Study: Compliance Bodes Well for Storage Industry Page 2


Want the latest storage insights?

Download the authoritative guide: Enterprise Data Storage 2018: Optimizing Your Storage Infrastructure

Many Storage Vendors Behind the Curve on Compliance

In researching the report entitled "Compliance: The effect on information management and the storage industry," Gerr talked to a number of storage vendors and was surprised to see how few actually were familiar with compliance laws, some of which go back to 1934.

"Whether you're talking about information from 1934 or 2004, it still has to be stored digitally. 10 years ago in the pharmaceutical industry, people scribbled in notebooks, but now it's become increasingly computerized," reports Gerr.

This leads to another point about the faulty connection between compliance regulations and IT. Gerr believes that because compliance is not what one would call a traditional IT sale, a storage vendor representative could walk into a doctor's office, and a doctor would never have heard of companies such as VERITAS or Network Appliance , or even EMC .

However, he says, EMC is now well positioned because it has taken charge of meeting compliance needs of medical and financial fields. The Hopkinton, Mass business has what Gerr calls an ecosystem of partners. In one example, EMC has teamed with GE Medical and can walk into a doctor's office with a representative from that outfit, and the doctor will know GE Medical. This goes along way toward helping a storage vendor like EMC connect with folks bound by compliance rules.

To be sure, EMC has already addressed compliance storage needs. In April the firm launched a version of its Centera system with features tailored for compliance.

"EMC has done an exceptional job understanding regulations, and in spending time and energy to meet those regulations," Gerr says. "They have gone to market in a unique way by partnering with ISVs and application vendors who really control the sale to the compliance side. From a technology standpoint, they are not necessarily far ahead of other vendors, but from a time-to-market perspective they are, and it makes it more difficult for Network Appliance, Hitachi Data Systems , and StorageTek to follow on their heels."

Another interesting nugget, Gerr adds, is that companies who adhere to compliance are by and large technology-agnostic — they aren't devoted to one particular technology so long as it meets regulatory approval. Gerr believes the vendors who can bring compliant-tailored products and services to market fastest will be the ones most likely to succeed.

Sarbanes-Oxley addresses a different field altogether than HIPAA, but it is no less important, as accounting scandals have rocked the foundations of many businesses in the last few years. AMR Research said in a report early this month that public companies will spend up to $2.5 billion to comply with the Sarbanes-Oxley Act of 2002. The act requires executives and auditors to document and certify the effectiveness of internal controls and procedures related to financial reporting.

If that seems like a lot, it is. But it's just one of perhaps some 15,000 regulations Gerr says must be respected.

This story originally appeared on internetnews.com.

Back to Enterprise Storage Forum

Submit a Comment


People are discussing this article with 0 comment(s)