Most businesses missed this critical NYDFS compliance deadline—and the new requirements it brought. Did you?
What You Needed to Do by May 1, 2025:
1. Control Employee Access
- Annual Review: Check every account—employees, contractors, vendors.
- Remove Access Fast: When roles change or people leave, revoke access immediately.
- Limit Privileges: Employees should access only what’s needed for their jobs.
2. Run Vulnerability Scans
- Regular Checks: Automated scans for outdated software and security flaws.
- After Changes: Scan again when updating software, hardware, or networks.
3. Secure Remote Access
- Remote Controls: Disable or secure any tools for remote system control.
4. Enforce Strong Password Policies
- Written Policy: Rules for strong passwords—no reuse, complex characters.
- Multi-Factor Authentication (MFA): Require MFA wherever possible.
5. Block Malicious Code
- Protection Tools: Use antivirus, web filtering, and automatic updates.
What’s at Risk If You Didn’t Comply?
Failing to comply means regulatory scrutiny, fines, or even losing your ability to operate. You must document your cybersecurity efforts and show proof of compliance.
Don’t Know If You’re Compliant? Let Us Help
Motiva Networks is your NYDFS compliance expert. Our CEO, Walter, a registered DFS Instructor, will guide you in a simple 10-minute call.
👉 Schedule Your Call with Walter Today:
Walter Contreras
Walter Contreras has over 25 years of experience in information technology, including cybersecurity, with a focus on the Insurance Industry. As both a computer scientist and a graduate of the Columbia University Business School’s Executive MBA program, Walter understands how the world’s digital transformation is impacting small and medium businesses. His mission is to deploy information technology to protect and empower entrepreneurs.
