#completevisibility

How to EnsureContinuous Compliance?

Episode IV: SOX Compliance

Presenter:

Adam StetsonPresales EngineerAdam.Stetson@netwrix.com1.201.490.8840 x2907

#completevisibility

Housekeeping

All microphones will be mutedfor the duration of the webinar

To submit text questions use the Question Pane

All questions, comments or opinions are greatly appreciated

The Question Pane

#completevisibility

Agenda

Compliance Overview

SOX Compliance

SOX Compliance and Netwrix Auditor

Product Demo

Real Case: Netwrix Auditor helping with SOX Compliance

Briefly about Netwrix

Questions and Answers

#completevisibility

Compliance Overview

Best Practices, Standards and Regulations

ISO 27001, COBIT, NIST

PCI, HIPAA, SOX, FISMA, FFIEC/GLBA

Commonalities

Availability, Integrity, Accountability

Policies, Implementation, Validation, Reporting

Perform reviews of your policies

Periodic reviews should be planned

Establish processes for policies and procedures improvement

#completevisibility

SOX Compliance

The Sarbanes–Oxley Act (SOX) of 2002 is a U.S. federal law was enacted as a reaction to a number of major corporate and accounting scandals.Note: Although SOX is a US regulation, many similar laws exist around the world.

SOX requires:

– to adopt Internal Controls over Financial Reporting (ICFR)*

– establish internal auditing of the adopted ICFR**

Who must comply?

All public companies in the U.S. are subject to Sarbanes Oxley (SOX) compliance without exceptions. SOX compliance requirements also apply to overseas operations of U.S. public companies and international companies listed on U.S. exchanges.

*ICFR requirement is Section 302

**ICFR audit is Section 404

#completevisibility

Compliance Approach

One-Time Effort

Compliance as an Event

Long-Term Regime

Compliance as a Continuous Process

#completevisibility

Initial effort for establishing a continuous compliance regime can be cumbersome:

– Extensive planning and development of internal policies,

– Assignment of roles and responsibilities,

– Implementation of controls and mechanisms for feedback and improvement.

Once continuous compliance is established, it brings many benefits, including:

– Increased efficiency of operations

– No high risks periods

– Continuous improvement

– Lower total cost (over the years)

Netwrix Auditor integrated into organization’s IT infrastructure is a great tool to provide

visibility into the systems. Key aspects Netwrix Auditor helps with:

– Compliance Auditing

– Compliance Reporting

– Compliance Orchestration

Continuous Compliance is the Way

#completevisibility

Delivers Complete Visibility Analyze and control any IT related activities with more than 150 predefined reports and more.

Enables Evaluation According to defined policies, metrics and baselines.

Provides Audit Reports Proving compliance along with data consolidation and archiving capabilities with two-tiered audit data storage for up to 10 years or more.

Netwrix Auditor is easily configurable and affordable unified platformWith lightweight non-intrusive data collecting agents that greatly reduces administrative burden and helps to maintain compliance with SOX.

Streamlines compliance by auditing access to sensitive data as well as auditing of changes to access rights for system components.

How Netwrix assists with SOX compliance?

#completevisibility

How Netwrix assists with SOX compliance?

Netwrix Auditor facilitates auditing of the following control processes:– Access Control,

– Account Management,

– Privileged Users Management,

– Credentials Management,

– Integrity Monitoring,

– Configuration Management,

– Data Governance.

Netwrix Auditor establishes the following control process:– Audit Trail.

#completevisibility

How Netwrix assists with SOX compliance?

Overview of Netwrix Auditor coverage based on Cobit 4.1 recommendations– AI3: Acquire and Maintain Technology Infrastructure (COSO: Control Activities)

– AI6: Manage Changes (COSO: Control Activities, Risk Assessment, Monitoring)

– AI7: Install and Accredit Solutions and Changes (COSO: Control Activities, Information and Communication, Monitoring)

– DS3: Manage Performance and Capacity (COSO: Control Activities, Monitoring)

– DS4: Ensure Continuous Service (COSO: Control Activities, Information and Communication, Control Environment)

– DS5: Ensure Systems Security (COSO: Control Activities, Information and Communication, Monitoring)

– DS9: Manage the Configuration (COSO: Control Activities)

– DS10: Manage Problems (COSO: Control Activities, Information and Communication, Monitoring)

– DS13: Manage Operations (COSO: Control Activities, Information and Communication)

#completevisibility

SOX Compliance and Netwrix Auditor

SOX How Netwrix helpsProcesses and

Report CategoriesNetwrix Report

AI6: Manage Changes (COSO: Control Activities, Risk Assessment, Monitoring)

AI6.5: Change Closure and Documentation

Whenever changes are applied, the associated system and user

documentation and procedures must be updated

accordingly. The Netwrixplatform makes it easy to

review all changes and make sure that all related aspects are

reflected in the documentation.

AUDIT TRAILAll Changes

Netwrix Auditor for Active Directory:- All Active Directory Changes

by Groups

Netwrix Auditor for Group Policy: - All Group Policy Changes

with Review Status andmore

DS5: Ensure Systems Security (COSO: Control Activities, Information and Communication, Monitoring)

DS5.4: User Account Management

Audit all changes to user accounts, elevation of privileges, regular and

privileged users’ activities.

