SOX

The Sarbanes-Oxley Act (SOX) was enacted in 2002 following the Enron, Tyco, and WorldCom corporate scandals. Trying to avoid a repeat of such corporate dishonesty, SOX requires US public organizations and their officers to put into place comprehensive controls over their information technology (IT) systems. In particular, SOX is meant to ensure the security of financial information. In short, organizations now need to invest heavily to be SOX compliant.

The criminal acts of a few companies resulted in the vast majority of good corporate citizens having to invest enormous sums of money to become SOX compliant. Attaining SOX compliance is also relatively more expensive for smaller organizations. As a result, SOX compliance places the greatest financial burden on those least able to afford it. In spite of this reality, corporations in America must obey the SOX law.

Three of the key SOX requirements are outlined in Sections 302, 404, and 409 of the Act.

Section 302, “Corporate Responsibility for Financial Reports” requires a set of internal procedures designed to ensure accurate financial disclosure. The signing officers are responsible for establishing and maintaining effective internal controls for relevant data relating to the company.

Section 404, “Management Assessment of Internal Controls” requires management and the external auditor to report on the adequacy of the company's internal control over financial reporting. This is the most costly element of the legislation.

Section 409, “Real Time Issuer Disclosures” requires that significant financial or operational changes be disclosed to the public quickly. These disclosures are to be presented in terms that are easy to understand, and if appropriate, supported by graphics that show trend and qualitative information.

GreenSQL can help organizations meet their SOX obligations easily and at minimal cost.

Section 302 – GreenSQL ensures compliance with section 302 of SOX by securing the databases that generate a company’s financial reports and ensuring a thorough data audit.

Section 404 – the overall SOX compliance solution offered by GreenSQL guarantees compliance with section 404.

Section 409 – the real-time data generated by GreenSQL and the numerous options in which it can be displayed assure section 409 compliance.

With GreenSQL , company officers and auditors can fulfill their SOX obligations safe in the knowledge that the data on which they base their decisions has not been changed.

GreenSQL is a database firewall that is installed as a front-end to databases, fully hiding and securing them. GreenSQL works as an SQL reverse proxy, by validating SQL queries for permissible commands before sending them to the SQL database for execution.

GreenSQL makes SOX compliance easier by providing a platform for an organization to assess, control, monitor, protect, and audit its database and applications.

GreenSQL is an integrated, comprehensive, and robust database security solution that smoothes the way to complete SOX compliance in an intuitive and cost effective manner, without dragging down database performance.

The automated learning mode of GreenSQL analyzes and learns database behavior. It then automatically generates a full custom rules policy for each database that matches its specific behavior.

Gathering this data manually can be complex, costly, and time consuming. GreenSQL ensures a quick, cost effective, and best practice method of introducing database and IT assessment and control. Instead of wasting time and resources configuring rules, administrators can simply accept or reject the rules custom made for their organization.

GreenSQL identifies every query request and response, including every field affected in this process, and automatically protects against 0-day database and OS vulnerabilities or potential attacks aimed against databases or database operating systems.

GreenSQL provides exceptional flexibility in protecting databases, effectively reducing overhead. As the only database security solution with the flexibility to sit either on your Web server, DB server, or on a dedicated server protecting multiple databases, you are assured of maximum security with minimum impact on database performance.

Only GreenSQL can be quickly and easily deployed between servers as required to maintain unprecedented database security and improve system efficiency.

GreenSQL provides comprehensive real-time auditing functions that can be easily configured while they are in use. GreenSQL identifies every query request and response, including every field affected in this process. Similarly, the GreenSQL firewall policy enables you to fully define user profiles. Coupled with the real-time alerts feature, the configurable audit feature of GreenSQL not only helps organizations comply with SOX, it also gives them an extraordinary range of useful information.

Organizing such vast quantities of data is amazingly simple with the intuitive GreenSQL audit report template. All relevant data required by an organization and its auditors can be displayed easily. Demonstrating SOX compliance to auditors has never been simpler.

The benefits provided by GreenSQL go well beyond efficiently securing a company’s database assets, which it does brilliantly. GreenSQL  simple, flexible installation, automated learning mode for quick rule development, and unmatched auditing and reporting facilities also greatly reduce a company’s financial and manpower costs for SOX compliance, while keeping database responsiveness high.