Sarbanes Oxley Compliance Journal on Ulitzer

Sarbanes Oxley on Ulitzer

Subscribe to Sarbanes Oxley on Ulitzer: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Sarbanes Oxley on Ulitzer: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Mention storage in the same breath as Sarbanes Oxley and the immediate reaction of senior management might be to hide the checkbook. Invariably a vendor is making a pitch on how the latest, and greatest, WORM-enabled, opto-magnetic, network replicated gizmo is going to solve all of their problems. SOX has become the latest in a line of vehicles to which vendors have hitched their wagons in order to sell more gear (remember the Y2K buying frenzy?). The sad truth of the matter is that you could have the greatest technology in the world and still miserably fail a compliance audit. The Storage Manager's Dilemma Don't get me wrong - vendors are not solely to blame. To quote that great American philosopher Pogo, "We have met the enemy and he is us." Many organizations procrastinated before giving serious consideration to SOX, particularly to Section 404's compliance requir... (more)

Java Application Security in the Corporate World

The vast majority of corporate developers truly believe that application security is not their concern, assuming that network and engineering groups will build their environment in a secure way. But what about application security? Are you ready for the code audit? Application Security Isn't Getting the Attention It Deserves When most people in the corporate world talk about "security," they mean the security of the network, operating system, and servers. Organizations that want to protect their systems against hacker attacks invest a lot of time, effort, and money ensuring that these three components are secure. Without this secure foundation, systems cannot operate securely. However, even if the network, server, and operating system are 100% secure, vulnerabilities in the application itself make a system just as prone to dangerous attacks as unprotected networks, op... (more)

Sarbanes-Oxley - The Dark Corner of Regulatory Compliance

For a decade or more, internal and external regulations have impacted corporate IT and shaped the way companies are required to do business. Today you would scarcely find a corporate CIO, IS director, or IT architect who would build or maintain a storage infrastructure without sweating the details of how to meet the regulations and policies that govern the data their companies produce. The ongoing health and well being, if not the future of their companies, depend on this diligence. Each government or agency regulation carries with it very specific IT-related requirements that impact corporate IT decision making. The Sarbanes Oxley Act of 2002 dictates that companies must secure, store, and archive all documents, records, and business data or their corporate executives may face stiff fines or jail time. The Health Insurance Protection and Portability Act (HIPPA) re... (more)

Sun Announces Availability of Enhanced Compliance and Content Management Solutions With Sun StorEdge 5310 Compliance Archiving System

MENLO PARK, Calif., June 20 /PRNewswire-FirstCall/ -- Sun Microsystems, Inc. today announced the general availability of the Sun StorEdge(TM) 5310 Compliance Archiving System. The system, a combination of the Sun StorEdge 5310 NAS Appliance and Sun StorEdge Compliance Archiving Software offers an affordable and price competitive alternative for customers' requirements for growing and complex records retention. Integrated with Sun's industry leading(1) Identity Management solutions, to administer and report on access controls, and major ISV applications; the Sun StorEdge Compliance Archiving System provides a fully integrated solution to help facilitate compliance with the myriad of both government and business roles regulations -- including HIPAA for healthcare, SEC Rule 17a-4 and Basel 2 for financial services, 21 CFR 11 for life sciences, as well the Sarbanes Oxle... (more)

SYS-CON i-Technology Podcast: Enron and SOX, Net Neutrality In the News

The conviction of Kenneth Lay and Jeffrey Skilling was in no small part to Sarbanes-Oxley (SOX) legislation. Does this mean the government has done something right? Does it mean the government may be on the right track on another issue, Net Neutrality? SYS-CON West Coast Bureau Chief Roger Strukhoff speaks with industry analyst Marc Farley on these issues in a recent SYS-CON i-Technology Podcast. ... (more)

Jim Clark Leaves Shutterfly Citing Sarbox Regs

Jim Clark, co-founder of both Silicon Graphics and Netscape, has quit as chairman of Shutterfly, the digital photography web site, complaining about the restrictions Sarbanes-Oxley regulations impose. In a letter to Shutterfly management released with an SEC filing, Clark said, "Sarbox dictates that I not chair any committee due to the size of my holdings, not be on the compensation committee because of the loan I once made to the company, not be on the governance committee. It even dictates that some other board member must carry out the perfunctory duties of the chairman. What's left is liability and constraints on stock transactions, neither of which excite me." Clark was Shutterfly's original backer and after the company went public in September owned roughly 30% of the stock. The letter adds, "It seems pretty clear to me that lawmakers have gone too far in cons... (more)

