Sarbanes-Oxley

Sarbanes-Oxley (SOX) mandates that public companies demonstrate due diligence in the disclosure of financial information and maintain internal controls and procedures for the communication, storage, and protection of that data. While not explicitly mentioned in the legislation, IT security is a central requirement of Sarbanes-Oxley compliance. SOX requires companies to assess any risk associated with information technology or the internal process that may impact the accurate and timely reporting of financial information. Specifically, SOX requirements include:

• Section 302: Establishes the responsibilities of the CEO and CFO for establishing and maintaining internal controls.
• Section 404: Requires management to assess the effectiveness of internal controls, obtain external validation of those controls, and provide assurances that financial/accounting processes are protected from unauthorized usage.
• Section 409: Requires real-time disclosures of material events.

Meeting the Compliance Challenge
Faced with the penalties for non-compliance—hefty fines and possible jail time—companies need a comprehensive, enterprise security system that will address these common, best practice control objectives: Information security, vulnerability assessment, asset identification, configuration policy, threat detection and response, policy enforcement, and monitoring. Sourcefire solutions are ideally suited to help your company achieve Sarbanes-Oxley compliance. Sourcefire is the first to unify IPS and NBA technologies under the same management console. This intelligent cybersecurity approach provides an efficient and effective layered security defense—protecting network assets before, during, and after an attack—ensuring that your financial systems are protected from unauthorized access.

Sourcefire Supports SOX Requirements
Sourcefire helps your organization comply with Sarbanes-Oxley requirements. The table below shows a few examples of common control objectives that Sourcefire supports.

Control Objective/Sourcefire Approach
Appropriate controls are in place to prevent unauthorized access via public networks/Represents several best practice controls to secure networks from unauthorized use including, intrusion prevention, vulnerability assessment, asset discovery, and network behavior analysis. Monitoring logging and reporting of security activity/Monitors, logs, and reports security events from IDS/IPS, potential vulnerabilities, and violations of configuration and acceptable use policies. Authorized software on company IT assets/Users may set and automatically enforce authorized software policies. Sourcefire passively identifies the assets, OS, protocols, and applications present on your network—in real time. System infrastructure is properly configured to prevent unauthorized access/A baseline configuration policy can be automatically enforced in real time. Security Incident Response/Impact Flags speed analysis of incidents and the P&R system supports the established incident response process—automating remediation or alerting the incident response team. Periodic testing and assessment is performed confirming the infrastructure is appropriately configured/Sourcefire exceeds this requirement performing configuration policy enforcement in real time.