1. Manuals
  2. Brands
  3. Samsung Manuals
  4. All in One Printer
  5. MFP SECURITY
  6. White paper

Private Sector Security Requirements - Samsung MFP SECURITY White Paper

Hide thumbs
Table of Contents

Advertisement

WHITE PAPER
3.2

Private Sector Security Requirements

Private sector security requirements include authorization and encryption which is standard across all business sectors.
However, private businesses have the added requirement of SOX compliance.
SOX
The Sarbanes-Oxley Act of 2002 (SOX) was enacted in response to several high-profile financial scandals. The SOX act is
aimed at enforcing corporate responsibility by improving financial disclosures, and avoiding corporate and accounting
fraud. SOX contains many requirements aimed at standardizing financial reporting procedures. The requirement that
targets IT policies is section 404 of the act, "Management Assessment of Internal Controls."
COBIT
The Control Objectives for IT (COBIT) is a framework that is commonly used by IT departments to comply with SOX.
COBIT is set of standard IT policies and procedures that can be adopted by all businesses. By using COBIT, an organization
can quickly design IT controls to comply with SOX. This includes deploying the right security solutions in the right areas:
Identity Management
Each user must be uniquely identifiable. User identities and access rights must be maintained in a central repository.
User Account Management
Account management procedures must exist for requesting, establishing, issuing, suspending, modifying, and closing
user accounts and related user privileges, as well as performing regular management reviews of all accounts and
related privileges.
Logs, Alerts and Reports
Logging and alerting policies require recording and notification of abnormal access events. Reporting policies require
authorized managers to generate periodic event and log reports.
Network Devices
This regulation requires secure network devices to be used to ensure authorized system access and to preserve
information integrity to and from networks. Network devices should be capable of central management from remote
locations. Devices should deliver a high level of data security by providing strong, full-disk encryption and access
control to ensure the secure exchange of sensitive data by ensuring the integrity and authenticity of data.
SOX section 404 compliance provides the momentum for most IT organizations to develop and document the IT security
controls and processes needed to support financial reporting. Protecting the integrity of information and controlling
access to resources are not only essential elements for the preservation of a company but are also requirements for
compliance.
Page - 12
Copyright 2014 Samsung Electronics Co., Ltd., All rights
SAMSUNG MFP SECURITY
reserved.

Advertisement

Table of Contents
loading

Related Manuals for Samsung MFP SECURITY

Related Content for Samsung MFP SECURITY

Table of Contents