Qualys On-Demand Security Platform Drives Compliance With The Security Breach Information Act (SB 1386)

Redwood City, CA — July 1, 2003 — Qualys™, Inc., the market leader of on-demand security audits and vulnerability management, today launches its campaign to help companies comply with The Security Breach Information Act (California SB 1386), new legislation designed to secure consumers’ personal information. Effective today, SB 1386 will affect businesses and other organizations across the country maintaining online information about California consumers. Qualys’ QualysGuard service enables organizations to regularly audit the security of their networks in order to protect the privacy of their customers’ personal information.

“Contrary to popular belief, SB 1386 is not legislation only affecting California. As of July 1, any business or organization across the country that has customers residing in California - including every major retailer, service provider and government organization will be subject to legal penalties should they fail to alert customers of a security breach,” said Allan Carey, Program Manager for IDC. “SB 1386 underscores the importance of the need for businesses to proactively protect their customer data. Without accurate and frequent auditing of network assets, organizations are placing themselves at risk of non-compliance. “

Under SB 1386, state agencies, companies or individuals conducting business with customers in California will be required to disclose any network security breach resulting in acquisition of personal information by an unauthorized person. This includes any network attack that could expose an individual’s name, along with one of more of the following pieces of information: Social Security number, driver’s license number, state identification number; or credit or debit card account number and security code.

Using QualysGuard, companies can regularly and consistently audit their networks to identify and fix vulnerabilities before they can be exploited by hackers and personal information can be put at risk. QualysGuard provides extensive reports on vulnerabilities, including severity levels, business impact, time-to-fix estimates, and trend analysis with one-click links to validated remedies. Since QualysGuard automates the audit process, it helps security managers quickly realize a fast and cost-effective compliance path for SB 1386 regulation without the extra cost of software or hardware deployment and maintenance.

“Proactive security measures offer the most effective method to ensure compliance with legislation such as SB 1386,” said Philippe Courtot, Chairman and CEO of Qualys. “We expect compliance with the new law will be a major undertaking for businesses, government agencies and individuals. As a web service, QualysGuard enables organizations to ease the compliance process with automated and unalterable audit trails that identify vulnerabilities, show a path to remediation and verify the fixes.”

About Qualys

With more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit www.qualys.com.

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey
Qualys
media@qualys.com