- The Sarbanes-Oxley Act requires public companies to implement internal controls over financial reporting, operations, and assets-all of which depend heavily on installing or improving information security technology
- Offers an in-depth look at why a network must be set up with certain authentication computer science protocols (rules for computers to talk to one another) that guarantee security
- Addresses the critical concepts and skills necessary to design and create a system that integrates identity management, meta-directories, identity provisioning, authentication, and access control
- A companion book to Manager's Guide to the Sarbanes-Oxley Act (0-471-56975-5) and How to Comply with Sarbanes-Oxley Section 404 (0-471-65366-7)
Your step-by-step guide to creating authentication processes that assure compliance
To comply with Sarbanes-Oxley Section 404, you must design an information technology infrastructure that can protect the privacy and access integrity of your data, particularly online, while not restricting business activity. This book shows you how to do that, explaining what you need to know every step of the way.
- Recognize eight concepts that constitute privacy of information
- Apply the security basics—identification, authentication, authorization, access control, administration, auditing, and assessment
- Use features already present in directory technology, directory schema, and meta-synchronization to improve security profiles
- Integrate a security architecture into legacy, current, and future applications
- Create security domain definitions that will stop data predators cold
