QUICK QUOTE | CLIENTS               

Sarbanes-Oxley (SOX) Compliant Solutions

The Sarbanes–Oxley Act of 2002 (Pub.L. 107-204, 116 Stat. 745, enacted July 30, 2002), also known as the ‘Public Company Accounting Reform and Investor Protection Act’ (in the Senate) and ‘Corporate and Auditing Accountability and Responsibility Act’ (in the House) and commonly called Sarbanes–Oxley, Sarbox or SOX, is a United States federal law enacted on July 30, 2002, which set new or enhanced standards for all U.S. public company boards, management and public accounting firms.

How Dynamic Vault ensures you are compliant

Section 103

  • Auditing, Quality Control, And Independence Standards And Rules The Board shall:

1. register public accounting firms;
2. establish, or adopt, by rule, “auditing, quality control, ethics, independence, and other standards relating to the preparation of audit reports for issuers;” The Board requires registered public accounting firms to “prepare, and maintain for a period of not less than 7 years, audit work papers, and other information related to any audit report, in sufficient detail to support the conclusions reached in such report.”


  • Dynamic Vault’s application, data access is controlled by centralized managed policies, only authorized individuals with decryption keys have access to encrypted data.

    All resources, both client side and web portal can only be accessed by an authorized user and password. The web portal and application are both protected by SSL during communication. 256 bit AES, TwoFish and Triple DES Data encryption including a Data Encryption key that is definable by the authorized user. 128 bit SSL provides protection from the possibility of theft of credentials helping to provide a secure and accurate audit trail. Dynamic Vault provides Continuous Data Protection, Complex Retention Policies, and Bare Metal restoration capabilities, Dynamic Vault’s clients can easily restore data to a point in time that is needed. Dynamic Vault’s server application logs any and all processes of data backup, deletion, and restore actions, the logs can be viewed from within the Dynamic Vault Offsite Backup Manager application or via the web portal interface within the user’s account. These logs are also emailed to the administrator for that specific account.

Section 104

  • Inspections of Registered Public Accounting Firms
Quality inspections must be conducted annually for firms auditing more than 100 issues per year, or every 3 years for all other firms. The SEC or the Board may order impromptu inspections of any firm at any time.


  • Dynamic Vault provides Continuous Data Protection, Complex Retention Policies, and Bare Metal restoration capabilities.

    Dynamic Vault’s clients can easily restore data to a point in time that is needed. Dynamic Vault’s server application logs any and all processes of data backup, deletion, and restore actions, the logs can be viewed from within the Dynamic Vault Offsite Backup Manager application or via the web portal interface within the user’s account. These logs are also emailed to the administrator for that specific account. Retention policies allow for the user to determine how long the data will be archived for. This ability allows for historical archiving of data. The versions of a file can be restored and inspected to compare and contrast a document’s revisions.

Section 105(d)

  • Investigations And Disciplinary Proceedings

Reporting of Sanctions All documents prepared or received by the Board are regarded “confidential and privileged as an evidentiary matter (and shall not be subject to civil discovery or other legal process) in any proceeding in any Federal or State court or administrative agency, …unless and until presented in connection with a public proceeding or [otherwise] released” in connection with a disciplinary action.


  • Data is first compressed on the client side and then encrypted in 256 Bit AES, TwoFish or Triple DES. Data remains encrypted during transmission and while archived in the Data Center.

    Data is verified by the server application via have CRC (Cyclic Redundancy Check) data integrity checking before storing the backup data. CRC data checking also runs as a maintenance feature of the server application on all data. The backup data is only unencrypted by the Dynamic Vault Offsite Backup server application at the user site when the data is restored by the authenticated user with their encryption key, only then is the data decrypted safely and securely at the site where the user is. 256 bit AES, TwoFish, Triple DES Data encryption and 128 bit SSL provide protection from the possibility of theft of credentials.

Title VIII

  • Corporate and Criminal Fraud Accountability Act of 2002

“Knowingly” destroying or creating documents to “impede, obstruct or influence” any federal investigation, whether it exists or is contemplated, is a felony.


  • Data is first compressed on the client side and then encrypted in 256 Bit AES, TwoFish or Triple DES.

    Data remains encrypted during transmission and while archived in the Data Center. The backup data is only unencrypted by the Dynamic Vault Offsite Backup server application at the user site when it has retrieved by the authenticated user with their encryption key, only then is the data decrypted safely and securely at the site where the user is. 256 bit AES, TwoFish, Triple DES Data encryption and 128 bit SSL provide protection from the possibility of theft of credentials.

Section 802

  • Mandatory Document Retention

This section instructs auditors to maintain “all audit or review work papers” for five years. from the end of the fiscal period during which the audit or review was concluded. It also directs the Securities and Exchange Commission (SEC) to disseminate, within 180 days, any necessary rules and regulations relating to the retention of relevant records from an audit or review. This section makes it unlawful knowingly and willfully to violate these new provisions — including any rules and regulations disseminated by the SEC — and imposes fines, a maximum term of 10 years’ imprisonment or both.


  • Dynamic Vault’s server application will send backup report to individual backup users via email, informing them the overall backup status and statistics, including numbers of new, updated, deleted and moved files being backed up.

    Dynamic Vault’s client-side backup application supports flexible retention policies. A user can define multiple retention policies for each backup set. Retention policies allow for the user to determine how long the data will be archived for. This ability allows for historical archiving of data. The versions of a file can be restored and inspected to compare and contrast a document’s revisions.

Section 1102

  • Tampering With a Record or Otherwise Impeding an Official

Proceeding This section criminalizes knowingly altering, destroying, mutilating, or concealing any document with the intent to impair the object’s integrity or availability for use in an official proceeding or to otherwise obstruct, influence or impede any official proceeding.


  • Dynamic Vault’s server application will send backup report to individual backup users via email, informing them the overall backup status and statistics, including numbers of new, updated, deleted and moved files being backed up.

    Dynamic Vault’s client-side backup application supports flexible retention policies. A user can define multiple retention policies for each backup set. Retention policies allow for the user to determine how long the data will be archived for. This ability allows for historical archiving of data. The versions of a file can be restored and inspected to compare and contrast a document’s revisions.


For more information on how Dynamic Vault can help your organization with a comprehensive Sarbanes-Oxley (SOX) Back up Compliant Solution contact us today.