Sarbanes-Oxley (SOX) Compliant Data Storage
We are SOX compliant.
Sarbanes-Oxley Act of 2002.
The Sarbanes-Oxley Act of 2002 (SOX) ushered in a new era of business rules regarding the storage and management of corporate financial data. SOX holds many publicly held companies and all Registered Public Accounting Firms to a rigorous set of standards. These rules set guidelines for how data should be stored, accessed, and retrieved. Read on for more information about how datavault supports SOX.
What does SOX mean for data backup and recovery?
Description of Rule
How datavault Supports the Rule
Auditing, Quality Control, And Independence Standards And Rules The Board shall:
- register public accounting firms;
- establish, or adopt, by rule, "auditing, quality control, ethics, independence, and other standards relating to the preparation of audit reports for issuers;" The Board requires registered public accounting firms to "prepare, and maintain for a period of not less than 7 years, audit work papers, and other information related to any audit report, in sufficient detail to support the conclusions reached in such report."
Inspections of Registered Public Accounting Firms Quality inspections must be conducted annually for firms auditing more than 100 issues per year, or every 3 years for all other firms. The SEC or the Board may order impromptu inspections of any firm at any time.
Again, Online Datavault’s online backup software gives users on-demand access to their data. An inspector may access any file stored to the datavault remote backup system in order to perform the required inspection. Additionally, different historical versions of a file can be restored and inspected to compare and contrast a document's revisions.
Investigations And Disciplinary Proceedings; Reporting of Sanctions All documents prepared or received by the Board are regarded "confidential and privileged as an evidentiary matter (and shall not be subject to civil discovery or other legal process) in any proceeding in any Federal or State court or administrative agency, ...unless and until presented in connection with a public proceeding or [otherwise] released" in connection with a disciplinary action.
When you use Online Datavault’s online backup software to backup your data, you are using some of the best encryption and data protection tools available to maintain complete confidentiality. From the moment you perform your first backup, your data is encrypted using 448 BIT encryption, the strongest available. The files themselves are encrypted on your computer before leaving your office - and remain encrypted until you access them again. The files are sent over port 308, a non-standard port designed to avoid the high traffic ports usually associated with Internet communications and hacking. Once stored on our servers, the files stay encrypted.
Corporate and Criminal Fraud Accountability Act of 2002 "Knowingly" destroying or creating documents to "impede, obstruct or influence" any federal investigation, whether it exists or is contemplated, is a felony.
We employ the latest online backup technology available to prevent unauthorized access to your data, and our data center is restricted to our Administrators only. The data center uses state-of-the-art security including:
- Gigabit Internet connection
- 24/7 technical support
- 24/7 monitoring
- 24/7 remote hands
- N+1 redundancy on power, HVAC
- Fire, smoke and heat detection
- UPS and onsite diesel generators
- Controlled physical access
Mandatory Document Retention This section instructs auditors to maintain "all audit or review work papers" for five years. from the end of the fiscal period during which the audit or review was concluded. It also directs the Securities and Exchange Commission (SEC) to disseminate, within 180 days, any necessary rules and regulations relating to the retention of relevant records from an audit or review. This section makes it unlawful knowingly and willfully to violate these new provisions -- including any rules and regulations disseminated by the SEC -- and imposes fines, a maximum term of 10 years' imprisonment or both.
Online Datavault’s online backup software supports SOX requirements for mandatory document retention by storing audit and review work papers for an indefinite amount of time. It captures multiple historical versions of those documents enabling auditors to access to multiple versions of the same document as it changed over time.
Tampering With a Record or Otherwise Impeding an Official Proceeding This section criminalizes knowingly altering, destroying, mutilating, or concealing any document with the intent to impair the object's integrity or availability for use in an official proceeding or to otherwise obstruct, influence or impede any official proceeding.
Online Datavault’s online backup software protects your business by storing historical versions of documents that could potentially be the target of malicious destruction. Any file maliciously destroyed on a local PC or server could be restored in minutes from our secure servers. Global datavault’s online backup software effectively mitigates your risk of prosecution by protecting data integrity and availability for official proceedings.