My Article Database: Free Articles for Teaching and Studying English as a Foreign Language in China - by Paul Sparks




Homepage
About Me
Teachers
Students
Lessons
Photographs
Links
World News
ICQ Chat
Contact Me
Articles
 
My Article Database:

 
Accounting
Acne
Adsense
Advertising
Aerobics
Affiliate
Alternative
Articles
Attraction
Auctions
Audio Streaming
Auto Care
Auto Parts
Auto Responder
Aviation
Babies Toddler
Baby
Bankruptcy
Bathroom
Beauty
Bedroom
Blogging
Body Building
Book Marketing
Book Review
Branding
Breast Cancer
Broadband Internet
Business
Business Loan
Business Plan
Cancer
Car Buying
Career
Car Insurance
Car Loan
Car Maintenance
Cars
Casino
Cell Phone
Chat
Christmas
Claims
Coaching
Coffee
College University
Computer Tips
Cooking
Cooking Tips
Copywriting
Cosmetics
Craft
Creative Writing
Credit
Credit Cards
Credit Repair
Currency Trading
Data Recovery
Dating
Debt Relief
Diabetics
Diet
Digital Camera
Diving
Divorce
Domain
Driving Tips
Ebay
Ebook
Ecommerce
Email Marketing
E Marketing
Essay
Ezine
Fashion
Finance
Fishing
Fitness
Flu
Furniture
Gambling
Golf
Google
GPS
Hair
Hair Loss
HDTV
Health Insurance
Heart Disease
Hobbies
Holiday
Home Business
Home Improvement
Home Organization
Interior Design
Internet Tips
Investment
Jewelry
Kitchen
Ladies Accessories
Lawyer
LCD / PLASMA
Legal
Life Insurance
Lingerie
Love
Mailing List
Make Money
Mortgage
MP3
Music
Network Marketing
Online Shopping
Paid Survey
PC Games
Perfume
Personal Injury
Pay Per Click
Pregnancy
Publishing
Real Estate
Recipe
Recreation
Relationship
Resume
Romance
RSS
Sales Letter
Self Employment
SEO
Shoes
Small Business
Smoking
Software
Spam
Sports
Spyware
Stress
Trading
Travel
Vacation Rental
Video Conferencing
Video Streaming
Virus
VOIP
Web Design
Web Development
Web Hosting
Website Traffic
Wedding
Weight Loss
Wine
Women
Writing Tips

Return to Articles about Email Marketing

Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge
by: Paul Judge, CTO, CipherTrust, Inc.
Is your enterprise following the rules?

The bulk of financial information in many companies is created, stored and transmitted electronically, maintained by IT and controlled via information integrity procedures and practices. For these reasons, compliance with federal requirements such as the Sarbanes-Oxley Act (SOX) is heavily dependent on IT. Companies that must comply with SOX are U.S. public companies, foreign filers in U.S. markets and privately held companies with public debt. Ultimately, the corporate CEO and CFO are accountable for SOX compliance, and they will depend on company finance operations and IT to provide critical support when as they report on the effectiveness of internal control over financial reporting.

Sound practices include corporate-wide information security policies and enforced implementation of those policies for employees at all levels. Information security policies should govern network security, access controls, authentication, encryption, logging, monitoring and alerting, pre-planned coordinated incident response, and forensics. These components allow for information integrity and data retention, while enabling IT audits and business continuity.

Complying with Sarbanes-Oxley
The changes required to ensure SOX compliance reach across nearly all areas of a corporation. In fact, Gartner Research went so far as to call the Act “the most sweeping legislation to affect publicly traded companies since the reforms during the Great Depression.” Since the bulk of information in most companies is created, stored, transmitted and maintained electronically, one could logically conclude that IT shoulders the lion’s share of the responsibility for SOX compliance. Enterprise IT departments are responsible for ensuring that corporate-wide information security policies are in place for employees at all levels. Information security policies should govern:

* Network security
* Access controls
* Authentication
* Encryption
* Logging
* Monitoring and alerting
* Pre-planning coordinated incident response
* Forensics

These components enable information integrity and data retention, while enabling IT audits and business continuity.

In order to comply with Sarbanes-Oxley, companies must be able to show conclusively that:

* They have reviewed quarterly and annual financial reports;
* The information is complete and accurate;
* Effective disclosure controls and procedures are in place and maintained to ensure that material information about the company is made known to them.

Sarbanes-Oxley Section 404
Section 404 regulates enforcement of internal controls, requiring management to show that it has established an effective internal control structure and procedures for accurate and complete financial reporting. In addition, the company must produce documented evidence of an annual assessment of the internal control structure’s effectiveness, validated by a registered public accounting firm. By instituting effective email controls, organizations are not only ensuring compliance with Sarbanes-Oxley Section 404; they are also taking a giant step in the right direction with regards to overall email security.

Effective Email Controls
Email has evolved into a business-critical application unlike any other. Unfortunately, it is also one of the most exposed areas of a technology infrastructure. Enterprises must install a solution that actively enforces policy, stops offending mail both inbound and outbound and halts threats before internal controls are compromised, as opposed to passively noting violations as they occur.

An effective email security solution must address all aspects of controlling access to electronically stored company financial information. This includes access during transport as well as access to static information resident at the company or on a remote site or machine. Given the wide functionality of email, as well as the broad spectrum of threats that face email systems, ensuring appropriate information access control for all of these points requires:

* A capable policy enforcement mechanism to set rules in accordance with each company’s systems of internal controls;
* Encryption capabilities to ensure privacy and confidentiality through secure and authenticated transport and delivery of email messages;
* Secure remote access to enable remote access for authorized users while preventing access from unauthorized users;
* Anti-spam and anti-phishing technology to prevent malicious code from entering a machine and to prevent private information from being provided to unauthorized parties

In conclusion, complying with Sarbanes-Oxley puts a heavy burden on an organization's IT department to implement and enforce policies set up by corporate governance boards. In order to make sure the company's email system complies with Sarbanes-Oxley, IT managers must be able to document steps they have taken to address Section 404 of the code. CipherTrust manufactures a secure email gateway appliance that can help organizations comply with Sarbanes-Oxley. To learn more about it, please visit www.ciphertrust.com/solutions/compliance_SOX.php and read our articles and white paper on the subject of SOX compliance.



About the author:

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security and anti spam solutions. Learn what you need to know to comply with Sarbanes-Oxley regulations by visiting www.ciphertrust.com/solutions/compliance_SOX.php today.




 

New! Watch Online Articles with YouTube for Free:

 

 

 

 

Click Here to Return to Top of Page
     


© Copyright Paul Sparks, 2001-2008,  www.xiangtan.co.uk

Now you can watch TV on your PC online for free with my new TV Website: TV4WEB.net