Post on 05-Jul-2020
#completevisibility
How to EnsureContinuous Compliance?
Episode IV: SOX Compliance
Presenter:
Adam StetsonPresales EngineerAdam.Stetson@netwrix.com1.201.490.8840 x2907
#completevisibility
Housekeeping
All microphones will be mutedfor the duration of the webinar
To submit text questions use the Question Pane
All questions, comments or opinions are greatly appreciated
The Question Pane
#completevisibility
Agenda
Compliance Overview
SOX Compliance
SOX Compliance and Netwrix Auditor
Product Demo
Real Case: Netwrix Auditor helping with SOX Compliance
Briefly about Netwrix
Questions and Answers
#completevisibility
Compliance Overview
Best Practices, Standards and Regulations
ISO 27001, COBIT, NIST
PCI, HIPAA, SOX, FISMA, FFIEC/GLBA
Commonalities
Availability, Integrity, Accountability
Policies, Implementation, Validation, Reporting
Perform reviews of your policies
Periodic reviews should be planned
Establish processes for policies and procedures improvement
#completevisibility
SOX Compliance
The Sarbanes–Oxley Act (SOX) of 2002 is a U.S. federal law was enacted as a reaction to a number of major corporate and accounting scandals.Note: Although SOX is a US regulation, many similar laws exist around the world.
SOX requires:
– to adopt Internal Controls over Financial Reporting (ICFR)*
– establish internal auditing of the adopted ICFR**
Who must comply?
All public companies in the U.S. are subject to Sarbanes Oxley (SOX) compliance without exceptions. SOX compliance requirements also apply to overseas operations of U.S. public companies and international companies listed on U.S. exchanges.
*ICFR requirement is Section 302
**ICFR audit is Section 404
#completevisibility
Compliance Approach
One-Time Effort
Compliance as an Event
Long-Term Regime
Compliance as a Continuous Process
#completevisibility
Initial effort for establishing a continuous compliance regime can be cumbersome:
– Extensive planning and development of internal policies,
– Assignment of roles and responsibilities,
– Implementation of controls and mechanisms for feedback and improvement.
Once continuous compliance is established, it brings many benefits, including:
– Increased efficiency of operations
– No high risks periods
– Continuous improvement
– Lower total cost (over the years)
Netwrix Auditor integrated into organization’s IT infrastructure is a great tool to provide
visibility into the systems. Key aspects Netwrix Auditor helps with:
– Compliance Auditing
– Compliance Reporting
– Compliance Orchestration
Continuous Compliance is the Way
#completevisibility
Delivers Complete Visibility Analyze and control any IT related activities with more than 150 predefined reports and more.
Enables Evaluation According to defined policies, metrics and baselines.
Provides Audit Reports Proving compliance along with data consolidation and archiving capabilities with two-tiered audit data storage for up to 10 years or more.
Netwrix Auditor is easily configurable and affordable unified platformWith lightweight non-intrusive data collecting agents that greatly reduces administrative burden and helps to maintain compliance with SOX.
Streamlines compliance by auditing access to sensitive data as well as auditing of changes to access rights for system components.
How Netwrix assists with SOX compliance?
#completevisibility
How Netwrix assists with SOX compliance?
Netwrix Auditor facilitates auditing of the following control processes:– Access Control,
– Account Management,
– Privileged Users Management,
– Credentials Management,
– Integrity Monitoring,
– Configuration Management,
– Data Governance.
Netwrix Auditor establishes the following control process:– Audit Trail.
#completevisibility
How Netwrix assists with SOX compliance?
Overview of Netwrix Auditor coverage based on Cobit 4.1 recommendations– AI3: Acquire and Maintain Technology Infrastructure (COSO: Control Activities)
– AI6: Manage Changes (COSO: Control Activities, Risk Assessment, Monitoring)
– AI7: Install and Accredit Solutions and Changes (COSO: Control Activities, Information and Communication, Monitoring)
– DS3: Manage Performance and Capacity (COSO: Control Activities, Monitoring)
– DS4: Ensure Continuous Service (COSO: Control Activities, Information and Communication, Control Environment)
– DS5: Ensure Systems Security (COSO: Control Activities, Information and Communication, Monitoring)
– DS9: Manage the Configuration (COSO: Control Activities)
– DS10: Manage Problems (COSO: Control Activities, Information and Communication, Monitoring)
– DS13: Manage Operations (COSO: Control Activities, Information and Communication)
#completevisibility
SOX Compliance and Netwrix Auditor
SOX How Netwrix helpsProcesses and
Report CategoriesNetwrix Report
AI6: Manage Changes (COSO: Control Activities, Risk Assessment, Monitoring)
AI6.5: Change Closure and Documentation
Whenever changes are applied, the associated system and user
documentation and procedures must be updated
accordingly. The Netwrixplatform makes it easy to
review all changes and make sure that all related aspects are
reflected in the documentation.
AUDIT TRAILAll Changes
Netwrix Auditor for Active Directory:- All Active Directory Changes
by Groups
Netwrix Auditor for Group Policy: - All Group Policy Changes
with Review Status andmore
DS5: Ensure Systems Security (COSO: Control Activities, Information and Communication, Monitoring)
DS5.4: User Account Management
Audit all changes to user accounts, elevation of privileges, regular and
privileged users’ activities.
