Centrify Your Security

Regulatory Compliance

Establish accountability and advance compliance reporting by recording which users accessed which systems, what commands they executed, with what privilege, and the exact changes they made to key files and configurations

Every major compliance regulation requires organizations to link access controls, role-based privileges, and user activity to named users. In cross-platform environments, establishing this accountability is a complex task given the existence of multiple identity silos such as NIS and LDAP databases, platform-specific proprietary directories, and local config files managed system by system.

Centrify addresses these IT security and compliance requirements with a Unified Identity Services solution: a single, integrated architecture for authentication, access control, privilege management, policy enforcement and compliance. See the topics below for details on how Centrify's unified approaches addresses specific compliance regulations.

Satisfy SOX auditors with simplified reporting that shows who has access to audited business systems, what they can do, and what actions they have performed

The Sarbanes-Oxley (SOX) Act of 2002 set strict standards for financial reporting by U.S. public companies. SOX Section 404 mandates an annual assessment by an independent auditor of the effectiveness of a public company's control procedures. IT departments, who are usually tasked with managing these audits, need to ensure that systems holding financial data can be accessed only by those whose job function requires it, that privileges are limited just to those required by the job, and a record off all activity is kept.

Centrify helps IT organizations simplify their SOX auditing requirements with a cost-effective solution that leverages technology already in house: Microsoft Active Directory. The Centrify Server Suite provides the tools to:

  • Associate all access rights and privileges on audited systems to individual Active Directory accounts, providing the level of accountability required by SOX auditors
  • Implement role-based security and access controls along with centralized reporting of who has access to what systems
  • Limit superuser privileges to just the set of commands they need to perform their jobs
  • Capture detailed audit trails of all user actions, and system responses, for inspection by SOX auditors