California Passes New Information Privacy Law

By:  |  Category: Blog, Security Thursday, October 11th, 2018  |  No Comments
Information Pivacy

California is stepping up it’s game in cybersecurity to protect your identity. The CA legislature recently passed the “Information Privacy: Connected Devices” bill that will come into effect on January 1, 2020.

The bill will require a manufacturer of a connected device to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure, as specified.

Basically, starting two years from now, anything that can connect to the internet will come with a unique password if it is bought and or sold in California. This would ban pre-installed and hard-coded default passwords.

The new regulation mandates device manufacturers to either create a unique password for each device at the time of production or require the user to create one when they interact with the device for the first time. According to the bill, it applies to any connected device, which is defined as a “physical object that is capable of connecting to the Internet, directly or indirectly, and that is assigned an Internet Protocol address or Bluetooth address.”

The law is intended to halt the rampant spread of botnets made up of compromised network devices, such as routers, smart switches or even security cameras and other IoT equipment. Malicious software could often take control of them by trying easy-to-guess or publicly disclosed default login credentials.

This bill doesn’t address the legacy industry equipment from the 80’s and 90’s when passwords were hard-coded or not changeable, so old equipment is still subject to vulnerability

If you need assistance with cybersecurity services give EnhancedTECH a call at 714-970-9330


Leave a Comment
Read previous post:
Online Reputation
Protecting Your Online Reputation

In the days of old, maintaining a good reputation boiled down to good service. Do a job well and people...