In this episode of the Innovation in Compliance Podcast, Tom Fox has a discussion about data security for smaller companies with the president of Choose Networks: Chris Hoose.
Choose Networks is described on its website as Chris Hoose’s youngest child – and that’s something many entrepreneurs can relate to. The idea of family, however, is very important to the culture of Choose Networks. Maintaining that kind of family culture, where you have friends at work, and even in terms of how you think about your clients and vendors is a major priority for Chris – and a key element in how they provide a consistent product to their client. This matters because they really serve as an extension of their clients’ staff – the IT department.
Small Businesses are Tempting
The biggest reason hacking is an issue for small companies is that they often have access to the databases of much bigger companies. A small business can be a tempting target for a hacker, who thinks of them as an easy way into a much bigger organization.
Small companies can demonstrate that their systems are secure, and in compliance with all relevant regulations to communicate to large clients that they’re on top of and careful about, security. The technical requirements are the easy part – more difficult is behavior, and making sure that teams are adhering to policy.
Passwords are Still Key
It’s important to be careful with your passwords – believe it or not, many people still have to be told not to write them down and stick them to your monitor! Adding 2-factor authentication methods takes security one step further, and can be valuable for organizations who have access to sensitive information. Still – the number one thing to do to prevent cyber threats is to educate their employees about how to be mindful.
Storing Information on the Cloud
Cloud storage is everywhere – and it’s great in terms of ease of access, but relying on someone else to protect your data can be risky. On the other hand, they’re often much better at protecting things than you are. Choosing the right provider is important: you don’t want to trade security for convenience.
Have you Updated Your OS?
Vulnerabilities in operating systems are one of the most common ways for hackers to gain access to sensitive information. Since companies don’t know what the vulnerabilities are when they release an OS, they release security patches as they are discovered. At a certain point, the creators of Operating Systems have to stop producing security patches for their software – and when that happens, it’s open season. Update your OS on a regular basis – and upgrade it when it’s getting too old to protect.
When you’re dealing with teams that work remotely, your cloud provider is the most important data security consideration – and another major one is who owns the hardware your team uses. If your employees use their own equipment, you need to make sure you have certain privileges on them – like monitoring any recording, and remote wiping.
Resources:
ChooseNetworks.com
ChrisHoose.com
In today’s edition of Daily Compliance News:
- Daimler shares fall on allegations it manipulated diesel tests. (WSJ)
- CTFT awards $2.5MM whistleblower award. (FCPA Blog)
- Chinese bank faces ‘death penalty’ sanctions. (Washington Post)
- Airbus shuts down business unit in bribery scandal. (The Guardian)
In this episode of Trekking Through Compliance, we consider the episode This Side of Paradise which aired on March 2, 1967, Star Date 3417.3.
Compliance Takeaways:
- What are the unknown talents of your staff?
- Failure to continuously monitor can lead to disaster.
- What is the role of all your team members?
In today’s edition of Daily Compliance News:
- Just who are your friends and why does it matter.(FT)
- Networking for newbies. (Washington Post)
- Who are your friends (Part Duex). (NYT)
- Ex-head of Interpol pleads guility to corruption in Chinese court. (BBC)
Over this five-part podcast series, I have visited with Terry L Orr, a Managing Director at Kroll, a division of Duff & Phelps, and the sponsor of this podcast series. We have taken a comprehensive look at state of compliance at the half-year mark of 2019. In the concluding episode, Part V, we consider some of the latest challenges for healthcare compliance, including legislative changes and a recent corruption trial which Orr believes will be seen as a landmark event.
There are some safe harbor exceptions but outside of those exceptions a broad interpretation of value is used. For more information on Kroll, a division of Duff & Phelps, click here. For more information on Terry Orr, click here.