ACCOUNT MANAGEMENTAccounts States
Account ChangesPolicies Changes
Policies States
Netwrix Auditor for Active Directory:- User Accounts- User Accounts – Expired- User Accounts - Locked
Netwrix Auditor for Group Policy:- Account Policy Changes- User Configuration Changes
Netwrix Auditor Event Log:- User Account Locks and
Unlocks and more
#completevisibility
Demonstration: Continuous Compliance With…
Netwrix Auditor
#completevisibility
Real Case Study
Customer– L-3 Electron Technologies Division
Industry– Aerospace and Defense
Challenge:– Undocumented AD Changes
and SOX Audits on the Horizon
Solution– Netwrix Auditor
- Kathryn J. Roxby, Senior IT Systems Administrator
Netwrix Auditor for Active Directory has enabled meto provide accurate visibility regarding what changed when
#completevisibility
Real Case Study
Undocumented changes to Active Directory and Group Policy settings are often the cause of failed compliance audits.
Netwrix Auditor for Active Directory:– All Active Directory Changes– All Active Directory Sites Changes and moreNetwrix Auditor for Group Policy:- All Group Policy Changes- All Group Policy Changes with Review Statusand more
Audit Trial
Netwrix Auditor for Group Policy:– System Services Settings Changes– Software Settings Changes– Windows Settings Changes – Security Settings Changes and more
Configuration Management
Netwrix Auditor for Group Policy:– Interactive Logon Settings Changes– Wireless Network Settings Changes and more
Access Control
Control Processes
#completevisibility
Real Case Study
Proven Results
– Ability to catch any potential security incident
– Reporting capabilities
– Unified platform to audit not only Active Directory and Group Policy but also Exchange, File Servers and more
…a user called me complaining that someone had removed morethan half of the users from the distribution group. I scrolledthrough my reports and found that he was the one who deletedthem— probably by mistake, but nevertheless, mystery solved.
- Kathryn J. Roxby, Senior IT Systems Administrator
#completevisibility
Netwrix Auditor Unified Platform for Change and Configuration Auditing
Active Directory
Exchange
File Servers
SharePoint
SQL Server
VMware
Windows Server
Audit Assurance™: Captures all IT changes with ‘Who’, ‘What’, ‘When’
and ‘Where’ details with ‘before’ and ‘after’ values
Configuration Assessment: State-in-time™ reports showing
configuration settings at present or at any moment in the past
Audit Intelligence™ More than 150 predefined easy to read reports
and dashboards with actionable intelligence with filtering, grouping, sorting, exporting, email subscriptions and ability to create custom reports
Audit Archive™: Scalable two-tiered storage (file-based + SQL
database) holding consolidated audit data for up to and beyond 10 years
Unified Platform to audit the entire IT infrastructure (including
systems with limited native logging capabilities, Syslog support, activities video recording), as opposed to multiple hard-to-integrate standalone tools from other vendors
Auditing solution for: Major features:
#completevisibility
Other Sessions
Episode I: HIPAA Compliance (recorded)
netwrix.com/how_to_ensure_continuous_compliance_episode_1_hipaa.html
Episode II: PCI Compliance (recorded)
netwrix.com/how_to_ensure_continuous_compliance_episode_2_pci.html
Episode III: FISMA Compliance (recorded)
netwrix.com/how_to_ensure_continuous_compliance_episode_3_fisma.html
Upcoming webinars:
netwrix.com/webinars
Recorded webinars:
netwrix.com/webinars#featured
#completevisibility
Briefly About Netwrix
All awards: www.netwrix.com/awards
#completevisibility
Netwrix Corporation
Corporate Headquarters:300 Spectrum Center Drive #820 Irvine, CA 92618888-638-9749www.netwrix.com
Additional Offices:Columbus, OHParamus, NJAtlanta, GAKent, UK
Year of foundation: 2006
Core competency: Change, configuration and data access auditing across the IT infrastructure
Headquarters location: Irvine, California
Global customer base: 6000
Global customer support: 24/5 support with 99% customer satisfaction
Recognition: Among the fastest growing software companies in the US with more than 70 industry awards (Redmond Mag, SC Mag, WindowsIT Pro, etc.)
#completevisibility
Our Customers
Financial
Healthcare & Pharmaceutical
Federal, State, Local, Government
Industrial/Technology/Other
#completevisibility
Next Steps
Free Guide: SOX Compliance with Netwrix Auditor
netwrix.com/compliance.html#sox
Free Trial: setup in your own test environment
netwrix.com/freetrial
Test Drive: virtual POC, try in a Netwrix-hosted test lab
netwrix.com/testdrive
Live One-to-One Demo: product tour with Netwrix expert
netwrix.com/livedemo
Contact Sales to obtain more information
netwrix.com/contactsales
#completevisibility
Thank You for Your Attention!
Questions?
Adam Stetson
Sales Engineer, Netwrix Corporation
Adam.Stetson@netwrix.com
+44 (0) 203 588 3023 ext 2907