Servoy Continues Leading SaaS Tool Market

Servoy BV, a leading provider of development and deployment tools for SaaS vendors and a "silver sponsor" of the upcoming AJAXWorld Conference & Expo, announced the Servoy 3.1 release of its flagship product with enhanced Software as a Service (SaaS) functionality; as well as adding MultiDeveloper capability and enhanced Sarbanes Oxley (SOX) compliance. Servoy already offers SOX compliance on a deployment level. With the release of Servoy 3.1, Servoy introduces more advanced group development capabilities and tracking systems at the development level -- making it seamless for CIOs and CTOs to comply with SOX requirements for software change tracking. Jan Aleman, CEO of Servoy: "What's different about Servoy is that we make it very easy for ISVs to expand their business model into SaaS while maintaining compatibility with existing installations. There is no other vendor ... (more)

Cloud-Based Email Archiving Provider Expands Partners

With the explosive growth of software-as-a-service (SaaS) solutions, cloud-based services providers, managed service providers (MSPs), value-added resellers (VARs) and global system integrators (GSIs) are all looking for ways to enhance their suite of offerings. Further, many of these organizations have concluded that their on-premise and hosted email offerings are incomplete without an email archiving component. The LiveOffice Partner Program provides these organizations with feature-rich technology and the sales and marketing support needed to become successful resellers of hosted archiving solutions. Recently recognized by leading analyst industry firm Gartner, Inc. as the largest provider of outsourced email archiving services in North America based on total number of clients as of yearend 20081, LiveOffice is expanding its partner program to better meet the e... (more)

Entrust, IBM, Microsoft, Novell, Ping, SAP, Siemens Pass Interoperability Testing

Kantara Initiative and Liberty Alliance today announced that identity products from Entrust, IBM, Microsoft, Novell, Ping Identity, SAP and Siemens have passed Liberty Interoperable(TM) SAML 2.0 interoperability testing. These vendors participated in the third Liberty Interoperable full-matrix testing event to be administered by the Drummond Group Inc., and the first event to test products against the new eGovernment SAML 2.0 profile v1.5 recently released by Liberty Alliance. Web-based full-matrix testing allows vendors to participate from anywhere in the world and features rigorous processes for ensuring products meet SAML 2.0 interoperability requirements for open, secure and privacy-respecting federated identity management. "The summer 2009 full-matrix testing event included more vendors than ever before, reflecting the worldwide demand among enterprises and gove... (more)

Why Public & Private Sector Organizations Are Considering Cloud Computing

Cloud Computing gives you access to completely different levels of scale and economics in terms of the ability to scale very rapidly and to operate IT systems more cost-effectively than previously possible, as we can see by the results of the following poll: We can say that the three main categories of benefits are: 1. delivery of service (faster time-to-value and time-to-market) 2. reduction of cost (CapEx vs. OpEx tradeoff and costs that are more competitive) 3. IT department transformation (focus on innovation vs. maintenance & implementation) During economic downturns, the ability to speed up time-to-value and time-to-market becomes more critical than ever, and represents probably the most important benefit of the Cloud. Many companies are delaying projects unless they deliver a return on investment within weeks. With Cloud Computing, companies can speed up those ti... (more)

Virtual Landscape Management for SAP to Drive Application Innovation

The ability to manage SAP environments not system by system but as the tightly integrated landscapes in which they are actually offers massive productivity improvements for IT departments. New landscapes can be provisioned in minutes and can include all types of SAP Business Suite, SAP BusinessObjects Portfolio (ABAP, Java or combined) or legacy applications. Virtual Appliance templates offer ready-to-use systems with zero post-installation effort, and as desired can be pre-seeded with production business data. Monitoring and administration is simplified to manage the SAP applications throughout the system lifecycle. These Virtual Landscape Management (VLM) capabilities were developed in the SAP Value Prototyping data centers and have already revolutionized the capability to serve more than 500 customers in 2008 alone. Through the fluid Operations eCloudManager™ so... (more)