Satisfy SOX Auditors with Simplified Reporting on Privileged Access
The Sarbanes-Oxley (SOX) Act of 2002 set strict standards for financial reporting by U.S. public companies. SOX Section 404 mandates an annual assessment by an independent auditor of the effectiveness of a public company's control procedures. IT departments, who are usually tasked with managing these audits, need to ensure that systems holding financial data can be accessed only by those whose job function requires it, that privileges are limited just to those required by the job, and a record off all activity is kept.
Centrify helps IT organizations simplify their SOX auditing requirements with a cost-effective solution that leverages technology already in house: Microsoft Active Directory. By leveraging an existing identity infrastructure, tools, processes and skill sets, Centrify Server Suite enables consolidated and centralized management of user identities and servers, user authentication, role-based access control, session recording and reporting services to meet compliance auditing requirements.
Centrify Privilege Service™ (CPS) provides shared account password management and secure remote access to resources. In addition, Centrify Identity Service ensures individual accountability when accessing sensitive data in SOX-compliant business apps.
- Associate all access rights and privileges on audited systems to individual users, providing the level of accountability required by SOX auditors
- Address SOX reporting requirements with scheduled, packaged and customizable attestation reports representing 'who has access to what' and 'what did they do with that access' including detailed privileged session auditing
- Implement role-based security and access controls along with centralized reporting of who has access to what systems
- Limit privileged access on SOX system to just the subset of commands they need to perform their jobs
- Capture detailed audit trails of all user actions, and system responses, for inspection by SOX auditors