Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/a26f9f83/public_html/articles/includes/config.php on line 159
Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge > NetSparsh - Viral Content you Love & Share

Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge

Is your enterprise following the rules?

The bulk of financial information in many companies is created, stored and transmitted electronically, maintained by IT and controlled via information integrity procedures and practices. For these reasons, compliance with federal requirements such as the Sarbanes-Oxley Act (SOX) is heavily dependent on IT. Companies that must comply with SOX are U.S. public companies, foreign filers in U.S. markets and privately held companies with public debt. Ultimately, the corporate CEO and CFO are accountable for SOX compliance, and they will depend on company finance operations and IT to provide critical support when as they report on the effectiveness of internal control over financial reporting.

Sound practices include corporate-wide information security policies and enforced implementation of those policies for employees at all levels. Information security policies should govern network security, access controls, authentication, encryption, logging, monitoring and alerting, pre-planned coordinated incident response, and forensics. These components allow for information integrity and data retention, while enabling IT audits and business continuity.

Complying with Sarbanes-Oxley

The changes required to ensure SOX compliance reach across nearly all areas of a corporation. In fact, Gartner Research went so far as to call the Act "the most sweeping legislation to affect publicly traded companies since the reforms during the Great Depression." Since the bulk of information in most companies is created, stored, transmitted and maintained electronically, one could logically conclude that IT shoulders the lion's share of the responsibility for SOX compliance. Enterprise IT departments are responsible for ensuring that corporate-wide information security policies are in place for employees at all levels. Information security policies should govern:

* Network security
* Access controls
* Authentication
* Encryption
* Logging
* Monitoring and alerting
* Pre-planning coordinated incident response
* Forensics

These components enable information integrity and data retention, while enabling IT audits and business continuity.

In order to comply with Sarbanes-Oxley, companies must be able to show conclusively that:

* They have reviewed quarterly and annual financial reports;
* The information is complete and accurate;
* Effective disclosure controls and procedures are in place and maintained to ensure that material information about the company is made known to them.

Sarbanes-Oxley Section 404

Section 404 regulates enforcement of internal controls, requiring management to show that it has established an effective internal control structure and procedures for accurate and complete financial reporting. In addition, the company must produce documented evidence of an annual assessment of the internal control structure's effectiveness, validated by a registered public accounting firm. By instituting effective email controls, organizations are not only ensuring compliance with Sarbanes-Oxley Section 404; they are also taking a giant step in the right direction with regards to overall email security.

Effective Email Controls

Email has evolved into a business-critical application unlike any other. Unfortunately, it is also one of the most exposed areas of a technology infrastructure. Enterprises must install a solution that actively enforces policy, stops offending mail both inbound and outbound and halts threats before internal controls are compromised, as opposed to passively noting violations as they occur.

An effective email security solution must address all aspects of controlling access to electronically stored company financial information. This includes access during transport as well as access to static information resident at the company or on a remote site or machine. Given the wide functionality of email, as well as the broad spectrum of threats that face email systems, ensuring appropriate information access control for all of these points requires:

* A capable policy enforcement mechanism to set rules in accordance with each company's systems of internal controls;

* Encryption capabilities to ensure privacy and confidentiality through secure and authenticated transport and delivery of email messages;

* Secure remote access to enable remote access for authorized users while preventing access from unauthorized users;

* Anti-spam and anti-phishing technology to prevent malicious code from entering a machine and to prevent private information from being provided to unauthorized parties

In conclusion, complying with Sarbanes-Oxley puts a heavy burden on an organization's IT department to implement and enforce policies set up by corporate governance boards. In order to make sure the company's email system complies with Sarbanes-Oxley, IT managers must be able to document steps they have taken to address Section 404 of the code. CipherTrust manufactures a secure email gateway appliance that can help organizations comply with Sarbanes-Oxley. To learn more about it, please visit www.ciphertrust.com/solutions/compliance_SOX.php and read our articles and white paper on the subject of SOX compliance.

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security and anti spam solutions. Learn what you need to know to comply with Sarbanes-Oxley regulations by visiting http://www.ciphertrust.com/solutions/compliance_SOX.php today.

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

New York Times

No Passport or Ticket: How a Woman Evaded Airport Security and Flew to London
New York Times
After Ms. Hartman joined the security line and was screened by the T.S.A., she tried to board a flight to Connecticut around 2 p.m., attempting to conceal herself behind a passenger who was waiting in line, Ms. Simonton said. As Ms. Hartman tried to ...
How Marilyn Hartman Got Past O'Hare SecurityCBS Chicago
'Serial stowaway' arrested for 10th time after slipping past airport security, flies to LondonFox 2 Detroit
Notorious 'serial stowaway' pensioner evades airport security and flies from Chicago to London without a ticketEvening Standard

all 29 news articles »

Google's Advanced Protection Program Offers Security Options For High-Risk Users
EFF
Security is not a one-size-fits-all proposition, and features that are prohibitively inconvenient for some could be critical for others. For most users, standard account security settings options are sufficient protection against common threats. But ...


