As an outsource security partner BAI provides managed security, managed firewall, managed ids, content filtering, internet security, network security, penetration testing, and vulnerability testing.

managed ids, content filtering, outsource security, vulnerability testing, internet security, managed intrusion detection, managed firewall, security audit, penetration testing, network security, information security, managed security, Firewall Notification, Voice Over IP, Fixed Costs, Security, Auditing, Reporting, Policy, Monitoring, Networks, Protection

  BAI Security works with internal IT teams to provide firewall and IDS management, content filtering, custom threat alerts, Internet and network security and penetration and vulnerability testing.BAI Security works with internal IT teams to provide firewall and IDS management, content filtering, custom threat alerts, Internet and network security and penetration and vulnerability testing.  
  ServicesAbout UsPartnersNewsContact  
   
 
 
Articles & Press Releases

The California Hacking Law May Go National

California Senator Dianne Feinstein, a senior member on the U.S. Senate Judiciary Committee, has introduced a bill called the Notification of Risk to Personal Data Act that will mandate businesses and governmental agencies to notify consumers when hackers break into computer systems and steal some type of personal information, including Social Security numbers, drivers’ license numbers and credit card information. 

This bill is similar to a new law in California (SB 1386) that just took effect that allows people to sue if they are harmed as a result of a security breach and not notified.  The tough new state law that went into effect July 1, 2003 requires companies that maintain data on California residents to inform individuals on any security breaches that result in their personal information being stolen.   Although the law does not impose fines on the failure to provide fast, efficient notification to consumers on the leakage of personal information it does open up a company to a lot of negative publicity, lawsuits and administrative nightmares for the management and monitoring of consumer complaints. 

These laws are expected for force companies to take additional measures to improve the security of their computer networks with additional External and Internal Vulnerability/Penetration Audits at least every quarter, additional personnel resources to manage and monitor data security systems, and increased opportunities for firms that provide data protection systems. 

Other countries are also looking into beefing up their data protection laws.  Article 7 of the Data Protection Act 1998 requires UK companies to “implement adequate technical measures to protect against unauthorized access to confidential data” but does not define those measures.    According to several UK IT Industry Groups, these laws need to be re-examined and brought up-to-date with the current technical security landscape.  Although the US is leading in the way in legislation, the UK is sure to bring its legal and administrative initiatives to the forefront within the next couple of years.

The real solution will be for companies to improve their data security defenses.  This improvement plan involves several changes to the current IT landscape.  Some changes will involve increased funding for technology, but others involve improved policies and procedures for the company as a whole.  All Data Protection initiatives will involve C-level management support, employee adherence to security policy, and IT managing layered solutions for the technical environment.

The following key priorities and how they should be implemented are critical to your success in fending off deliberate and random hacking activity.

  • Firewall; preferably managed and monitored 24x7 hours by experts
  • IDS protection; preferably managed and monitored 24x7 hours by experts
  • Anti Virus protection; on every desktop and at the perimeter.
  • Email Filter; to stop Spam and prevent leakage of important data
  • Web Content Filter; to stop employee abuse of the Internet and bandwidth
  • Security Patches; automatically managed and up to date
  • Acceptable Use Policy; written, published, updated annually
  • External Vulnerability and Penetration Audit; performed by a Third Party
  • Internal Vulnerability and Penetration Audit; performed by a Third Party
  • Event Correlation; correlate the data from security protection devices.

Did you already know about these priorities? Did you know the above implementation methods have become the standard in “secure” environments? You can be certain that you will be asked these questions by stockholders, Federal and State Regulators, the Corporate Governance Committee, Auditors, Media, Employees and Management at all levels. The time is now to manage these issues before your business is an attacked or a random target of abuse and/or criminal theft.

If you are unfamiliar or need assistance regarding any of these key issues, the experts at BAI Security can show you the most cost-effective and comprehensive way to secure your environment.

  

Find out how the professionals at BAI Security can help you secure your business. Contact Us Today »

 

Sign up Now!
 
 

    © 1995-2010BAI Security Inc. All Rights Reserved. Privacy Policy | Sitemap