Print version
Global Websites »
SOLUTIONS
Technology Solutions for Enterprise Security
Strong Authentication
Secure Web Gateway
Public Key Infrastructure (PKI)
Web Security Audit
PC & Laptop Security
Email Security
Secure VPN Access
Application Layer Security
Integrated Physical/Logical Access
URL Filtering
One-Time Password (OTP)
SecureSurfing for ISPs
High Capacity Web Security
Advanced Anti-Spam
Content Security for Mobile Devices
Technology Solutions for Software Publishers
For Fighting Software Piracy
Software Copy Protection
Intellectual Property Protection
Secure Software Licensing
Software Product Activation
For Embedded Software Vendors
For SaaS / On-Demand Providers
Business & Compliance Solutions
Small & Medium Businesses
Higher Education
Sarbanes-Oxley
BASEL II
FIPS
HIPAA
PCI
PRODUCTS/SERVICES
HASP: Software Protection and Licensing
HASP SRM
HASP SRM SaaS Pass
HASP Services
eSafe: Integrated Content Security
Web Security Gateway
Web Security Gateway +
Web Security Gateway SSL
Mail Security Gateway
Modules
Appliances
Anonymous Proxies Blocking
eSafe SecureSurfing for ISPs
Policy Management
Application Filtering
WTA Security Audit
Security for Mobile Operators
eToken: Strong Authentication & Password Management
eToken Overview
eToken Authentication Devices
eToken Device Management
Software Developers Kit (SDK)
SafeWord: Secure Access for Your Business
Features/Benefits
Applications
Authenticators
Designed for Windows
Compliance
Attack Intelligence Research Center
AIRC Blog
Security News
Publications
Useful Resources
PARTNERS
Channel Partners
Solution Partners
Find Reseller
Partner Portal
ABOUT ALADDIN
Company Overview
Customers
News Room
Awards & Recognition
Company Information
Management
Worldwide Offices
Career Opportunities
Community Giving
Aladdin and the Environment
SUPPORT/DOWNLOAD
For HASP
For eSafe
For eToken
For SafeWord
For Hardlock
CONTACT US
Resellers & Distributors
Contact Us
HASP Products
eSafe Products
eToken Products
SafeWord Products
Achieving Sarbanes-Oxley Compliance with Aladdin Security Solutions
Information security is only a small part of the directives within the Sarbanes-Oxley (SOX) Act, but SOX has become a large part of information security for the organizations it applies to. After corporate scandals such as Enron, WorldCom, Tyco International and others threatened the economy and shook investor confidence, the US Congress passed the Public Company Accounting Reform and Investor Protection Act (PL 170-204), more commonly referred to as Sarbanes-Oxley.
Comprehensive Security as a Solution
Part of achieving and maintaining compliance with the SOX requirements is to ensure that only authorized individuals have access to sensitive internal data. Aladdin’s enterprise security solutions, eToken and eSafe, together provide a unique offering for achieving SOX compliance – and strengthening network security -- by:
Using strong authentication to ensure that individuals who access the network, applications, and portable devices are indeed who they claim to be, enabling you to tighten user access controls and enhance the security and integrity of your sensitive data.
Blocking the unauthorized transmission of sensitive information outside your network by the Trojans, spyware, and other crimeware programs that are increasingly exploiting weaknesses in web content security.
Following are key elements of the eSafe and eToken solutions for SOX compliance.
For more information on how Aladdin can help your organization meet SOX requirements,
contact an Aladdin representative
.
Click here to learn more about SOX and security
.
Internal Controls – The Heart of SOX
Sarbanes-Oxley applies to all companies traded publicly in the United States, including foreign companies with securities traded in US markets. SOX is an expansive piece of legislation aimed at requiring companies to verify and attest to the integrity of their financial reports, as well as maintaining the internal control structure that governs financial reporting and ensuring the accuracy of earnings statements and financial disclosure information. The sections related to compliance can be found in sections 302 and 404 of SOX.
The key for SOX compliance lies in internal controls. Section 404 of the Act, which addresses the management of internal controls, basically requires:
Management’s explicit statement of responsibility for establishing and maintaining an adequate internal control structure and procedures for financial reporting.
An annual assessment of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.
In today’s corporate environment, many companies store and transmit virtually all financial and transaction information electronically. Therefore, placing internal controls on digital information is critical for compliance to SOX. Although SOX does not indicate specific methods for establishing and maintaining information security controls, following are some steps corporations should take to achieve compliance:
Create corporate-wide security policies.
Implement an effective authentication system to detect all individuals who access the organization’s network.
Create logical and physical barriers to relevant information, to ensure that it cannot be tampered with or accessed by unauthorized individuals.
Implement a system that controls individuals’ access rights according to the organization’s security policies.
Properly assign and secure laptops and other portable equipment to personnel.
