The compliance conundrum: What to buy?

Article

The compliance conundrum: What to buy?

The storage industry may think that compliance-in-a-box is a helpful concept, but the reality is that end users are baffled by regulatory rules and don't know which products can help keep their bosses out of jail.

A recent SearchStorage.com poll

    Requires Free Membership to View

    Login

    When you register for SearchStorage.com, you’ll also receive targeted emails from my team of award-winning editorial writers. Our goal is to keep you informed on the hottest topics, the latest news and the biggest challenges you face as a storage professional today.

    Rich Castagna, Editorial Director

    By submitting your registration information to SearchStorage.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchStorage.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

revealed that an overwhelming 51% of respondents are confused by indecipherable compliance rules. Eighteen percent claimed that they don't have a budget for compliance and 8% believe that compliance-related technology is not up to snuff.

So are vendors blowing smoke on an already foggy issue? Hardware and software makers are all throwing their hats into the compliance ring. Microsoft has developed a tool for Sarbanes-Oxley compliance, EMC Corp. has tweaked its EMC Centera Content Addressed Storage System with regulatory compliance features and IBM has pulled together existing server, storage, software and retention products to create the TotalStorage Data Retention 450, to name a few.

But while vendors can help by providing the nuts and bolts of a compliance solution, the burden is on end users to satisfy Uncle Sam's rules for data retention.

As the vice president of Compliance Consulting for SANZ Inc., Castle Rock., Colo., Thomas Bookwalter doesn't force hardware and software on his users. Under Bookwalter's direction, SANZ has begun a regulatory compliance consulting service to teach end users how to handle regulations themselves. "The thing that is overwhelming for many organizations is trying to get a handle on all of the different regulatory requirements that affect them," he said.

The SANZ approach is hardware and software agnostic as Bookwalter agrees there is much confusion in the industry around which products to buy. It seems every storage vendor lays claim to compliance and they have it to some degree, says Bookwalter, but they only address part of the problem. End users are tired of hearing about the dangers of non-compliance. Now they want to know: What do I have to buy?

"Lots of users clearly know that they are way out of compliance, but they're paralyzed and they don't know where to start," Bookwalter said.

RELATED ARTICLES:

Best practices for enabling and maintaining compliance

Regulatory Compliance: the Next Y2K?