AdobeStock_158169391_edited_edited.jpg

FTC Safeguards Rule (GLBA) Compliance

Mosaic Cybersecurity Logo white.png
Asset 1.png

Mosaic's Solution covers all the requirements of the revised FTC Safeguards Rule and offers a-la-carte options so you can build a program that fits your needs. 

STep 1

Fill out a Safeguards Status Questionnaire.

questionnaire computer screen.png

STep 2

We’ll contact you to provide a complimentary consultation based on your responses.

jz_color_edited_edited_edited.jpg

STep 3

Build your custom roadmap for complete compliance.

Asset 2.png
 
Asset 1.png

Written Risk Assessments & Vendor Oversight

(Security Studio)

Endpoint Detection & Response

(AgileBlue)

Qualified Individual & Employee Training

(Mosaic)

Documentation, Processes & Procedures

(Mosaic)

2

4

6

8

road_roadmap.png

1

Ongoing Vulnerability Scanning

(nodeware)

Program Roadmap

3

Multifactor Authentication

(Partner MSP)

5

Data Encryption

(Partner MSP)

7

Simulated Phishing

(Mosaic)

Learn more about all the revised Rule's requirements and our solutions to each.

AdobeStock_265613965_edited_edited.jpg

Written Information Security Program (WISP)

A written Information Security Program or “WISP” is the document that defines the administrative, technical, and physical safeguards you will use to protect the customer data that your business collects. Your WISP should address the risks identified in the risk assessment that you conduct and how you plan to mitigate these risks.

See How We Compare

Mosaic Cyber Security offers a solution that covers every requirement of the revised FTC Safeguards Rule. 

safeguards_comparison_chart_june_2022_v13.png

Our solution

We aim to provide our clients with a one contract, one invoice, and one check solution where everything needed is covered. 

Unique Needs

Because no one company provides the necessary tools to address each of the Rule’s requirements, Mosaic Cyber Security acts in the nature of a general contractor, vetting potential subcontractors and assembling a team to construct a customized solution tailored to each dealership’s unique needs.

One Contract, One Invoice, One Check

This allows dealers to enjoy the benefit of Mosaic’s volume discounts for subcontractors’ services, as well as the convenience of having one contract, one invoice, and one check.

AdobeStock_294267642_edited.jpg

How is Mosaic Different?

The Mosaic Safeguards Solution is being developed (it’s a continuous process) by lawyers, not techies.  Data Security professionals are important to answer the How questions, but lawyers are the right professionals to answer the Why question.

How to Get Started

Every dealership’s Safeguards posture is different, but every dealership needs to perform a Risk Assessment (including a Vulnerability Assessment) and craft a Written Information Security Program (“WISP”), so that’s where we start. Complete the Safeguards Status Questionnaire either online here or download, complete, and return it to responses@MosaicCS.com. A Mosaic representative will get in contact with you and discuss the way forward appropriate for your needs.

AdobeStock_294267642_edited.jpg

Defensible and Insurable

Why does Mosaic take the approach it does?  Because the point is to create a solution that is both defensible and insurable.  A solution must not just defend consumer data, it must protect the dealer as well.  It is possible to both minimally satisfy the Safeguards Rule and leave customer (and dealership) data vulnerable.  Thus, the lowest cost approach may be a false economy.  If you want the cheapest solution, go elsewhere.  If you want the most effective, you’re in the right place.

Our Partners

Mosaic is a preferred partner of industry leaders.

AIZ-Dealer-Services.png
cavanah_logo.png
iaawg-h.png
SAH-logo-340-1.png
asura_logo.png
easycare_logo_3_2022.png
ingnition_ds_logo_v4.png
SUG.logo.png
ace_logo_long.png
Good - Copy.jpg
MenuSys-Logo-website_edited.jpg
swds_acrisure_logo.png
brightline logo.png
gvo3-logo1.png
NationalAutoCare.jpg
Zurich_Logo_Horz_Blue_2021_519x131_png.png

A complete solution to the revised Rule's mandatory requirements.