Most Read
Most E-mailed
E-mail Article
Print ArticleThe Sarbanes-Oxley Act of 2002 (SarbOx) was established specifically to address financial reporting for public companies. The accounting data that is the foundation for this financial reporting is invariably electronic-based, and as a result, needs to be adequately protected and controlled, both for the corporation’s benefit as well as to comply with SarbOx.
Individuals responsible for their organization’s electronic data need to understand the level of protection their current security system provides, or doesn’t provide, particularly in the area of server room access.
This paper examines SarbOx requirements for controlling data, discuss the risks inherent in traditional server room security, and outline specific solutions to protect electronic data and maintain SarbOx compliance by controlling and tracking access to the organization’s server room, and consequently, its data.
Both mechanical and electronics-only locking systems have their limitations when it comes to securing server rooms and providing the data and control needed to comply with SarbOx. A viable, cost-effective solution to server room protection and SarbOx data control requirements is a security system that combines the best attributes of both the mechanical and electronic systems.