Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

FAQ: Is DRA SOX compliant?

Created: 16 Jul 2013 • Updated: 22 Jul 2013 | 1 comment
Kimberley's picture
This issue has been solved. See solution.

Here is a question that the DRA product team received, and thought it would be useful to share the answer with the community:

Is DRA SOX compliant?

Operating Systems:

Comments 1 CommentJump to latest comment

Kimberley's picture

Here is the response from the DRA product team:

Disaster Recovery Advisor provides a comprehensive and flexible security model, based on eight years of close work with those customers to meet any new security requirement and concern.

All security options are policy-based - multiple policies can be used if needed.   Some of the supported security options, relevant to SOX regulated environments are:

  • The ability to collect data indirectly
  • Disaster Recovery Advisor does not need establish any direct connection with SOX regulated servers.  Instead, it can use a trusted proxy (or “jump”) server
  • Disaster Recovery Advisor first performs authentication and authorization against the trusted server, and then executes data collection by that server
  • The ability to integrate with any existing privilege management tool (e.g., CA eTrust, PowerBroker, UPM)
  • The ability to integrate with password vaults so that no credential information is cached on disk (default is encrypted caching)
  • Support for one-time passwords (fully managed by DRA) and key-based authentication
  • Time limits can be applied for data collection

Thanks for participating in the community!