SARBANES-OXLEY ACT 404 COMPLIANCE What about the server admin by ujl89480



       What about the server administrators?

        Conformance to the                      Full inspection and auditing
        Sarbanes-Oxley Act                      of admin traffic to the servers
        Control over administrators             Audit remote management

Are you aware of all changes to your financial data? Even of the not-so-obvious ones?
Server administrators left unattended can cause some unexpected problems.
Fortunately the BalaBit Shell Control Box gives you the tool to handle this issue.

                                                                         Shell Control Box

Are you prepared?                                          Total audit – the dream of the auditor

One of the major provisions of the Sarbanes-Oxley          The BalaBit Shell Control Box (SCB) makes all traffic
(SOX) Act is that CEOs and CFOs have to certify that       related to your financial servers fully auditable,
all financial data provided to the auditors is accurate    without the need to change or modify any of your
and have not been modified. Are you prepared to take       applications. SCB has the power to transparently
this responsibility? SOX applies to all US organiza-       monitor and control the encrypted (SSH) channels
tions, their subsidiaries, and foreign companies regis-    used in server administration. All traffic (SSH and
tered on the US stock market.                              other) to and from the server can be reliably logged
                                                           and audited by a device independent from the client
                                                           and server applications used to access the servers.
                                                           This facilitates full compliance to the criteria of the
                                                           SOX Act.

                                                    SCB Complete
                                                    SSH Inspection

No uncovered access?                                       SCB also provides an easy-to-use single sign on
                                                           (SSO) authentication system capable of authenticat-
How can you make absolutely sure that all modifica-        ing every single connection. That way it is possible to
tion to the financial data on your servers have been       determine which user of a machine wishes to connect
recorded and can be audited? The usual answer is           to the server. Authentication is possible even when
that the financial applications used log all changes       multiple users are using the same machine, as in a
and actions in detail. But is this really sufficient?      terminal server environment. This feature creates a
Unfortunately no, because the servers can be (and -        perspicuous system and immensely simplifies the
at least for administration and maintenance purposes       work of the auditor. For improved security in access-
- are) also accessed directly by system administra-        ing such sensitive data, SCB supports the “4 eyes
tors. Such maintenance and configuration tasks             only” principle. This feature makes it possible to
require superuser privileges on the server, and that       ensure that no single person can access the server
enables someone skilled enough to manipulate any           individually; only two users monitoring each other's
data stored on the server (that includes all your finan-   work. That prevents any single person from manipu-
cial figures as well), and even to completely cover the    lating and subverting the data stored on the server.
tracks of such actions.


To top