Sarbanes-Oxley Act of 2002 (SOX)

Implementation

How Check Point helps you comply with SOX

The chart below summarizes examples of how an organization can map Check Point security solutions to applicable COBIT High-Level Objectives, specifically the Delivery and Support (Section 5): Ensures Systems Security (DS) and Monitoring (M) sections. It is important to note that because every environment is different, companies should evaluate their organizations' risks and controls to determine their specific requirements for SOX compliance.

COBIT Control Objectives	Check Point Compliance Solutions	More Information
DS5 Ensure Systems Security
DS5.3 Identity Management Ensure that all users are uniquely identifiable. Enable user identities via authentication mechanisms. Maintain user identities and access rights in a central repository. Deploy cost-effective technical and procedural measures, and keep them current to establish user identification, implement authentication and enforce access rights.	Check Point's perimeter, internal, Web, and endpoint solutions allow for the creation of granular access and authorization rules.	DS5.3
DS5.4 User Account Management Address requesting, establishing, issuing, suspending, modifying and closing user accounts and related user privileges with a set of user account management procedures. Perform regular management review of all accounts and related privileges.	User account management & authentication are an essential part of all Check Point solutions.	DS5.4
DS5.5 Security Testing, Surveillance and Monitoring Test and monitor the IT security implementation in a proactive way. A logging and monitoring function will enable the early prevention and/or detection and subsequent timely reporting of unusual and/or abnormal activities that may need to be addressed.	Check Point management tools can log and report user access across Check Point and 3rd party gateways as well as log and report administrator changes on Check Point systems. Check Point Eventia allows administrators to test and monitor the enterprise security posture for significant events, intrusions, and anomalies.	DS5.5
DS5.6 Security Incident Definition Clearly define and communicate the characteristics of potential security incidents so they can be properly classified and treated by the incident and problem management process.	Many Check Point solutions enable administrators to define and monitor enterprise security incidents so they can be prevented or treated upon discovery.	DS5.6
DS5.7 Protection of Security Technology Make security-related technology resistant to tampering	Check Point's perimeter, internal, Web, and endpoint solutions allow for the creation of granular access, authorization, and authentication.	DS5.7
DS5.9 Malicious Software Prevention, Detection and Correction Put preventive, detective and corrective measures in place (especially up-to-date security patches and virus control) across the organisation to protect information systems and technology from malware (e.g., viruses, worms, spyware, spam).	Check Point Endpoint Security products provide the antivirus defenses needed to stop rapidly spreading attacks. The VPN-1 family provides integrated gateway-based antivirus within its VPN-1 UTM, UTM-1 Edge, and VPN-1 UTM Power solutions.	DS5.9
DS5.10 Network Security Use security techniques and related management procedures (e.g., firewalls, security appliances, network segmentation, intrusion detection) to authorise access and control information flows from and to networks.	Check Point's deep range of pure security product offerings has provided the industry's leading solution for network security challenges. Check enables the enterprise to conduct business in a controlled manner.	DS5.10
DS5.11 Exchange of Sensitive Data Exchange sensitive transaction data only over a trusted path or medium with controls to provide authenticity of content, proof of submission, proof of receipt and non-repudiation of origin.	Check Point Full Disk Encryption addresses PCI data storage, local encryption, and key management requirements. Check Point's remote access solutions, VPN-1 and Connectra, provide strong encryption for data during transmission over open networks using standards-based encryption protocols.	DS5.11
ME1 Monitor and Evaluate IT Performance
ME1.4 Performance Assessment Periodically review performance against targets, analyse the cause of any deviations, and initiate remedial action to address the underlying causes. At appropriate times, perform root cause analysis across deviations. ME1.5 Board and Executive Reporting Develop senior management reports on IT's contribution to the business. Provide the report to senior management, and solicit feedback from management's review. ME1.6 Remedial Actions Identify and initiate remedial actions based on performance monitoring, assessment and reporting.	Check Point management tools can log security performance across Check Point and 3rd party systems. Eventia provides detailed management reporting and event-based remediation capabilities.	ME1.4 - ME1.6

More About SOX: