In the United States (US), all public companies, accounting firms, and private organizations on the verge of IPO must comply with SOX regulations that mandate accuracy, integrity, and security of the financial information the companies handle. However, manually monitoring networks and processing log data for SOX compliance is a tedious and an error-prone process.
To escape this monotony and ensure easy and quick SOX compliance, security administrators can use E-SPIN managed service feature log management solution that provides predefined reports during subscription period (ie as service subscription to maintain 3rd party independent and credential).
In specific, for SOX IT Compliance, E-SPIN will provide comply with SOX Act Section 404: IT process controls. E-SPIN will put a box own by E-SPIN at customer site collects, analyzes, correlates, and archives log data from sources across the network. Continuously monitoring log data to ensure the security and integrity of confidential data.
The following information E-SPIN will offer
|SOX requirements||Reports by EventLog Analyzer|
|Sec 302 (a) (4) (A), (C) & (D)||
|Sec 302 (a)(5)||
|Sec 302 (a)(6)||
User Logon and Logoff
SOX requirements (Sec 302 (a) (4) (A), (C) and (D)) state that any user access to the system must be recorded and monitored for possible abuse.
E-SPIN solution will continuously monitors the logon and logoff activities of users across the network. It provides premade reports for successful or failed logons and logoffs. It also alerts you in real time of any unauthorized access.
This solution allows you to monitor the access and activities of privileged users, as well.
E-SPIN solution records all unsuccessful logon attempts on the network. It provides exhaustive information on logon failures such as who attempted to log on, the date and time of the occurrence, and more.
And that’s not all. This solution also provides reports of the reasons for the logon failures (password expiry, bad user name, account lockouts, etc.) to give you in-depth visibility on the access attempts on your network.
Audit Log Access
Collecting and archiving log data in a central location is a compliance mandate because it facilitates forensic analysis and audit trail activities.
In addition to providing the detailed System Logs report,E-SPIN solution also provides prebuilt reports on critical events such as audit log clearance by a specific user.
This solution also centrally collects, normalizes, and archives log data. It also enables you to perform log audit trails easily with its powerful, yet simple, search engine. Apart from the predefined Audit Log Access reports, you can also search the log data for any specific accesses and save the search results as a report or alert profile, which will notify you in real time when that type of access recurs.
To comply with SOX, it is essential to identify:
- When a given object (file or folder) is accessed.
- What operations have been performed on the object (read, write, delete, or modify).
- Whether the access was successful.
- Who performed the action.
E-SPIN solution provides a complete report on the object access (success or failure of access attempt, type of object, who performed the access attempt, from where, and when). The solution’s file integrity monitoring feature also allows you to probe deeper into the access to confidential data.
To ensure complete network security, it is essential to identify the local system processes such as system startup, shutdown, and changes to the system time or audit log data.
Thankfully, E-SPIN solution provides out of the box reports for all of the system events mentioned above.
Successful or Unsuccessful User Account Validation
E-SPIN solution identifies successful or unsuccessful user account logon events, which are generated when a domain user account is authenticated on a domain controller. It also provides detailed information on the user account validation.
Terminal Service Sessions
E-SPIN solution provides predefined reports with exhaustive information regarding the connection, reconnection, and disconnection of terminal server sessions, which helps you track the device session status.
Audit Policy Changes
Tracking changes to the audit policy is much easier withE-SPIN solution’s on-the-fly reports on audit policy changes. These reports provide detailed information on any security level changes to the audit policies.
E-SPIN solution tracks individual user actions with the Individual User Action report, which gives detailed information on the user’s logon and logoff, session activities, access to a file or directory, and more. It also helps you monitor privileged user activities.
User and Computer Account Changes
To ensure complete network security, it’s important to monitor privileged user accounts and security configuration settings such as adding or removing a user account to an administrative group.
E-SPIN solution provides predefined reports that help track all user and computer account management changes. This solution provides real-time email or SMS alerts (as top up option as per required) for any critical security configuration changes, as well.
User Group Changes
E-SPIN solution continuously monitors and tracks the changes in security configuration settings at the user group level. It provides a premade report for user group-level changes such as addition and removal of global or local groups, members from a global or local group, and more.
Feel free to contact E-SPIN for your exact requirement so our solution consultant can provide accurate quote for your consideration in return.