The Sarbanes-Oxley (SOX) Act of 2002 set strict standards for financial reporting by U.S. public companies. SOX Section 404 mandates an annual assessment by an independent auditor of the effectiveness of a public company's control procedures. IT departments, who are usually tasked with managing these audits, need to ensure that systems holding financial data can be accessed only by those whose job function requires it, that privileges are limited just to those required by the job, and a record off all activity is kept.
Centrify helps IT organizations simplify their SOX auditing requirements with a cost-effective solution that leverages technology already in house: Microsoft Active Directory. By leveraging an existing identity infrastructure, tools, processes and skill sets, Centrify Infrastructure Services enables consolidated and centralized management of user identities and servers, user authentication, role-based access control, session recording and reporting services to meet compliance auditing requirements.
Associate all access rights and privileges on audited systems to individual users, providing the level of accountability required by SOX auditors
Address SOX reporting requirements with scheduled, packaged and customizable attestation reports representing 'who has access to what' and 'what did they do with that access' including detailed privileged session auditing
Implement role-based security and access controls along with centralized reporting of who has access to what systems
Limit privileged access on SOX system to just the subset of commands they need to perform their jobs
Capture detailed audit trails of all user actions, and system responses, for inspection by SOX auditors