Regulatory Compliance
SB 1386 Compliance
For Assessing SB 1386 Compliance
California SB 1386 became effective in on 1st July
2003, amending civil codes 1798.29, 1798.82 and 1798.84. It is a serious
bill, with far reaching implications.
Essentially, it requires an agency, person or
business that conducts business in California and owns or licenses computerized
'personal information’ to disclose any breach of security
(to any resident whose unencrypted data is believed to have been disclosed).
The bill mandates various mechanisms and procedures with respect to many aspects of this scenario, subject also to other defined provisions.
With California Assembly Bill AB 1950, there are additional
restrictions requiring companies to ensure that information for customers
and employees are protected with strong controls in place.
In order for companies to protect this information, they need to ensure that there is security at various layers of their information systems infrastructure from desktop to applications.
While desktop and applications have been straightforward, companies have found securing applications challenging due to complexities involved. Developers are under pressure to deliver code on time and security is usually ignored. There are hundreds of applications that are supporting companies' web sites with a lot of confidential information about customers and employees with many security holes.
Cenzic Hailstorm, through its attack library and compliance scripts, allows customers to find vulnerabilities and secure their applications that would help them in compliance with the various sections of SB 1386 and AB 1950. With our Cenzic Intelligent Analysis (CIA) lab, we are continuously monitoring the new vulnerabilities and provide you updates to help you protect your applications and stay ahead of the SB 1386 and AB 1950 compliance issues.
Learn more about Hailstorm >
|
