SOX Regulations

The Challenge

Publicly-traded enterprises are subject to a number of governmental regulations that require a high level of due diligence when it comes to IT security practices, including:

• Sarbanes-Oxley 404
• Basel II
• 21 CFR Part 11
• PCI
• Gramm-Leach-Bliley
• HIPAA

On a worldwide basis, specific countries have similar regulations in place, such as France's "Loi de Securité Financière", Germany's "KonTraG", the UK's "Combined Code" and the Netherlands "Tabaksblat Code", which require a similar, although there are variations related to the compulsory nature in different countries.

Although the names of the regulations may change, one factor remains constant: these codes require organizations to prove they have solid control over their critical systems. For Privileged User Systems, auditors require enterprises connect a shared Privileged Password identity such as "Administrator" to an individual identity such as "Jane_Doe." The risks are often more than financial loss due to security breaches, company officers can be held personally liable for failure to comply with regulations such as Sarbanes Oxley.

The Solution

One Solution to the challenge of meeting Sarbanes-Oxley regulations is to install the Enterprise Password Vault™, a solution that enables organizations to:

• Prove exactly who accessed a shared account and when
• Create audit-ready reports
• Provide auditors with self-serve access to the Enterprise Password Vault