ACCOUNT MANAGEMENTAccounts States

Account ChangesPolicies Changes

Policies States

Netwrix Auditor for Active Directory:- User Accounts- User Accounts – Expired- User Accounts - Locked

Netwrix Auditor for Group Policy:- Account Policy Changes- User Configuration Changes

Netwrix Auditor Event Log:- User Account Locks and

Unlocks and more

#completevisibility

Demonstration: Continuous Compliance With…

Netwrix Auditor

#completevisibility

Real Case Study

Customer– L-3 Electron Technologies Division

Industry– Aerospace and Defense

Challenge:– Undocumented AD Changes

and SOX Audits on the Horizon

Solution– Netwrix Auditor

- Kathryn J. Roxby, Senior IT Systems Administrator

Netwrix Auditor for Active Directory has enabled meto provide accurate visibility regarding what changed when

#completevisibility

Real Case Study

Undocumented changes to Active Directory and Group Policy settings are often the cause of failed compliance audits.

Netwrix Auditor for Active Directory:– All Active Directory Changes– All Active Directory Sites Changes and moreNetwrix Auditor for Group Policy:- All Group Policy Changes- All Group Policy Changes with Review Statusand more

Audit Trial

Netwrix Auditor for Group Policy:– System Services Settings Changes– Software Settings Changes– Windows Settings Changes – Security Settings Changes and more

Configuration Management

Netwrix Auditor for Group Policy:– Interactive Logon Settings Changes– Wireless Network Settings Changes and more

Access Control

Control Processes

#completevisibility

Real Case Study

Proven Results

– Ability to catch any potential security incident

– Reporting capabilities

– Unified platform to audit not only Active Directory and Group Policy but also Exchange, File Servers and more

…a user called me complaining that someone had removed morethan half of the users from the distribution group. I scrolledthrough my reports and found that he was the one who deletedthem— probably by mistake, but nevertheless, mystery solved.

- Kathryn J. Roxby, Senior IT Systems Administrator

#completevisibility

Netwrix Auditor Unified Platform for Change and Configuration Auditing

Active Directory

Exchange

File Servers

SharePoint

SQL Server

VMware

Windows Server

Audit Assurance™: Captures all IT changes with ‘Who’, ‘What’, ‘When’

and ‘Where’ details with ‘before’ and ‘after’ values

Configuration Assessment: State-in-time™ reports showing

configuration settings at present or at any moment in the past

Audit Intelligence™ More than 150 predefined easy to read reports

and dashboards with actionable intelligence with filtering, grouping, sorting, exporting, email subscriptions and ability to create custom reports

Audit Archive™: Scalable two-tiered storage (file-based + SQL

database) holding consolidated audit data for up to and beyond 10 years

Unified Platform to audit the entire IT infrastructure (including

systems with limited native logging capabilities, Syslog support, activities video recording), as opposed to multiple hard-to-integrate standalone tools from other vendors

Auditing solution for: Major features:

#completevisibility

Other Sessions

Episode I: HIPAA Compliance (recorded)

netwrix.com/how_to_ensure_continuous_compliance_episode_1_hipaa.html

Episode II: PCI Compliance (recorded)

netwrix.com/how_to_ensure_continuous_compliance_episode_2_pci.html

Episode III: FISMA Compliance (recorded)

netwrix.com/how_to_ensure_continuous_compliance_episode_3_fisma.html

Upcoming webinars:

netwrix.com/webinars

Recorded webinars:

netwrix.com/webinars#featured

#completevisibility

Briefly About Netwrix

All awards: www.netwrix.com/awards

#completevisibility

Netwrix Corporation

Corporate Headquarters:300 Spectrum Center Drive #820 Irvine, CA 92618888-638-9749www.netwrix.com

Additional Offices:Columbus, OHParamus, NJAtlanta, GAKent, UK

Year of foundation: 2006

Core competency: Change, configuration and data access auditing across the IT infrastructure

Headquarters location: Irvine, California

Global customer base: 6000

Global customer support: 24/5 support with 99% customer satisfaction

Recognition: Among the fastest growing software companies in the US with more than 70 industry awards (Redmond Mag, SC Mag, WindowsIT Pro, etc.)

#completevisibility

Our Customers

Financial

Healthcare & Pharmaceutical

Federal, State, Local, Government

Industrial/Technology/Other

#completevisibility

Next Steps

Free Guide: SOX Compliance with Netwrix Auditor

netwrix.com/compliance.html#sox

Free Trial: setup in your own test environment

netwrix.com/freetrial

Test Drive: virtual POC, try in a Netwrix-hosted test lab

netwrix.com/testdrive

Live One-to-One Demo: product tour with Netwrix expert

netwrix.com/livedemo

Contact Sales to obtain more information

netwrix.com/contactsales

#completevisibility

Thank You for Your Attention!

Questions?

Adam Stetson

Sales Engineer, Netwrix Corporation

Adam.Stetson@netwrix.com

+44 (0) 203 588 3023 ext 2907