Senate Bill (SB) 1386 mandates companies to publicly disclose computer security breaches in case confidential information of a California resident has been compromised. Consumer notification is specifically needed if the confidential data was not encrypted. To address the requirements of SB 1386 and to minimize the related business risks, organizations doing business with California residents need to implement end-to-end security for applications that handle customer data.
SSH's Information Assurance Platform helps enterprises ensure that private customer data will not be exposed during file transfers, system administration or application data communications. FIPS 140-2 validated, strong encryption prevents unauthorized access to data through network sniffing or connection hijacking, attack techniques commonly employed to compromise unsecured information. These security measures can be applied to any application on the TCP/IP network, allowing companies to standardize on a single solution without having to re-engineer existing applications, resulting in considerable cost-savings. Centralized management and auditing enable cost-effective maintenance and reliable environment status monitoring, resulting in an attractive TCO.
Full accountability of access to sensitive information or changes to critical system components can be ensured by independent and transparent auditing and full session archives that can be played back for incident analysis, or for proving to your auditors that the operations of your environment have been fully secured.