Quoting "Network.Security" <Network.Security@target.com>:
> OK, I'll bite.
>
> We use Rendition (now Opsware) for config mgmt. of our network stuff and
> the change detection / archival function has already saved my butt a
> number of times. Our engineers gripe about the Big-Brother aspect, but
> per the quasi-rant about SOX / CISP / PCI it's a fact of life now for
> any SEC-filing corp at a minimum.
>
> I realize this is somewhat OT for this list, but SOX (in general)
> shouldn't really matter to network admins (network meaning L1 to ~L4),
> as SOX is all about altering the financial data.
Hmm... I can understand the focus on the financial data, but doesn't it also
cover stuff like email and all of IT under the umbrella of "Significant Security
controls"? I know for a fact that storage vendors are drooling over the
opportunity to sell SOX related warez and disks to PHBs everywhere.
Regards,
Max
References:
|
|
