Storage Management: The Compliance Effect, Part 1 Page 3
Three Areas of Critical Data Management
Harvey identifies three areas of critical data management necessary to meet these new regulatory requirements for data protection and retention: security, sourced audit trail, and accessibility.
“Security impacts several data issues, including intellectual property and audit trail validation, which represent the crown jewels of all companies and are associated with creation and control of ownership,” says Harvey. These involve critical business records that allow a company to properly defend and protect its ability to drive revenue under existing regulatory requirements. “This brings with it the requirements to secure, mirror, protect, and recover this data for both business and (now) legal purposes,” he says.
Harvey explains that what this means is that at the enterprise level of every business, requirements have changed to include more than just common security policies for data and retention on tape. It now requires classification, retention, and management of data lifecycles beyond the traditional protection and management processes used by IT today.
Harvey adds that serious consideration must be given to multi-vendor sourced data on how they will be identified, ranked, and managed across the various storage architectures involving both legacy and open systems. This, according to Harvey, includes using production, near-line, and archival (tape and disk) storage, and must be revisited to match the new business models of governance.
In today’s ever-changing world of storage, IT managers are not only facing the day-to-day issues that have come to be expected, they now have to fulfill data permanence and retention regulations, address potential liability issues, satisfy security requirements, simplify compliance management, improve information access, and cut overall costs — all in a day’s work. As Lam says, this is a very tall order.
This is the first of a two-part article. Part two will address the following questions:
- How will compliance issues evolve over the next five years?
- What can organizations do now to get the ball rolling to be ready for data retention rules in the future?
- What current and emerging storage technologies will make satisfying regulatory requirements easier in the future?
- Why is regulatory compliance such a hot topic today? In the future, will it generate the same level of paranoia and vendor attention?