Forum Discussion

Kimberley's avatar
Kimberley
Level 6
12 years ago

FAQ: Is DRA SOX compliant?

Here is a question that the DRA product team received, and thought it would be useful to share the answer with the community:

Is DRA SOX compliant?

  • Here is the response from the DRA product team:

    Disaster Recovery Advisor provides a comprehensive and flexible security model, based on eight years of close work with those customers to meet any new security requirement and concern.

    All security options are policy-based - multiple policies can be used if needed.   Some of the supported security options, relevant to SOX regulated environments are:

    • The ability to collect data indirectly
    • Disaster Recovery Advisor does not need establish any direct connection with SOX regulated servers.  Instead, it can use a trusted proxy (or “jump”) server
    • Disaster Recovery Advisor first performs authentication and authorization against the trusted server, and then executes data collection by that server
    • The ability to integrate with any existing privilege management tool (e.g., CA eTrust, PowerBroker, UPM)
    • The ability to integrate with password vaults so that no credential information is cached on disk (default is encrypted caching)
    • Support for one-time passwords (fully managed by DRA) and key-based authentication
    • Time limits can be applied for data collection
  • Here is the response from the DRA product team:

    Disaster Recovery Advisor provides a comprehensive and flexible security model, based on eight years of close work with those customers to meet any new security requirement and concern.

    All security options are policy-based - multiple policies can be used if needed.   Some of the supported security options, relevant to SOX regulated environments are:

    • The ability to collect data indirectly
    • Disaster Recovery Advisor does not need establish any direct connection with SOX regulated servers.  Instead, it can use a trusted proxy (or “jump”) server
    • Disaster Recovery Advisor first performs authentication and authorization against the trusted server, and then executes data collection by that server
    • The ability to integrate with any existing privilege management tool (e.g., CA eTrust, PowerBroker, UPM)
    • The ability to integrate with password vaults so that no credential information is cached on disk (default is encrypted caching)
    • Support for one-time passwords (fully managed by DRA) and key-based authentication
    • Time limits can be applied for data collection