Application Security Inc. - Database Security, Monitoring, Assessment, Auditing, Encryption, and Regulatory Compliance.
 
 
 
home client login partner login purchasing info contact us
search:
Solutions Products Partners Support News & Events About Us
add this
AppSec Inc Solutions
 
SARBANES-OXLEY ACT (SOX)

Sarbanes-Oxley (SOX) Sections 404 C and 404D call out compliance regulations enacted to ensure the integrity of the financial results reported by public companies. A key component of SOX compliance is managing Segregation of Duties (SoD).

A SOX Segregation of Duties violation occurs when an organization cannot sufficiently prove that users do not have conflicting privileges that allow them to manipulate financial data, thus altering the results reported by the public company. Ensuring that proper SoD controls are in place is a key consideration of external auditors when validating an organization's financial results. Auditors specifically evaluate the appropriateness of privileged user access to databases containing financial data.
 
Ensuring proper SoD controls is directly related to the assignment and auditing of database user rights and entitlements. In any organization, there are users with excess privileges, providing them access to financial data beyond what they need to do their jobs. Organizations must modify the privileges assigned to these users to ensure the integrity of financial data. However, there are users whose jobs require privileged access to databases containing financial data. These users include DBAs, internal application developers and system administrators. SOX regulations require monitoring the activities of these privileged users to ensure they are not compromising the integrity of the company's financial data.

In addition, SOX requires identification and remediation of  database vulnerabilities and misconfigurations that leave financial data exposed to unauthorized manipulation.

DbProtect allows organizations to manage the SoD conflicts and eliminate database vulnerabilities. 

FIVE STEPS TO COST-EFFECTIVE SOX COMPLIANCE - TWO MINUTE TUTORIALS

Isolate
Sensitive
Databases

Maintain an accurate inventory of all databases deployed across the enterprise.
     

Eliminate
Vulnerabilities

Identify and fix vulnerabilities that are exposing the database on a continuous basis.
     

Enforce
Least
Privileges

 Reset user access controls and privileges to only the minimum database access required to do their jobs.
     

Monitor
for
Deviations

 Implement appropriate policies and monitor for any and all activity that deviates from normal and authorized activity.
     

Respond to
Suspicious
Activity

Alert and respond to any unauthorized or suspicious activity in real-time to minimize risk of attack.
Anatomy of an Attack - On Demand Webinar
Defending Against SQL Injection
Database Activity Monitoring Cost Considerations
Request a FREE trial
Contact Sales
Watch Demo
Review Analyst Reports
 
Contact Us | Privacy | Sitemap | Legal
sales@appsecinc.com | support@appsecinc.com 		Call us toll free at: 1-866-927-7732 | FAX: 1-212-947-8788
. Application Security, Inc. All Rights Reserved