|
|
News
Mutiny Ticks The Sox Box
How Mutiny can help secure Sarbanes Oxley approval The Sarbanes-Oxley Act of 2002 is considered to be one of the most significant changes to security laws in the United States. Sarbanes Oxley followed a wave of well-publicised corporate financial scandals which included Enron and WorldCom. One of the most significant provisions of Sarbanes Oxley is the criminal and civil penalties that place executive management and the board of directors under the spotlight. The Act is designed to ensure the following within a business:  There are sufficient controls to prevent
fraud, misuse, and/or loss of financial
data/transactions.There are controls to enable speedy
detection if and when such problems
occur.Effective action is taken to limit the
effects of such problems.
In many companies, most of these controls are IT-based.
Not only must controls be in place; they must be effective, and it must be possible to note exceptions caught by the controls and follow audit trails in order to take appropriate action in response to those exceptions. This requirement puts a new pressure on IT that until now few IT departments have faced.
Ultimately, Sarbanes-Oxley makes executives responsible for ensuring that these controls are in place and effective, and this fact is making Sarbanes-Oxley a high priority on most companies' agendas: Executives are aware that they could go to jail if these processes are not in place and/or are ineffective. Suddenly, executives are very interested in what's going on in the murky depths of the IT department!
 It therefore becomes very important to be able to demonstrate that your general IT environment and the associated controls follow best practise since most key financial systems run on a server and reside on your network. All of a sudden, being able to show that you are proactively monitoring your IT infrastructure and systems, becomes more important.
Today, Sarbanes Oxley applies to companies quoted on US stock exchanges including those based outside of the US, but it is difficult to see how anyone will be exempt from such proactive measures, and as is often the case, the US leads the way in new legislation, so it is only a matter of time before such universal legislation arrives in the UK.
Under the directive of Sarbanes Oxley Act, executives must demonstrate that:
1. Files containing accounting information have not been compromised, and
2. All significant technical controls, including security authorizations and critical
configuration files have not been compromised.
How Mutiny Can Help
Once installed, Mutiny has the ability to monitor all elements of your network that support financial applications. These elements will include switch, router and server performance, where areas of potential failure are varied. For example, Mutiny can report on the status of a link between two points, or predict potential RAID problems on critical servers.
The key however is that Mutiny takes a proactive approach to Critical Services Monitoring; alerting to potential problems affecting financial applications before they occur, giving the team ample time to solve them.
Furthermore, Mutiny can provide accurate reports of the status of the IT infrastructure supporting financial applications through its detailed reporting tool, proving agreed service levels have been hit.
That’s not all however; Mutiny will also monitor processes and applications. So financial databases built on say, SQL, will have the added benefit of being monitored by Mutiny to a detailed level. In fact mutiny can monitor all of your critical processes to warn of potential failure.
As the only appliance based approach to financial services monitoring, Mutiny can comfortably hold 80Gb of network event data, allowing you to carry a complete network audit trail. Thereby helping you to identify every event on every device or application
For more information, please call Mutiny on 01453 840454.
Return to headlines
|
