In a proposed settlement order, FTC demanded that GoDaddy, inside 90 days of finalizing the order, set up, implement, and thereafter keep a complete data security program.
The corporate is additional required to doc and repeatedly replace its data security program, offering it to related governing our bodies not less than yearly and after any important security incident. It should designate a certified worker to supervise this program and assess dangers to security and confidentiality, updating their findings yearly and after incidents.
GoDaddy was additionally requested to implement safeguards to mitigate dangers, keep system inventories, use automated instruments for real-time security evaluation, handle audit logs, and guarantee safe authentication strategies (MFA), with common updates to align with trade requirements and previous incidents.
