Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge
Is your enterprise following the rules?The bulk of financial information in many companies is created, stored and transmitted electronically, maintained by IT and controlled via information integrity...
Is your enterprise following the rules?
These components enable information integrity and data retention, while enabling IT audits and business continuity.
In order to comply with Sarbanes-Oxley, companies must be able to show conclusively that:
Sarbanes-Oxley Section 404
Section 404 regulates enforcement of internal controls, requiring management to show that it has established an effective internal control structure and procedures for accurate and complete financial reporting. In addition, the company must produce documented evidence of an annual assessment of the internal control structure’s effectiveness, validated by a registered public accounting firm. By instituting effective email controls, organizations are not only ensuring compliance with Sarbanes-Oxley Section 404; they are also taking a giant step in the right direction with regards to overall email security.
Effective Email Controls
Email has evolved into a business-critical application unlike any other. Unfortunately, it is also one of the most exposed areas of a technology infrastructure. Enterprises must install a solution that actively enforces policy, stops offending mail both inbound and outbound and halts threats before internal controls are compromised, as opposed to passively noting violations as they occur.
An effective email security solution must address all aspects of controlling access to electronically stored company financial information. This includes access during transport as well as access to static information resident at the company or on a remote site or machine. Given the wide functionality of email, as well as the broad spectrum of threats that face email systems, ensuring appropriate information access control for all of these points requires:
For years, corporations addressed their various email security needs through a mixture of third-party software “solutions” designed to address specific areas of vulnerability. Today, however, this approach is ineffective. New amorphous threats adapt to even the latest security technology, helping hackers and spammers stay a step ahead of most stand-alone protective measures. System administrators remain in a reactionary mode, waiting for the next attack and hoping their mixed bag of security software is up to the test. The new challenges posed to email security demand a new approach that protects enterprises from all types of malicious attacks. Enter CipherTrust’s IronMail.
IronMail and Sarbanes-Oxley
IronMail has been created to protect organizations from both known and unknown email security attacks. IronMail offers automatic or manual updates to protect against both known and newly discovered email security threats and vulnerabilities, and the comprehensive messaging security provided by IronMail assists organizations in key areas of maintaining effective internal controls. Specific financial information threats and vulnerabilities protected by IronMail include:
IronMail provides a comprehensive solution to the Sarbanes-Oxley information integrity requirements as they relate to protecting corporate financial information that is transmitted and stored via email. Everything from message privacy/encryption to email firewall and intrusion protection to content filtering is included in the IronMail solution.
Take the Next Step
Learn more about how IronMail helps organizations ensure Sarbanes-Oxley compliance by visiting www.ciphertrust.com or requesting CipherTrust’s free whitepaper, “Contributing to Sarbanes-Oxley Compliance with IronMail”.
Source: Free Articles from ArticlesFactory.com
ABOUT THE AUTHOR
CipherTrust is the leader in anti-spam and email security. Learn more by downloading our free whitepaper, “Contributing to Sarbanes-Oxley Compliance with IronMail” or by visiting www.ciphertrust.com.