Sun Targets Regulatory Compliance | eWeek

Sun Targets Regulatory Compliance

Écrit par
Dennis Fisher
Dennis Fisher
Jan 24, 2005
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Sun Microsystems Inc. this week plans to unveil a new piece of its expanding identity management product designed to help customers get a handle on ever-increasing audit and regulatory compliance requirements.

Federal and state regulations, including HIPAA (Health Insurance Portability and Accountability Act); the Sarbanes-Oxley Act; and the California Security Breach Information Act, or SB 1386, are forcing enterprise security teams to take a hard look at identity management and access control systems to control access to sensitive data. However, more than a few organizations are finding they cant pull together the information they need to comply with the regulations.

As a result, several vendors, including Sun, are introducing dedicated solutions for policy compliance and auditing.

Suns Identity Auditor lets administrators specify which applications they want the solution to scan. Identity Auditor then checks each application for policy violations, such as unneeded access privileges, unauthorized access changes or a failure to segregate duties. The system then can generate reports and automatically send them to previously specified people for review.

Identity Auditor also is tightly integrated with Suns Identity Manager solution, which lets administrators set up a policy that will disable an account if a policy violation is found during an audit. Identity Auditor can even shut down an active user session, using the Java System Access Manager. The system can also issue similar commands to other vendors identity management products through SPML (Service Provisioning Markup Language) calls.

/zimages/3/28571.gifClick hereto read about Suns Compliance and Content Management Solution.

Sun also has built in a capability for Identity Auditor to communicate directly with SEM (security event management) solutions, including Symantec Corp.s Security Management System. Identity Auditor can provide up-to-the-minute log data showing which users are accessing which applications to help security specialists decide what actions to take during an active attack.

“This enables a closed-loop integration,” said Sara Gates, vice president of identity management at Sun, based in Santa Clara, Calif.

Identity Auditor also comes prepackaged with several report templates and sample security policies that customers can choose from; customers also have the option of designing their own.

/zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.