IT Controls Tools
|
A summary of IT Controls tools news. Automation Control Products has released TermSecure with SmartContext. This tool enables administrators to manage users access via ThinClient. Sessions can be started by a user approaching a thin client. As he leaves, the session ends. The functionality means that users have to be authenticated but can still move between applications and devices with flexibility. Internal controls are enhanced, but business flexibility is maintained. Database-Brothers are claiming that there new solution, Brother-Watchdog ensures data accountability. The software tracks access and updates to corporate database data. Web application end user identities and locations are captured and correlated to corresponding database statement activity. Section 404 of the Sarbanes-Oxley Act of 2002 in particular places emphasis on internal controls over financial reporting. Companies are required to show that they have appropriate controls over how their financial data is handled and secured. Applications such as Brother-Watchdog are tapping into this market. BioKey International and IdentiPHI are busily championing their fingerprint identification authentication tools and expertise. They claim that the technology is more secure than the common username/password combination. Section 404 compliance could be enhanced by the use of fingerprint technology if it is demonstrated that IT controls are enhanced by their use. Of course this is only for authentication of identity. Authorization to use particular applications or do certain transactions is another matter. Foundry Networks' IronView Network Manager 2.0 is primarily for threat detection and automatic mitigation. In particular for "Closed loop threat mitigation." Networks are secured by traffic monitoring embedded in Foundry's routers and and open source security applications like SNORT. IronView is a long way from protecting financial information. Risk management and monitoring are important elements of the COSO internal controls framework. COSO in turn is the basis for virtually all Section 404 programs. Elemental Security has its Elemental Security Platform offers Network Access Control (NAC). ESP offers integration between access controls and a policy and risk management framework. Using ESP, companies can Elemental’s policy and risk management product enables enterprises to continuously monitor machines’ configuration, inventory, activity, and policy compliance. MailFoundery Archive is an email archiving suite that is also good for Section 802 of the Sarbanes-Oxley Act. 802 requires companies to have a document retention policy in place.
|
Related Articles
Similar Areas Selected Books Keywords
|