English
Chinese
French
German
Japanese
Spanish
Technology Solutions for Enterprise Security
Strong Authentication
Secure Web Gateway
Public Key Infrastructure (PKI)
Web Security Audit
PC & Laptop Security
Email Security
Secure VPN Access
Application Layer Security
Integrated Physical/Logical Access
URL Filtering
One-Time Password (OTP)
SecureSurfing for ISPs
High Capacity Web Security
Advanced Anti-Spam
Content Security for Mobile Devices
Technology Solutions for Software Publishers
For Fighting Software Piracy
Software Copy Protection
Intellectual Property Protection
Secure Software Licensing
Software Product Activation
For Embedded Software Vendors
Business & Compliance Solutions
Small & Medium Businesses
Higher Education
Sarbanes-Oxley
BASEL II
FIPS
HIPAA
PCI
HASP: Software Protection and Licensing
HASP SRM
HASP Services
eToken: Strong Authentication & Password Management
eToken Overview
eToken Authentication Devices
eToken Device Management
Software Developers Kit (SDK)
eSafe: Integrated Content Security
eSafe Gateway
eSafe Web
eSafe Web SSL
eSafe Mail
eSafe Modules
eSafe Appliances
eSafe Security Center
eSafe Anti-Anonymizer
eSafe SecureSurfing for ISPs
eSafe Web Threat Analyzer
eSafe MCSG for Mobile Operators
Channel Partners
Solution Partners
Find Reseller
Company Overview
Customers
Awards & Recognition
Aladdin in the News
Investor Relations
Management
Blogs
Worldwide Offices
Career Opportunities
Community Giving
Aladdin and the Environment
Events
Press Releases
Aladdin in the News
Media Kits
Webinars
For HASP
For eSafe
For eToken
For Hardlock
Resellers & Distributors
Talk to Customer Relations
Contact Us
HASP Products
eToken Products
eSafe Products
Achieving Sarbanes-Oxley Compliance with Aladdin Security Solutions
Information security is only a small part of the directives within the Sarbanes-Oxley (SOX) Act, but SOX has become a large part of information security for the organizations it applies to. After corporate scandals such as Enron, WorldCom, Tyco International and others threatened the economy and shook investor confidence, the US Congress passed the Public Company Accounting Reform and Investor Protection Act (PL 170-204), more commonly referred to as Sarbanes-Oxley.
Comprehensive Security as a Solution
Part of achieving and maintaining compliance with the SOX requirements is to ensure that only authorized individuals have access to sensitive internal data. Aladdin’s enterprise security solutions, eToken and eSafe, together provide a unique offering for achieving SOX compliance – and strengthening network security -- by:
Using strong authentication to ensure that individuals who access the network, applications, and portable devices are indeed who they claim to be, enabling you to tighten user access controls and enhance the security and integrity of your sensitive data.
Blocking the unauthorized transmission of sensitive information outside your network by the Trojans, spyware, and other crimeware programs that are increasingly exploiting weaknesses in web content security.
Following are key elements of the eSafe and eToken solutions for SOX compliance.
For more information on how Aladdin can help your organization meet SOX requirements,
contact an Aladdin representative
.
Click here to learn more about SOX and security
.
Internal Controls – The Heart of SOX
Sarbanes-Oxley applies to all companies traded publicly in the United States, including foreign companies with securities traded in US markets. SOX is an expansive piece of legislation aimed at requiring companies to verify and attest to the integrity of their financial reports, as well as maintaining the internal control structure that governs financial reporting and ensuring the accuracy of earnings statements and financial disclosure information. The sections related to compliance can be found in sections 302 and 404 of SOX.
The key for SOX compliance lies in internal controls. Section 404 of the Act, which addresses the management of internal controls, basically requires:
Management’s explicit statement of responsibility for establishing and maintaining an adequate internal control structure and procedures for financial reporting.
An annual assessment of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.
In today’s corporate environment, many companies store and transmit virtually all financial and transaction information electronically. Therefore, placing internal controls on digital information is critical for compliance to SOX. Although SOX does not indicate specific methods for establishing and maintaining information security controls, following are some steps corporations should take to achieve compliance:
Create corporate-wide security policies.
Implement an effective authentication system to detect all individuals who access the organization’s network.
Create logical and physical barriers to relevant information, to ensure that it cannot be tampered with or accessed by unauthorized individuals.
Implement a system that controls individuals’ access rights according to the organization’s security policies.
Properly assign and secure laptops and other portable equipment to personnel.
