SOX Compliance Solutions

 

Sarbanes-Oxley Act (SOX) is legislation that was initiated in 2002 and introduced major business accounting and investor protection reform. It made corporate finances more transparent, strengthened auditor independence and introduced a number of security regulations designed to combat potential fraud. Meeting SOX IT compliance requirements is quite a challenge and usually requires the use of dedicated, third party SOX compliance software.

 

Ekran System® is a security monitoring solution that will help you achieve SOX security compliance with minimal investment on your part. Windows, Linux/Unix, macOS physical and virtual endpoints are supported including Citrix servers.

 

Sarbanes-Oxley SOX compliance controls the level of internal protection of sensitive data used for financial reporting. Companies are tasked with preventing the appearance of any potential fraudulent or incorrect information in their accounting and financial reports. Ekran System will help you protect the integrity of sensitive data by monitoring and controlling access to it, as well as any changes made. It also allows you to assess and control risks and precisely detect any security violations. With detailed reports, customizable alert notifications and messaging, Ekran System makes meeting SOX requirements easy. Ekran System also fully supports the MS SQL database, allowing you to easily achieve SOX database compliance.

 

SOX Section 404 – Evaluate Company-Level Controls

 

Ekran System provides rich toolsets for user identification and access control. Such functions as multi-factor authentication and secondary authentication for shared credentials help to ensure reliable and exact user identification. One-time passwords, privileged account and session management (PASM), ticketing system integrations and other tools enable the building of systems with granular and transparent access control.

 

As soon as a session is started, Ekran System will record video and metadata of every session regardless of the type of applications used or actions performed. The resulting video files are indexed and ready to be used for investigation or audit. Robust report generating tools allows you to quickly evaluate the status of security data and give you an insight into any potential issues.

 

SOX Section 404 – Perform a Fraud Risk Assessment

 

Ekran System performs comprehensive monitoring of all user activity, including all applications and services launched and all websites visited, as well as all keypresses and mouse movements. It produces a detailed report that you can present as unquestionable evidence of user actions on a specific machine. This allows you to perform easy, root cause analysis to investigate changes in the system with the help of an advanced keyword search by application name, window title, URL visited, or command executed. Ekran System generates customizable easy-to-analyze reports that can be sent via email, generated either according to a set schedule or ad hoc.

 

SOX Section 404 – Evaluate Controls Designed to Prevent or Detect Fraud

 

Ekran System has a customizable alert notification system that allows you to define complex combinations of alert rules using such parameters as user name, text entered, application name, USB device type connected, etc.

 

Ekran System records all visual information from a user’s screen and captures all textual information (such as application name, URL visited, etc.) including the text entered via a user’s keyboard. The log data is generated for software of any type, even if the software has no internal logging functionality of its own. This allows IT auditors to view exact user activity, such as windows opened, folders accessed, files and commands executed, etc. Ekran System also features an internal system user monitoring solution that allows you to control and evaluate the performance of the security personnel who use the Ekran System Management Tool.

 

Ekran System is one of the most cost-effective solutions for allowing you to comply with SOX requirements. It provides flexible licensing as well as an online demo and a free 30-day trial version for you to evaluate.