Go To Email Marketing Home | Add to Favorites
Sarbanes-oxley: A Cross-industry Email Compliance Challenge
Is your enterprise following the rules?
The bulk of financial information in many companies is created, stored and transmitted electronically, maintained by IT and controlled via information integrity procedures and practices. For these reasons, compliance with federal requirements such as the Sarbanes-Oxley Act (SOX) is heavily dependent on IT. Companies that must comply with SOX are U.S. public companies, foreign filers in U.S. markets and privately held companies with public debt. Ultimately, the corporate CEO and CFO are accountable for SOX compliance, and they will depend on company finance operations and IT to provide critical support when as they report on the effectiveness of internal control over financial reporting.
Sound practices include corporate-wide information security policies and enforced implementation of those policies for employees at all levels. Information security policies should govern network security, access controls, authentication, encryption, logging, monitoring and alerting, pre-planned coordinated incident response, and forensics. These components allow for information integrity and data retention, while enabling IT audits and business continuity.
Complying with Sarbanes-Oxley
The changes required to ensure SOX compliance reach across nearly all areas of a corporation. In fact, Gartner Research went so far as to call the Act “the most sweeping legislation to affect publicly traded companies since the reforms during the Great Depression.” Since the bulk of information in most companies is created, stored, transmitted and maintained electronically, one could logically conclude that IT shoulders the lion’s share of the responsibility for SOX compliance. Enterprise IT departments are responsible for ensuring that corporate-wide information security policies are in place for employees at all levels. Information security policies should govern:
* Network security
* Access controls
* Authentication
* Encryption
* Logging
* Monitoring and alerting
* Pre-planning coordinated incident response
* Forensics
These components enable information integrity and data retention, while enabling IT audits and business continuity.
In order to comply with Sarbanes-Oxley, companies must be able to show conclusively that:
* They have reviewed quarterly and annual financial reports;
* The information is complete and accurate;
* Effective disclosure controls and procedures are in place and maintained to ensure that material information about the company is made known to them.
Sarbanes-Oxley Section 404
Section 404 regulates enforcement of internal controls, requiring management to show that it has established an effective internal control structure and procedures for accurate and complete financial reporting. In addition, the company must produce documented evidence of an annual assessment of the internal control structure’s effectiveness, validated by a registered public accounting firm. By instituting effective email controls, organizations are not only ensuring compliance with Sarbanes-Oxley Section 404; they are also taking a giant step in the right direction with regards to overall email security.
Effective Email Controls
Email has evolved into a business-critical application unlike any other. Unfortunately, it is also one of the most exposed areas of a technology infrastructure. Enterprises must install a solution that actively enforces policy, stops offending mail both inbound and outbound and halts threats before internal controls are compromised, as opposed to passively noting violations as they occur.
An effective email security solution must address all aspects of controlling access to electronically stored company financial information. This includes access during transport as well as access to static information resident at the company or on a remote site or machine. Given the wide functionality of email, as well as the broad spectrum of threats that face email systems, ensuring appropriate information access control for all of these points requires:
* A capable policy enforcement mechanism to set rules in accordance with each company’s systems of internal controls;
* Encryption capabilities to ensure privacy and confidentiality through secure and authenticated transport and delivery of email messages;
* Secure remote access to enable remote access for authorized users while preventing access from unauthorized users;
* Anti-spam and anti-phishing technology to prevent malicious code from entering a machine and to prevent private information from being provided to unauthorized parties
In conclusion, complying with Sarbanes-Oxley puts a heavy burden on an organization's IT department to implement and enforce policies set up by corporate governance boards. In order to make sure the company's email system complies with Sarbanes-Oxley, IT managers must be able to document steps they have taken to address Section 404 of the code. CipherTrust manufactures a secure email gateway appliance that can help organizations comply with Sarbanes-Oxley. To learn more about it, please visit www.ciphertrust.com/solutions/compliance_SOX.php and read our articles and white paper on the subject of SOX compliance.
Web Surfers Revolt Against "pushy" Advertising
(c) Jim Edwards - All Rights reserved http://www.thenetreporter.com=As the Internet cont...
The Benefits Of Web-based Help Desk Software -
Web-based help desk software has become the most popular way to manage technical inquiries and issues. The ability to access your help desk from any PC in the world is a very convenient tool. These programs offer flexibility and accessibility that was unavailable in former product versions. Like other help desk software products, web base...
