Rapidly increasing incidences of identity theft resulted in the State of California passing SB 1386, an addition to the civil code. The bill requires any agency that owns or licenses computerized data that includes personal information to disclose any breach of system security that led to - or is reasonably believed to have led to - a resident's unencrypted personal information being acquired by an unauthorized person. Disclosures must be made as quickly as possible once the scope of the breach has been determined and the system integrity restored. Tripwire solutions provide the detection, diagnosis, and remediation capabilities demanded for SB 1386 compliance and form the foundation of a layered security strategy.

An Ironclad Defense: Detective Control

Tripwire provides what auditors call a detective control. It delivers the hard evidence of IT configuration audit and control that auditors want. Tripwire gives you:

• Automated configuration control that isn't susceptible to human error or lapses in judgment
• Broad infrastructure coverage of changes on servers, workstations and network devices, including changes made both manually or by automated tools
• Independent evidence of change through perfect segregation of duties - the person or tool that made the change is not used to validate the change