A well-respected Tier-1 retailer, who happens to be a BitArmor customer, had to restrict access to financial information to pass their SOX audits. High-level financial officers had access to too many documents and had too many administrative document management privileges. Because of that, they weren’t going to pass their annual Sarbanes Oxley Section 404 audit. They needed to enforce access controls more strictly, document that those controls were in place, and prove that users were adequately isolated.

They were able to leverage DataControl to tighten access controls and document that those controls had been implemented. Documents like Excel spreadsheets and MS Word documents that contain sensitive financial information were encrypted with DataControl. Access controls to unlock that encryption are enforced by Smart Tags that move with those sensitive files. Policies for access controls are managed in the retailer’s data center by the BitArmor Control Server, so they can be distributed consistently to Smart Tags throughout the organization. The Control Server also logs data usage activities reported by individual Smart Tags, so the company had records to prove the integrity of their data and that appropriate access controls were in place.

The result? The retailer’s financial department was able to prove documented access controls and user isolation for a clean SOX 404 audit.