Think you're compliant? Prove it - Storage Technology Magazine

Think you're compliant? Prove it

Part and parcel of most government regulations is that you back up your systems and be prepared to prove it. "The problem that arose with Enron and companies like that is that the judge would ask for the data, and they'd answer 'Oh, the data was deleted' or 'The backup didn't work,'" says Ken Barth, president and CEO at Tek-Tools, which makes the Profiler Rx suite of storage management software.

"It's not enough to try to comply," says Mark Silverman, president and CEO at Bocada, whose BackupReport software reports on the effectiveness of various backup jobs. "You need to document that the controls are there, [and then] audit and measure the performance of those controls on a regular basis."

When Bocada announced it had upgraded BackupReport to version 3.5 last month, the company also highlighted the software's ability to create an auditable track record of your backup activity. To be sure, BackupReport left an audit trail in prior versions as well, says Steve Duplessie, founder and senior analyst at Enterprise Strategy Group, Milford, MA, "but now it's been hardened to get the compliance rating." As such, it becomes "another tool in your toolbox to make the [compliance] process easier," he says.

According to Barth, the Profiler Rx suite is also used for compliance reporting, thanks to its extensive customizable reporting capability and the audit trail it leaves behind.

Tek-Tools, however, has resisted the notion of bringing to market a compliance

    Requires Free Membership to View

    Login

    When you register for SearchStorage.com, you’ll also receive targeted emails from my team of award-winning editorial writers. Our goal is to keep you informed on the hottest topics, the latest news and the biggest challenges you face as a storage professional today.

    Rich Castagna, Editorial Director

    By submitting your registration information to SearchStorage.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchStorage.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

version of Profiler Rx. That's because the reports customers are using to prove compliance are all slightly different from one another, says Barth. "They're in different industries and use different auditing firms," Barth says, which all have slightly different interpretations of a given regulation.

Thus far, the Tek-Tools reports are passing muster with auditors, claims Barth. "We're fitting the bill," he says. Whether or not backup reports will impress a judge is up for debate. But, according to Barth, one thing is sure: "The more you can show about your backups from a reporting perspective, the more you can show these people you didn't do anything malicious."

This was first published in December 2004