{"id":22682,"date":"2016-02-23T16:31:31","date_gmt":"2016-02-24T00:31:31","guid":{"rendered":"http:\/\/lifeboat.com\/blog\/2016\/02\/calif-s-harris-outlines-reasonabledata-security"},"modified":"2017-04-24T22:08:29","modified_gmt":"2017-04-25T05:08:29","slug":"calif-s-harris-outlines-reasonabledata-security","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2016\/02\/calif-s-harris-outlines-reasonabledata-security","title":{"rendered":"Calif.\u2018s Harris Outlines \u2018Reasonable\u2019Data Security"},"content":{"rendered":"<p><a class=\"blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/calif-s-harris-outlines-reasonabledata-security.jpg\"><\/a><\/p>\n<p>I wish the CA AG a lot of luck; however, her approach is very questionable when you think about downstream access and feed type scenarios. Example, Business in Boston MA has an agreement with a cloud host company in CA, and Boston also has data that it pulls in from Italy, DE, etc. plus has a service that it offers to all of users and partners in the US and Europe that is hosted in CA.<\/p>\n<p>How is the CA AG going to impose a policy on Boston? It can\u2019t; in fact the business in Boston will change providers and choose to use someone in another state that will not impact their costs and business.<\/p>\n<p>BTW \u2014 I didn\u2019t even mention the whole recent announcement from China on deploying out a fully Quantum \u201csecured\u201d infrastructure. If this is true; everyone is exposed and this means there is no way companies can be held accountable because US didn\u2019t have access to the more advance Quantum infrastructure technology.<\/p>\n<p><a href=\"https:\/\/lnkd.in\/b9xXVAN\">https:\/\/lnkd.in\/b9xXVAN<\/a><\/p>\n<hr>\n<p>Feb. 17 \u2014 California Attorney General Kamala Harris (D) has released the state\u2019s <a href=\"http:\/\/src.bna.com\/cFY\">data breach report<\/a>, laying out the legal and ethical responsibilities of businesses to keep information safe and perhaps most importantly outlining what the state believes is \u201creasonable security\u201d that companies must employ to avoid possible enforcement actions.<\/p>\n<p>Under the state\u2019s information security statute, businesses must use \u201creasonable security procedures and practices\u201d that \u201cprotect personal information from unauthorized access, destruction, use, modification, or disclosure,\u201d the report said.<\/p>\n<p>Under the guidelines in the report released Feb. 16, failing to implement all 20 of the <a href=\"https:\/\/www.cisecurity.org\/critical-controls.cfm\">Center for Internet Security\u2019s Critical Security Controls<\/a> that apply to an organization\u2019s environment constitutes a lack of reasonable security. The controls define a minimum level of information security all organizations that collect or maintain personal information should meet.<\/p>\n<p><!-- Link: <a href=\"http:\/\/www.bna.com\/califs-harris-outlines-n57982067563\/\">http:\/\/www.bna.com\/califs-harris-outlines-n57982067563\/<\/a> --><\/p>\n","protected":false},"excerpt":{"rendered":"<p>I wish the CA AG a lot of luck; however, her approach is very questionable when you think about downstream access and feed type scenarios. Example, Business in Boston MA has an agreement with a cloud host company in CA, and Boston also has data that it pulls in from Italy, DE, etc. plus has [\u2026]<\/p>\n","protected":false},"author":395,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[43,34,418,1496,31,1617],"tags":[],"class_list":["post-22682","post","type-post","status-publish","format-standard","hentry","category-business","category-cybercrime-malcode","category-internet","category-law","category-policy","category-quantum-physics"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/22682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/395"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=22682"}],"version-history":[{"count":2,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/22682\/revisions"}],"predecessor-version":[{"id":50982,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/22682\/revisions\/50982"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=22682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=22682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=22682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}