Twelve Things You Should Know To Save On Computer Software
Do you want to get quality software at a reasonable price? Whether you work at home or just need good software for your personal computer, you are faced with an almost endless selection of computer software. Sorting through the options can sometimes be a major task. However, if you want to get good, quality software there are several things that you can do that will save you money and headaches. With the arrival...
|
 |
|
|
How To Add Unlimited Pictures To Your Ebay Auction Listing – For Free.
I get a lot of questions from people wanting to know how to add more pictures to their auction listings. Do you know that eBay charges for additional pictures? Yes, that’s right. Pay attention when you launch your next eBay listing. Only the first picture is for free. For any additional photos you will be paying $0.15 per photo. This does not sound much but you will be surprised how these figures add up: Imagine you add 3-4 photos per listing. This will end up to an additional $0.50 – just for hosting of your photos. Let’s say you have 3-5 listings a day at the end of the year you might have paid $400-600$ just for picture hostin... |  |
| Building A List - What's It Worth To You?
The internet seems to be full of hyped up business opportunities. What evidence there is to support the feasibility of a business opportunity is often anecdotal – or we may be asked to take the word of a well known internet guru when he tells us that this is the “... | |
| How To Choose A Reputable Online Casino
With literally thousands of online casinos on the internet, it can sometimes become very confusing as to which ones are safe and reputable, and which casinos are not. So many of them are beautifully designed, look very professional and offer great signup bonuses, so how does one go about choosing the "reputable" online casinos while avoiding the "dodgy" ones?When choosing an online casino to play at, one should always ta... | |
| The Truth About Internet Access Providers
There are dozens of internet access providers out there today. Many of these internet access providers have different means of accessing the internet. All internet access providers have varying rates as well. If you are not knowledgeable about the differences in internet access providers, then let this be your guide to the truth about internet access providers.First you need to know the different ways internet access providers use for you to connect to the internet. This can be through dial up modems, DSL, and broadband or cable modems. Dial... | |
| Finding A Cheap Digital Camera
There are a number of great websites that are dedicated to helping you find a cheap digital camera. Some of these can help you save a lot of money on your camera purchases. A lot of these websites will take the effort out of finding a cheap digital camera as they search the Internet and physical stores for the best deals for you.There are so many sales, bargains, coupons and deals available to enable you to get a truly cheap digital camera that it can seem impossible to choose between them so it is important to find a website that gives reviews on the products as well as the vendors themselves. A cheap digital camera may not be such a good deal if it turns o... | |
| What Are The Best Uses For Hidden Video Cameras?
What is the best reason for installing hidden video cameras at home? You may not have the same reason, as let’s say your next door neighbor about the wisdom of installing home security cameras. But neither of you will deny the fact, that placing the hidden video cameras, provides you added security. Here are several compelling reasons to buy hidden video cameras installed at your home or office.Hidden video cameras are your “eyes and ears” in the premises. They record perfectly and don’t play favorites, what you see is what happened. By insta... | |
| Niche Software Steals Microsoft's Thunder
© Jim Edwards - All Rights reserved http://www.IGottaTellYou.com/blog/-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-When you think of software and personal comput... | |
| Search Engine Optimization For Dummies
Many people have said to me that they can't afford to employ a SEO company, but they would still like to get better search results on Google, Yahoo and MSN searches. Are there any basic rules that they can follow to improve their ranking on search engine results pages (SERPs)? In response to this question, here are some basic things that people who have coded their own web sites can do to make the web pages more spiderbot friendly and so more attractive for search engines to crawl.Let's start with the actual information on the home page of the web site. What is the first thing that a spiderbot will see when it crawls your web site - complex graphics, tables of information that do not directly relate to your products or company, or does it see some well-written, grammatically correct text? We have found that the first 100 word... | |
| Is Your Music Player Spying On You?
In today's times spyware is a very serious issue and all computer users should be aware of the possible damage it can cause. It is estimated by well known industry insiders that nearly 90% of all comp... | |
| Find Quality Cheap Web Hosting In Minutes
Lower computer prices and the rapid unfolding of new technology has made high priced web hosting services a thing of the past. You can find high quality cheap web hosting services and packages online in minutes. However, when shopping for a web host, make sure that you aren’t only looking at the dollar signs.It is important to have a litt... | |
|
|