Sarbanes-Oxley (SOX) Act Compliance
The Sarbanes-Oxley (SOX) Act of 2002 legislates how long and the manner in which companies store their financial records. Created largely in response to the Enron and WorldCom scandals, the SOX act is designed to safeguard against accounting errors and other illegal financial activities. In placing a more rigorous requirement on financial reports, the storage of these records becomes important as the trail of transactions must be secure.
The regulated companies in choosing a storage method will therefore look at a format that will satisfy the legal requirements of SOX i.e the increased use of online remote data storage facilities/programs.
As an online data storage facility, IBackup is not privy to the contents of the information stored. The customer alone must maintain responsibility of ensuring that it is in compliance as to what information is being kept and who in the organization (including independent auditors) has access. IBackup is only responsible for the availability and security of the information being stored, and has safeguards in place to ensure quality control standards.
IBackup assists with SOX compliance in each of these areas:
- The data files are transferred and stored using 256-bit AES encryption. The data is encrypted and decrypted based on the user-defined password. Thus, data stored on the IBackup servers cannot be decrypted by anybody other than you or a designate.
- Access is logged with a date and time stamp by IBackup each time a document is accessed by a user.
- Client access is only through authorized personnel with the encryption password known only to you.
- All backups are immediately available.
- Data remains in the IBackup customer storage area for as long as the client wishes to retain it.
Note: Many of the compliance items require usage of the optional private encryption key that is known only to you and not stored on IBackup servers.