• Overview
  • Related Products
  • Automate SOX Controls and Prevent Unauthorized Changes

    The Sarbanes-Oxley Act (SOX) defines the requirements for the integrity of source data related to financial transactions and disclosures. SOX Section 404 requires implementation of technical controls and continuous access auditing to assure the reliability of data related to financial transactions. In order to establish internal controls, public companies look to implement frameworks like COSO, CobiT, ISO and more. Imperva provides enterprise-ready solutions which enable companies to conduct risk assessments, validate configurations, audit changes that impact financial data and streamline compliance processes.

    Evaluate Internal Controls and Assess Risk

    Internal controls evaluation and risk assessment should be the first steps in a SOX compliance project. Internal policies and secure configurations need to be defined either using custom policies or industry standards. The assessment should cover applications, databases and file systems to identify vulnerabilities and compliance gaps.

    Audit Changes that Impact Regulated Data

    All changes that impact financial transactions must be audited. This includes privileged changes to data (DML1), data containers (DDL2) as well as changes to user rights over regulated data (DCL3). To effectively analyze incidents the audit trail must provide complete details about the 'Who?', 'What?', 'When?', 'Where?' and 'How?' of each regulated event.

    Protect Financial Data from Unauthorized and Fraudulent Activities

    Abnormal activities can be identified through deviations from observed 'normal' behavior. Suspicious activities that may indicate fraud should be alerted on or blocked. Unauthorized activities which violate access policies should be thoroughly reviewed using audit reports and analytical tools which support forensic investigations.

    Access Management and Elimination of Excessive Rights

    User access to source financial data needs to be tightly controlled to reduce the risk of security breaches. Centralized user rights management automates reporting on user access rights, supports review and approval processes, identifies users with excessive rights and reduces costs associated with access control management.

    Implement an Automated Repeatable Audit Process

    Effective implementation of SOX control processes requires making them repeatable. Centralized management of audit and assessment of heterogeneous systems streamlines the execution of these processes. Automation reduces the amount of resources required to maintain on-going SOX compliance and can provide a positive return on investment.

    Enforce Separation of Duties and Enable Auditor Independence

    To verify separation of duties it is important to certify that individuals do not have privileges that allow them to complete and conceal fraudulent activities. It is also critical that privileged users do not have privileges over auditing solutions as they may abuse these privileges to tamper with the integrity of the audit trail.

    1. 1DML = Data Modification Language: Insert, Update, Delete
    2. 2DDL = Data Definition Language: Create, Alter, Drop
    3. 3DCL = Data Control Language: Grant, Revoke
    • Database Security
      Product Name Capabilities
      SecureSphere Database Activity Monitoring
      or
      SecureSphere Database Firewall
      • Audit all changes that affect source financial data
      • Provide needed details to reconstruct change events
      • Alert and optionally block4 abnormal activity related to regulated data and data objects
      • Predefined compliance reports and customization capabilities
      • Audit analytic tools to support forensic investigations
      • Centralized and automated auditing
      • Independent audit solution, Tamper-Proof audit trail
      SecureSphere Discovery and Assessment Server5
      • Assess configurations and identify compliance gaps
      • Discover newly created databases and database objects in scope for SOX Compliance projects
      • Identify changes to databases and objects containing regulated data
      User Rights Management for Databases
      • Automate reporting on database user access rights
      • Support database user rights review and approval processes
      • Identify users with excessive rights
    • File Security
      Product Name Capabilities
      SecureSphere File Activity Monitoring
      or
      SecureSphere File Firewall
      • Audit all changes that affect source financial data in sensitive documents, files
      • Provides needed details to reconstruct change events
      • Alert and optionally block6 abnormal activity related to regulated files (such as spreadsheets)
      • Predefined compliance reports and customization capabilities
      • Audit analytic tools to support forensic investigations
      • Centralized and automated auditing
      • Independent audit solution, Tamper-Proof audit trail
      User Rights Management for Files
      • Automate reporting on user access rights to financial files and spreadsheets
      • Support user rights review and approval processes
      • Identify users with excessive rights
      1. 4Blocking accesses to sensitive data in databases requires SecureSphere Database Firewall
      2. 5SecureSphere Discovery and Assessment Server is included with SecureSphere Database Activity Monitoring and Database Firewall
      3. 6Blocking accesses to sensitive data in databases requires SecureSphere File Firewall