BBC News

Syria offensive: US seeks to address Turkey's 'legitimate' security concerns
BBC News
The US is willing to work with Turkey to address its "legitimate" security concerns in northern Syria, Secretary of State Rex Tillerson has said. He was speaking after Turkey's military incursion into northern Syria to fight the Kurdish YPG militia at ...
US Hopes to Work With Turkey on 'Security Zone' in SyriaU.S. News & World Report
US hopes to work with Turkey to create 'security zone' in Syria: TillersonDaily Sabah
Turkey has legitimate security concerns: MattisHurriyet Daily News

all 452 news articles »

ZDNet

After ignoring for months, Uber fixes two-factor bypass bug after all
ZDNet
Uber has fixed a security bug that could've allowed an attacker to hack into user accounts by bypassing two-factor authentication, after the ride-sharing company initially said the flaw wasn't a "particularly severe" issue. The company quietly issued a ...


Engadget

Uber security flaw compromised two-factor authentication
Engadget
Two-factor authentication only works if it's strictly enforced in software, and it sounds like Uber might have fallen short of that goal for a while. In a chat with ZDNet, security researcher Karan Saini has revealed a flaw in Uber's two-factor ...

and more »

NBCNews.com

Report: Afghan security forces committed 75 rights abuses, including child sex assault
NBCNews.com
The report from the Special Inspector General for Afghanistan Reconstruction (SIGAR), which was first released to Congress last year but made public Tuesday, says that at least seven of the violations were child sexual assault, but also says "the full ...

and more »

CNBC

Soldiers, snipers and security at Davos: Protecting the world's rich and powerful
CNBC
Ensuring the safety of more than 2,500 high-profile political, economic and business guests at an event is never easy; ensuring the safety of more than 70 heads of state and government is a nightmare. The World Economic Forum (WEF) has said security is ...

and more »

New York Times

Prison Guards in France Continue Strike Over Security and Pay
New York Times
PARIS — A labor strike by prison guards around France entered its second week on Monday, as the guards vented anger over their pay and dangerous working conditions, an issue that erupted into the open this month after a string of violent assaults by ...

and more »

Sun Sentinel

Security guard shot colleague in Hollywood in fight over gate lock, police say
Sun Sentinel
Andres Aviles, 26, drove to Mexico and flew to El Salvador where he was detained while trying to reach Nicaragua, police said. Tonya AlanezContact Reporter · Privacy Policy. The security guard accused of shooting his colleague during a shift change at ...
Security guard accused of shooting colleague gets caught in El SalvadorWPLG Local 10
Fugitive security guard fled Florida. His crime caught up with him in El Salvador.Miami Herald

all 5 news articles »

Fox News

US says it wants to help Indonesia provide maritime security
Fox News
JAKARTA, Indonesia – U.S. Defense Secretary Jim Mattis says the Trump administration wants to help Indonesia play a central role in maritime security in the Asia-Pacific region. Mattis spoke briefly to reporters Tuesday after meeting with his ...
US to work with Indonesia on maritime security, counter-terrorismThe Straits Times

all 168 news articles »
Google News

Phishing, Fraudulent, and Malicious Websites

Whether we like it or not, we are all living... Read More

Free Antivirus Security Software: Download Now to Eliminate Spyware, Pop Up Ads, etc.

Adware. Spyware. Pesky pop up ads. Internet congestion. Computer malfunctions... Read More

How to Manage Your Username and Password The Easy and Secure Way

Have been an Internet user for more than 9 years,... Read More

8 Surefire Ways to Spot an EBAY Scam E-Mail and Protect Yourself from Identity Theft

Ebay is a great site and is used by many... Read More

Internet Shopping - How Safe Is It?

Millions of people make purchases online, but many people are... Read More

What to Look for before You Purchase Spyware Software

Huge number of spyware software applications are available in the... Read More

Blogs as Safe Haven for Cybercriminals?

To blog or not to blog? Well, why not? Lots... Read More

Phishing ? Its Signs and Your Options

Phishing is the act of some individual sending an email... Read More

Behavior to Stay Safer Online

1. Importance of a Virus Scanner: A Antivirus program can... Read More

3 Things You Must Know About Spyware

1)Spyware is on your system. Like it or not, statistically... Read More

Phishing: A Scary Way of Life

The Federal Bureau of Investigation has identified "phishing" as the... Read More

5 Simple Steps to Protect your Digital Downloads

A couple of days ago, I was searching for a... Read More

Whats All This I Hear About Firewalls?

At this point, if you've got the whole "turning the... Read More

Parental Control - Dangers To Your Child Online & Internet Child Safety Tips

Did you know...? 1 in 5 children who use computer... Read More

Password Security and Safety

There is nothing more important that password security in world... Read More

3 Pervasive Phishing Scams

Scams involving email continue to plague consumers across America, indeed... Read More

Consumers: Shop Online and Get Information Safely

Do you really have to know how feeds work? Not... Read More

Corporate Security for Your Home Business

The words Corporate Security may conjure up images of a... Read More

Why you Must Secure your Digital Product and Thank You Web Page

A couple of years back, I paid my dues the... Read More

Web Browsing - Collected Information

You may not realize it, but as you are surfing... Read More

How to Protect Your Child from the Internet

When the Internet first came about, it was realized it... Read More

How to Prevent Online Identity Theft

Identity theft rates one of the fastest growing crimes in... Read More

Computer Viruses - How to Remove a Computer Virus from Your Computer

Computer viruses infect millions of computers every day. Viruses can... Read More

How to Get Rid of New Sobig.F Virus?

As you know, this time the virus under the name... Read More

Be Alert! Others Can Catch Your Money Easily!

So called phishers try to catch the information about the... Read More