In 2016 alone, more than 35 million records were reported as compromised in more than 980 data breaches, which made consumers wary of trusting companies to handle their data. This leaves companies wondering what they can do to amplify their data security practices to help avoid consumer distrust and the scrutiny of regulators. The FTC expects “reasonable” security, but what does that mean? In this guest article, Kelley Drye & Warren attorneys Alysa Z. Hutnik and Crystal N. Skelton shed light on the answer to this question by detailing illustrative data security enforcement actions over the past year and the security practices the agency has indicated should be implemented as well as those it has warned should be avoided. See also “FTC Priorities for 2017 and Beyond” (Jan. 11, 2017).