News Stay informed about the latest enterprise technology news and product updates.

The compliance conundrum: What to buy?

A recent poll shows that products are taking a back seat to confusion when it comes to regulatory compliance. Storage consultant SANZ might be able to help.

The storage industry may think that compliance-in-a-box is a helpful concept, but the reality is that end users are baffled by regulatory rules and don't know which products can help keep their bosses out of jail.

A recent poll revealed that an overwhelming 51% of respondents are confused by indecipherable compliance rules. Eighteen percent claimed that they don't have a budget for compliance and 8% believe that compliance-related technology is not up to snuff.

So are vendors blowing smoke on an already foggy issue? Hardware and software makers are all throwing their hats into the compliance ring. Microsoft has developed a tool for Sarbanes-Oxley compliance, EMC Corp. has tweaked its EMC Centera Content Addressed Storage System with regulatory compliance features and IBM has pulled together existing server, storage, software and retention products to create the TotalStorage Data Retention 450, to name a few.

But while vendors can help by providing the nuts and bolts of a compliance solution, the burden is on end users to satisfy Uncle Sam's rules for data retention.

As the vice president of Compliance Consulting for SANZ Inc., Castle Rock., Colo., Thomas Bookwalter doesn't force hardware and software on his users. Under Bookwalter's direction, SANZ has begun a regulatory compliance consulting service to teach end users how to handle regulations themselves. "The thing that is overwhelming for many organizations is trying to get a handle on all of the different regulatory requirements that affect them," he said.

The SANZ approach is hardware and software agnostic as Bookwalter agrees there is much confusion in the industry around which products to buy. It seems every storage vendor lays claim to compliance and they have it to some degree, says Bookwalter, but they only address part of the problem. End users are tired of hearing about the dangers of non-compliance. Now they want to know: What do I have to buy?

"Lots of users clearly know that they are way out of compliance, but they're paralyzed and they don't know where to start," Bookwalter said.


Best practices for enabling and maintaining compliance

Regulatory Compliance: the Next Y2K?

Dig Deeper on Data storage compliance and regulations

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.