Submitted by: Submitted by muk0mah
Views: 280
Words: 1278
Pages: 6
Category: Business and Industry
Date Submitted: 04/09/2011 06:37 AM
Customer Success Story
Industry: Energy Employees: 2,800 Annual revenue: $1.6 billion Number of data centers: 3 Applications: Oracle Financials, PeopleSoft, and in-house inventory applications Database platforms: Oracle and Microsoft SQL Server url: www.usec.com
USEC Case Study
Business Results • Enhances internal controls without impacting performance or business processes • Eliminates hundreds of staff hours to pass SOX audits • Prevents privileged insiders from unauthorized access and changes to critical data and database structures • Immediately uncovers user activity in all databases, revealing policy violations and most vulnerable data
“Guardium’s technology was key to helping us pass our SOX audit. The Guardium system gives us both real-time alerting and granular audit reporting, while automating the entire process. This helps us meet our auditors’ requirements while saving us several hundred hours a year in staff time.” ~ Robert G. Gorrie, Corporate Information Security Manager at USEC
Challenge: Monitoring Privileged Users to Pass SOX Audits – Without Impacting Performance
USEC Inc. (NYSE:USU) is a global energy company and operator of the only uranium enrichment facility in the U.S. As a highly regulated public company, USEC must comply with Sarbanes-Oxley (SOX) mandates requiring real-time, granular controls governing activities of database administrators (DBAs) on critical financial and HR databases. Specifically, USEC requires controls that proactively identify unauthorized database changes that could affect the integrity of its financial data, such as changes to critical tables and whenever database applications are patched. In addition, the company was looking for a way to easily reconcile all changes with approved work orders from its corporate change tracking system. “You have to trust your DBA,” said Robert G. Gorrie, USEC’s Corporate Information Security Manager, “but ‘trust’ is not something that will keep your auditors at bay.” At...