guidance on corporate compliance. In Part IV, we consider unique challenges for private equity companies in compliance; both in their organizations and for their portfolio companies.
For more information on Kroll, a division of Duff & Phelps, click here. For more information on Terry Orr, click here. Join us for our final episode where take a deep dive into the burgeoning issues of healthcare and compliance.
