CorreLog, Inc.   Solutions   Download   Partners   News   Support   About Login

Solutions > CorreLog For SOX Compliance

The Sarbanes-Oxley Act (SOX) is Federal law, enforceable for all publicly held USA corporations. This regulation establishes extensive civil and criminal penalties for non-compliance. SOX contains multiple provisions for tracking users, data access, and providing data security for audit and forensic purposes. The main intent of the act is build public confidence in security markets.

 

The SOX Compliance Standard

SOX regulations serve a somewhat different purpose from various other standards and guidelines. Unlike most security compliance measures, SOX is intended to create traceable data to prove (or disprove) corporate fraud and malfeasance in accounting and administration. In practice, the mechanics of implementing SOX compliance are almost identical to that of implementing a corporate security process, as described here.

Deliver a functional and robust IT security process.
CorreLog Enterprise can proactively test and assess a server environment against pre-configured, out-of-the-box policies, helping to enable a minimal deployment window. CorreLog leverages industry standards, specifically benchmarks from the Center for Internet Security (CIS), the National Institute of Standards and Technology (NIST), as well as the Defense Information Systems Agency (DISA). These benchmarks include tens of thousands of configuration assessments enabling automatic sustainable policy compliance testing for SOX.

Enable faster identification and resolution of security incidents.
CorreLog monitors file integrity and file structures on information systems, including hardware, software, network, and security infrastructure. It then provides detailed change audit information to enable agency staff to quickly pinpoint, analyze, and recover from any undesirable change. CorreLog delivers assurance that authorized changes are completed, and that unauthorized or ad hoc changes that circumvented policy are detected and immediately reported. With a verifiable audit trail, staff can then document every step to auditors or assessors and provide them with detailed reports that demonstrate changes made to information systems can be detected, corrections verified, and anomalies explained. The path from data to information to knowledge is quick and responsive.

Improve effectiveness and efficiency of security operations.
By combining change detection and reporting with configuration assessment, CorreLog assesses every change as authorized, within policy and compliant, ensuring systems achieve a known and trusted state. CorreLog then helps maintain that known and trusted state by establishing a secure baseline to measure change against, and then monitors against that baseline through ongoing, tunable change detection and reporting.

Improve the ability to detect and mitigate network-based risks.
This is the main role of CorreLog as a security monitor. It provides visibility into who is logging into what areas of the enterprise and keeps track of what users are doing on the system. This is achieved through monitoring log messages and mapping activity back to security protocols.

Control the transfer of financial data through the network.
Direct whether and how users may access, print, and send federal agency data over the network via email, peer-to-peer (P2P) applications, IM, HTTP, HTTPS, FTP, Wi-Fi, or other means. Ensure that data only goes to authorized recipients such as contractors or other agencies. CorreLog provides elements to monitor the security of all elements participating in this type of transaction.

Control the transfer of financial data to removable media.
Regulate how users copy data to removable USB drives, CDs, DVDs and other external storage devices. CorreLog monitors system peripherals and reports to system configurations that may indicate an attempt to transfer data from secure equipment.

Regularly test security systems and processes.
CorreLog schedules periodic tests of network integrity and verifies that certain messages are logged, indicating successful tests. CorreLog interfaces easily with common, security-test software, including port scanners, to verify that CorreLog is successfully monitoring system security. CorreLog has a self-test associated with AES encryption that permits users to verify that CorreLog encryption is working.

Maintain a policy that addresses information security.
An organization cannot claim to have a comprehensive information security policy without monitoring the security message being constantly logged on platforms within your enterprise. An enterprise that installs CorreLog, with no other action, takes a major step forward in creating and maintaining an enterprise security policy.

Develop and maintain secure systems and applications.
CorreLog furnishes the ability to make Windows platforms more secure (using the CorreLog Windows agent). For UNIX and other platforms, CorreLog leverages the existing native agent (i.e. the syslog process) to make the managed system more secure. CorreLog is a substantial "development component" of any enterprise-wide security system, permitting you to extend your security to any streaming log file or home-grown application.

CorreLog features such as auto-archiving, usage of checksums and digests, as well as the ability to permanently lock down log and message data to prevent tampering, make the system an ideal component for meeting the SOX regulations. CorreLog gives your organization assurance that it is meeting the objectives of Sarbanes-Oxley, at the same time providing a useful system for forensics, security monitoring, and auditing.

View Other Compliance Notes And Guidelines...

This is CorreLog
Security Compliance
Datasheets
 
Free Trial Download
Request Product Demo
Purchase CorreLog

Privacy  |  Product Licensing  |  Contact Us

CorreLog: High Performance Correlation, Search, and Log Management

Copyright © 2010, CorreLog, Inc. All rights reserved.
All trademarks and registered trademarks used herein are the properties of their respective owners.

Google, Twitter, Digg, SlashDot, Cisco, Microsoft