[go: up one dir, main page]
Scribd
Upload
68 views1 page

DOL Cyber Security - One Page Tip Sheet

The Department of Labor (DOL) published cybersecurity tips for plan sponsors, participants, and when hiring service providers. The DOL recommends that plan sponsors consider establishing a formal cybersecurity program, conducting risk assessments and third-party audits, and defining security roles and strong access controls. The DOL also recommends that participants take actions like using strong, unique passwords, multi-factor authentication, and keeping personal information current. While tips are not requirements, plan sponsors should carefully review and consider the DOL's recommendations under their prudent standard of care.

Uploaded by

John Bartlett
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
68 views1 page

DOL Cyber Security - One Page Tip Sheet

The Department of Labor (DOL) published cybersecurity tips for plan sponsors, participants, and when hiring service providers. The DOL recommends that plan sponsors consider establishing a formal cybersecurity program, conducting risk assessments and third-party audits, and defining security roles and strong access controls. The DOL also recommends that participants take actions like using strong, unique passwords, multi-factor authentication, and keeping personal information current. While tips are not requirements, plan sponsors should carefully review and consider the DOL's recommendations under their prudent standard of care.

Uploaded by

John Bartlett
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

DOL

Cybersecurity Tips

The Department of Labor (DOL) has published Cybersecurity tips


to use when hiring service providers as well as tips for plan
sponsors and participants. These are tips serve as a
recommended course of action and not requirements. However,
under the prudent man standard of care all tips from the DOL
should be reviewed and carefully considered by plan sponsors.

Call to Action

Per the DOL, plan sponsors Per the DOL, plan sponsors should Per the DOL, plan
should ask the service provider consider the following actions: participants should consider the
about the following: following actions:
• Establish a formal Cyber
• Security Standards Security Program • Register your account
• Security Practices • Conduct annual risk assessments • Regularly monitor your account
• Security Policies • Hire third party to audit • Use strong and unique passwords
• Audit Results security controls • Use multi-factor authentication
• Security Validation Process • Define and assign information • Keep personal contact
• Security Levels Implemented security roles and responsibilities information current
• Establish strong access •
• Past Security Breaches Close or delete unused accounts
control procedures
• Cybersecurity Insurance • Do not use free Wi-Fi
• If data stored in cloud or with third
• Cybersecurity Guarantee • Beware of Phishing attacks
party conduct security reviews
• Conduct cyber security
• Do not store login information in
your email account
awareness training
• Implement secure system • Use up to date anti-virus software
development life cycle • Report identify theft to your
• Create effective business employer and the record-keeper
resiliency program
• Encrypt sensitive data
• Respond to cyber security events

A Proud Member of

You might also like