SOX Compliance Solutions


Sarbanes-Oxley Act (SOX) is legislation that initiated in 2002 and introduced major business accounting and investor protection reform. It made corporate finances more transparent, strengthened auditor independence and introduced a number of security regulations designed to combat potential fraud. Meeting SOX IT compliance requirements is quite a challenge and usually requires the use of dedicated, third party SOX compliance software.


Ekran System® is a security monitoring solution that will help you achieve SOX security compliance with minimal investment on your part. Windows, Linux/UNIX, macOS physical and virtual endpoints are supported including Citrix servers.


Sarbanes-Oxley SOX compliance controls the level of internal protection of sensitive data used for financial reporting. Companies are tasked with preventing the appearance of any potential fraudulent or untrue information in their accounting and financial reports. Ekran System will help you protect the integrity of sensitive data by monitoring and controlling access to it, as well as any changes being made. It also allows you to assess and control risks and precisely detect any security violations. With detailed reports, customizable alert notifications and messaging, Ekran System makes meeting SOX requirements easy. Ekran System also fully supports protected MS SQL database, allowing you to easily achieve SOX database compliance.


SOX Section 404 – Evaluate Company-Level Controls


Ekran System provides rich toolsets for user identification and access control. Such functions as multi-factor authentication and secondary authentication for shared credentials help to ensure reliable and exact user identification. One-time passwords, privileged account and session management (PASM), ticketing system integrations and other tools enable building systems with granular and transparent access control.


Right after the session start, Ekran System will record video and metadata of every session regardless of the type of programs used or actions performed. Resulting video files are indexed and ready to be used for investigation or audit. Robust report generating tools allows you to quickly evaluate the status of security data and insight into any potential issues.


SOX Section 404 – Perform a Fraud Risk Assessment


Ekran System performs comprehensive monitoring of all user activity, including any launched applications and services, any visited websites, as well as all keypresses and mouse movements. It produces a detailed report that you can present as unquestionable evidence of user actions on a specific machine. This allows you to perform easy, root cause analysis to investigate changes in the system with the help of an advanced keyword search by application name, window title, visited URL, or executed commands. Ekran System generates customizable easy-to-analyze reports that can be sent via email, generated by a set schedule or ad hoc.


SOX Section 404 – Evaluate Controls Designed to Prevent or Detect Fraud


Ekran System has a customizable alert notification system that allows you to define complex combinations of alert rules using such parameters as user name, entered text, application name, connected USB device type, etc.


Ekran System records all visual information from a user’s screen and captures all textual information (such as application name, visited URL, etc.) including the text entered from a user’s keyboard. The log data is generated for software of any type, even if there is no internal logging of their own. This allows IT auditors to view exact user activity, such as opened windows, accessed folders, executed files and commands, etc. Ekran System also features an internal system user monitoring solution that will allow you to control and evaluate the performance of the security personnel working with Ekran System Management Tool.


Ekran System is one of the most cost-effective solutions allowing you to comply with SOX requirements. It provides flexible licensing as well as a free online demo and trial version for you to try.