ADManager Plus

액티브 디렉토리 관리 & 보고 소프트웨어

ADManager Plus는 윈도우 액티브 디렉토리의 관리와 보고를 간소화합니다.
  • AD 작업에 필요한 시간 최소화
  • 헬프데스크를 위한 루틴 작업의 위임 용이
  • AD 사용자와 오브젝트의 종합적인 보고
 
성공 사례
"우리는 여러 다른 액티브 디렉토리 관리와 보고 소프트웨어와 함께 ADManager Plus를 평가했습니다. ADManager Plus를 사용한 후 실제로 관리자는 편하게 생활하고 있습니다. ADManager Plus는 매우 이해하기 쉽고 빠르게 배울 수 있습니다."
-Bogdan Campeanu, 네트워크 엔지니어 » 더 보기
 
Streamline SOX Compliance; Minimize Risk; Maximize Cost
Effectiveness with ADManager Plus

The SOX Act - What and Why?

The Sarbanes-Oxley Act was enacted by the US Congress in the year 2002. The act was an immediate outcome of a series of scandals involving financial accounting improprieties, prevalent in the new millennium. Corporate governance, incorporation of strong internal controls, competent policies/procedures by enterprises with transparency and accuracy of their financial disclosures are the key compliance requisites that are detailed in the act.

Why should you comply with SOX?

Binding to the SOX regulations is not an option. It is rather a mandatory process that imposes all publicly-traded companies to submit an annual report containing details of their internal accounting structure to the Securities and Exchange Commission (SEC).

Non Compliance with SOX guidelines could lead to penalties including multi-million dollar fines, dismissal of exchange listings and in worst cases, even imprisonment of those officials involved in the misappropriation of financial data.

SOX and IT

Enterprises today, depend on IT to manage the internal controls by providing a secure Identity and Access Management(IAM) solution so as to comply with the SOX guidelines. It has become the primary function of IT to ensure that all financial transactions and data entry are carried out only by authorized personnel.

SOX comprises multiple titles/sections, each corresponding to specific guidelines. However, Section 404 and (to a certain extent) Section 302 relate how IT can help achieve the SOX compliance. Section 409 is also considered important by some IT executives.

Role of Active Directory in setting up SOX standards

Active Directory is a secure, distributed, partitioned and replicated directory service that runs on Microsoft Windows based machines. Active Directory offers enterprises, significant assistance in the implementation of SOX standards, provided all financial data are stored in a Windows machine. The Active Directory provides:

  • Adequate control over network identities and access permissions within the organization(IAM).
  • Regular and central authentication of users by Administrators.
  • Delegation and provision of access to the resources each user needs.
  • A central repository of audit logs for tracking all access attempts.

In addition to the above features, Active Directory when governed by an auditing, logging and reporting tool can make remarkable contributions to meet SOX compliant audits needs.

Achieving SOX Compliance using ADManager Plus

ManageEngine ADManager Plus is a web-based application that facilitates a centralized Windows Active Directory governance and reporting. With its ease-of-use and an intuitive UI, ADManager Plus enhances the administrative capabilities of the native Active Directory. Its integrated management and reporting module saves considerable time for administrators and helps meet compliance requirements with ease.

ADManager Plus features over 100+ effective active directory reports. Many of these reports contain critical data relevant to SOX Compliance. The ADManager Plus reports which are a must to meet SOX Compliance Audits are categorized under various sections:

Security Policies and Procedures

While trying to comply with the SOX guidelines, it becomes mandatory to implement competent security policies and procedures. A secure environment can be established with the help of ADManager plus, which focuses on the key concepts of security groups and permissions of the Active Directory.

Specialized ADManager Plus reports on security groups and members, and the group/user permissions on objects, files and folders foster security by aiding to:

Groups Report
  • Eliminate User permission contradictions,that may arise due to Multiple Group Membership.
  • Isolate and remove Groups without members.
  • Verify user permissions to objects/ files and folders restricting access to crucial information like financial data.

Illicit software installation/upgrades can also be detected with the help of reports that furnish details about the Operating System(OS). Reports on Password Policy and Account Lockout Policy contain information that are quite essential for SOX Audits.

The innate list of quality reports from ADManager Plus makes it a default requirement to qualify the security section of the Sarbanes-Oxley Act (SOA).

Risk Analysis and Management

Despite the implementation of standard security policies, multiple risks may exist in an organization and this could impose potential threat to security of financial data. SOX Compliance lays stress on data protection. It is therefore essential to adopt proper risk analysis and management methods. ADManager Plus with its up to date set of reports can give substantial inputs for Risk Analysis. A periodic review of reports relating to inactive/disabled/never logged on accounts of users and other Active Directory objects, can help to eradicate the risk posed by these accounts.

Active Directory Inactive Users Report

These reports facilitate risk management activities like:

 

Disaster Recovery

SOX guidelines require enterprises to adopt adequate disaster recovery standards. ADManager Plus hosts a list of reports that when generated provide details about all the members under a given object category i.e. User/ Computer/ Group Policy Object (GPO) / Organizational Unit(OU). Data that are lost during unpredictable occasions can be recovered and restored with the help of these reports. Details of the list of members under each object category can be extracted from appropriate reports that were generated before encountering such an occasion.

Auditing

Tracking changes that happen in an organization is a mandatory audit requirement. Specific ADManager Plus reports expose details about the Active Directory objects(Users/Computers/GPOs/Groups) that were created, modified or deleted in recent past. This information is highly essential for detecting and managing the changes that occur in an organization. Security officers may find these reports quite handy for internal audits.

With the above discussed ADManager Plus reports, enterprises can now meet the SOX/SARBOX Compliance requirements of Enterprise Wide Security Policy, Risk Analysis, Disaster Recovery, Separation of duties and so on, and walk through the SOX audits with ease and comfort.

Much more from ADManager Plus

In addition to the reports, ADManager Plus also offers:

ManageEngine® ADManager Plus therefore provides a complete web-based solution to meet all your Active Directory management requirements with a specialized set of reports useful for SOX Compliance audits.

Active Directory Management & Reporting