In this five-part podcast series, I visit with Terry L Orr, a Managing Director at Kroll, a division of Duff & Phelps, the sponsor of this podcast series. We visit on the current state of compliance through the lens of recent Foreign Corrupt Practices Act (FCPA) enforcement actions and the Evaluation of Corporate Compliance Programs, 2019 Guidance, consider some of the specific issues in compliance for private equity and the increased importance of compliance in the healthcare industry. It is a comprehensive look at state of compliance at the half-year mark of 2019. We have previously considered how compliance programs might be updated based upon lessons learned in recent FCPA enforcement actions, then we considered the Department of Justice’s (DOJ’s) recent guidance on corporate compliance. In Part IV, we consider unique challenges for private equity companies in compliance; both in their organizations and for their portfolio companies.
For more information on Kroll, a division of Duff & Phelps, click here. For more information on Terry Orr, click here. Join us for our final episode where take a deep dive into the burgeoning issues of healthcare and compliance.
During this five-part podcast series, I visit with Terry L Orr, a Managing Director at Kroll, a division of Duff & Phelps, the sponsor of this podcast series. We visit on the current state of compliance through the lens of recent Foreign Corrupt Practices Act (FCPA) enforcement actions and the Evaluation of Corporate Compliance Programs, 2019 Guidance, consider some of the specific issues in compliance for private equity and the increased importance of compliance in the healthcare industry. It is a comprehensive look at state of compliance at the half-year mark of 2019. In Part III, we consider the recently released Department of Justice (DOJ) 2019 Guidance and what it means for compliance professionals.
Which will be the topic of our next Podcast. For more information on Kroll, a division of Duff & Phelps, click here. For more information on Terry Orr, click here. Join us for our next episode where take a deep dive into the unique issues of Private Equity and compliance.
In this five-part podcast series, I visit with Terry L Orr, a Managing Director at Kroll, a division of Duff & Phelps, the sponsor of this podcast series. We visit on the current state of compliance through the lens of recent Foreign Corrupt Practices Act (FCPA) enforcement actions and the Evaluation of Corporate Compliance Programs, 2019 Guidance, consider some of the specific issues in compliance for private equity and the increased importance of compliance in the healthcare industry. It is a comprehensive look at state of compliance at the half-year mark of 2019. In Part II, we consider what can be learned from recent FCPA investigations and settlements.
Which will be the topic of our next Podcast. For more information on Kroll, a division of Duff & Phelps, click here. For more information on Terry Orr, click here. Join us for our next episode where take a deep dive into DOJ’s recent Evaluation of Corporate Compliance Programs, 2019 Guidance.
Categories
Walmart FCPA Settlement
In this special bonus podcast, I am joined by Jay Rosen to discuss the stunning resolution to one of the longest running bribery, corruption and money-laundering sagas on the international stage, the FCPA enforcement action against the world’s largest retailer–Walmart. Some of the highlights include:
- The background facts;
- How significant is the case;
- Is the penalty too low (or too high)?
- Response of Walmart;
- Lessons learned for the compliance professional;
- Was there self-disclosure and full cooperation?
- How should we analyze the monitor requirement under the Benczkowski Memo?
Resources:
The documents for this matter include:
From the Department Of Justice
From the SEC, aCease and Desist Order and Press Release.
See also Tom’s Blog Post Walmart Enforcement Action-Part 1: Introduction. Tom will have multiple blog posts on the Walmart enforcement action so keep abreast on the FCPA Compliance Report.
In this five-part podcast series, I visit with Terry L Orr, a Managing Director at Kroll, a division of Duff & Phelps, the sponsor of this series. We visit on the current state of compliance through the lens of recent Foreign Corrupt Practices Act (FCPA) enforcement actions and the Evaluation of Corporate Compliance Programs, 2019 Guidance, consider some of the specific issues in compliance for private equity and the increased importance of compliance in the healthcare industry. It is a comprehensive look at state of compliance at the half-year mark of 2019. We begin this series by introducing Orr, how he came into focus in the compliance space and where he sees compliance headed down the road.
For more information on Kroll, a division of Duff & Phelps, click here. For more information on Terry Orr, click here. Join us for our next episode where take a deep dive into lessons learned for the compliance practitioner from recent key FCPA enforcement actions.