• United States

Dreaming of a secure California

Jul 09, 20032 mins
Enterprise ApplicationsSecurity

* ThreatCheck aims to reduce liability of handling California residents' private details

If your Web site deals with California residents and handles their private details such as social security numbers, driver’s license numbers, credit and debit card numbers, then you should be aware of a new privacy law, SB 1386 (see links below), which went into effect July 1.

This law requires public disclosure of most computer security breaches if confidential info about California residents is involved.

This is not a trivial issue and the bill states: “(a) Any customer injured by a violation of this title may institute a civil action to recover damages. / (b) Any business that violates, proposes to violate, or has violated this title may be enjoined. / (c) The rights and remedies available under this section are cumulative to each other and to any other rights and remedies available under law.”

To put that another way, serious liability is connected to not obeying this particular law.

An interesting service to help minimize your liability is being offered by Threat Focus, a Calif., security-auditing firm.

The company claims that its ThreatCheck service scans your servers for more than 1,500 vulnerabilities and provides suggested fixes and patches for those that are identified. It also claims to add as many as 10 new tests per day and can test more than 1,200 products from more than 40 vendors. 

ThreatCheck uses a Web interface based on the open-source Nessus vulnerability testing engine to select which systems to audit and how often. Most importantly, ThreatCheck requires no additional hardware or software.

ThreatCheck comes in three flavors: The Essential service is aimed at small business and costs $49 per month; the Security Admin service for $99 per month is targeted at larger organization; and the Security Manager service, for enterprise scale operations, is priced at $149 per month.


Mark Gibbs is an author, journalist, and man of mystery. His writing for Network World is widely considered to be vastly underpaid. For more than 30 years, Gibbs has consulted, lectured, and authored numerous articles and books about networking, information technology, and the social and political issues surrounding them. His complete bio can be found at

More from this author