The complex and copious amounts of data being stored on corporate networks post-Sarbanes-Oxley may actually be creating greater opportunities for fraud — even though the law was a reaction to the huge corporate frauds which rocked Enron and WorldCom.<\/p>\n","protected":false},"excerpt":{"rendered":"
And data “gluttony”, as one analyst branded it, may be setting companies up for a fall further on down the line.<\/p>\n
Peter Dorrington, head of fraud solutions at SAS, told ZDNet UK sister site silicon.com companies are blindly storing vast amounts of data while giving little thought to what is actually being stored. “There is just a lot of storage going on,” said Dorrington. “Fraudsters are reliant upon their transaction being a tree hidden a forest,” said Dorrington, adding that the vast amounts of data being stored post-SOX are simply increasing the size and density of that forest.<\/p>\n
James Governor, analyst at Red Monk, said: “Any company which simply stores everything is creating problems for themselves further down the line. Storing everything is just abdicating responsibility, rather than following policy and understanding what they should be storing”. While such policies must be adhered to they create a no-win situation in which they also conflict with the retention requirements of other regulation such as SOX, said Governor. “Rather than just spending more and more money on storage it would make sense to invest a lot more money in working out exactly what companies need to store.”<\/p>\n
Shaun Fothergill, security strategist and compliance expert at Computer Associates, believes despite problems settling in, SOX will improve matters for business when implemented effectively. Fothergill said: “Compliance and regulation is forcing the business of IT to do things right. So organisations will begin to measure and monitor more than they did before.”<\/p>\n
As the anomalies and fraud issues are corrected the indicators of problems will be moved from red to amber then to green.<\/p>\n
Such confusion may be one reason why the SOX deadline for companies based in European countries has been put back a further year this week. Originally the controversial section 404, which outlines the requirement to archive data, was to come into effect on 15 July 2005.<\/p>\n
http:\/\/news.zdnet.co.uk\/business\/legal\/0,39020651,39190561,00.htm<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[],"class_list":["post-2364","post","type-post","status-publish","format-standard","hentry","category-warnings"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2364"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2364\/revisions"}],"predecessor-version":[{"id":4851,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2364\/revisions\/4851"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}