The Federal Trade Commission ("FTC") has issued a final rule (“Final Rule”), amending the Standards for Safeguarding Customer Information (“Safeguards Rule”). This has bearing on how information is accessed -- particularly regarding authorized users and user authentication requirements for our hosted schools.
The Final Rule "...require[s] financial institutions to implement policies to monitor the activity of “authorized users” and detect unauthorized access to customer information."
In order to properly monitor this activity, accounts cannot be made generic, nor shared. Accounts need to be created & assigned to one specific user. An account should be disabled as soon as the assigned individual's access is to be restricted. Therefore, it is advised that accounts be made in the name of the user who will be utilizing it. To have a hosted account disabled or replaced, please reach out to FAME Support.
The Final Rule "...require[s] financial institutions to implement multi-factor authentication for individuals accessing networks that contain customer information."
In order to properly abide by this ruling, users must authenticate their own accounts. Individuals cannot authenticate for users other than themselves, meaning that one cannot use their phone as an authentication method for a different user. The individual assigned to the account needs to authenticate using their own, personal methods. To change authentication methods for a Remote Desktop account (hosted schools), simply click here and login with your '@fame-freedom.com' account.
Click here to learn more about the Final Rule.
Click here to learn more about the Safeguards Rule.