Long gone are those times of yore, when “IT security” was universally understood to mean “hackers on the outside trying to break in and steal your data.” Spare a moment for those simpler days, now gone for good. Today IT security can mean almost anything: threats coming from both inside and outside the company, done […]
Data Privacy
Posted inData Privacy
Latest NLRB Social Media Guidance Draws Criticism
The National Labor Relations Board has published yet more guidance for companies on how to appropriately craft social media policies—but, this time, some say it may have overstepped its boundaries. The latest report on social media from the NLRB—the third in less than a year—is garnering criticism for what some are calling a heavy-handed […]
Posted inData Privacy
SEC Turns Up the Heat on Private Equity, Hedge Funds
During the past few months, the private-equity and hedge fund industries have been getting the white-glove test from the Securities and Exchange Commission, and the SEC is turning up plenty of dirt. In December, the Commission announced charges against a half-dozen hedge fund managers or partners for improper use of fund assets, fraudulent valuations, and […]
Posted inData Privacy
Beware Compliance Pitfalls When Recruiting on Social Media Sites
More companies are using social media networks to look for good job candidates, since the method is easy and cost effective, and it gives employers access to a high number of potential candidates and more insight into their personalities without actually having to meet them all. But the recruitment tools do come with some compliance […]
Posted inData Privacy
SEC’s Corp Fin Staff Attacks Cyber-Security Disclosure
The Securities and Exchange Commission’s latest burst of staff guidance—again delivered in the agency’s new, non-binding format of “CF Disclosure”—takes aim at the tricky realm of disclosing cyber-security risks. The seven-page document, published by staff in the Division of Corporation Finance (hence the “CF”) outlines items companies should consider when identifying specific business risks caused […]
Posted inAccounting & Auditing
Volcker Rule Includes New Compliance Requirements for Banks
Federal regulators have finally unveiled their proposal for the Volcker Rule, a linchpin of the Dodd-Frank Act that would restrict proprietary trading by many financial firms and require expansive new compliance programs for banks to monitor and report on their trading activity. The 298-page plan, presented last week by the Federal Deposit Insurance Corp. and […]
Posted inData Privacy
NLRB Provides Guidance on Social Media Practices and Policies
A new report from the National Labor Relations Board should be a big help for companies trying to craft practical (and legal) social media policies. The report provides more detail on why some employees’ social media communications constitute legally protected activity, while others do not. It uses real-life cases, and serves as a warning to […]
Posted inInternal Controls
Auditing in the Clouds, Coming Down to Earth
“The cloud” appears to be the next big thing in Corporate America, with advocates touting its potential to simplify IT infrastructure and lower costs. Cloud computing provides a way for companies to outsource everything from data storage to powerful service applications, paying only for what they use, scaling rapidly, and cutting IT costs in the […]
Posted inData Privacy
Data Breach at Security Firm Could Make Others Vulnerable
As an epidemic of computer hacking incidents targeting companies and government agencies has raised computer security concerns across the board, one particular attack on a computer security firm has upped the ante in the battle between hackers and companies who must protect the sensitive data of customers, partners, and employees. In March, Art Coviello, executive […]
Posted inData Privacy
White House, FTC Call for Data Security Legislation
The White House and the Federal Trade Commission are pressuring Congress to pass legislation that would require companies to implement data security measures and to provide breach notification. The Obama Administration sent a cyber security legislative proposal to Congress, in response to request for assistance in addressing U.S. cyber-security in May, including a measure for […]
