Compliance Creates New Storage Needs

Data protection and retention regulations have created a new class of data, such as event logs and audit reports, that themselves must be stored and managed to prove compliance. Call it managing information about the security of information, if you will.

SenSage is one start-up targeting this new class of data. Next week, the company will unveil the SenSage Compliance Bundle, an integrated security data analytics and storage solution that the company says makes it easier and cheaper to manage security monitoring, investigation and compliance data.

The offering combines SenSage with an EMC Centera content addressed storage (CAS) system in what the company bills as an information lifecycle management (ILM) solution for compliance data. SenSage calls the new niche security information management (SIM). Scott Gordon, vice president of worldwide marketing at SenSage, estimates the new market at $250 million to $300 million and growing.

Regulations such as HIPAA and Sarbanes-Oxley “require greater process automation and storage capacity for event data,” said Jon Oltsik, senior analyst for information security at Enterprise Strategy Group. “It’s not a simple collection, reporting and archiving equation; it is about scalability for efficient analysis and usable retention. We believe the features of the SenSage Compliance Bundle, leveraging EMC Centera, offers enterprises a smart choice for security information lifecycle management.”

SenSage says it has become a security best practice to generate, store and analyze system activity to track internal and sophisticated threats and complete audits. Visa’s PCI (payment card industry) Data Security standard, for example, requires on-going assessment and annual retention of transaction system audit trails, and DCID 6/3 (Director of Central Intelligence Directive) mandates that government organizations and contractors with access to classified information consistently analyze system activity and retain event logs for five years. For larger enterprises, meeting such regulations can easily consume gigabytes of storage each day.

SenSage says its new solution lets organizations aggregate, analyze, dynamically monitor and manage high volumes of event log data. The SenSage Compliance Bundle ships with SenSage security analytics software fully integrated with an EMC Centera CAS system for “fast, easy online data access with assured content authenticity and petabyte scalability.” It also includes one SenSage compliance analytics package comprising pre-defined rules and reports mapped to financial reporting, financial services, healthcare, privacy or government guidelines.

Gordon said API-level integration with Centera makes for an “extremely fast” solution offering “near-primary storage performance.”

EMC has granted SenSage’s security analytics software “EMC Centera Proven” certification. EMC is also marketing the product, which is being billed as a SenSage solution.

“EMC Centera complements SenSage’s performance, compliance and scalability features by extending online capacity at the lowest total cost,” states Roy Sanford, vice president of content addressed storage at EMC. “As customers look to securely archive more data for longer periods of time, this combination of pre-tested and configured technology can help them meet their business requirements in the most simple and effective manner.”

Pricing for the SenSage Compliance Bundle starts at about $200,000, which Gordon says is “considerably less” than the cost of purchasing the SenSage and EMC products separately. Gordon calls the pricing “aggressive” and said it is half the cost of competing products. The Compliance Bundle includes the SenSage Enterprise Security Analytics system, a SenSage compliance package, and either a 4- or 8-node EMC Centera storage system.

Back To Enterprise Storage Forum

Paul Shread
Paul Shread
eSecurity Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including an award-winning series on software-defined data centers. He wrote a column on small business technology for, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.
Get the Free Newsletter!
Subscribe to Cloud Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter!
Subscribe to Cloud Insider for top news, trends & analysis
This email address is invalid.

Latest Articles

Top Trends in Data Storage Management for 2023

Data storage management is continuously evolving. Learn about the top trends in the storage management industry now.

DRAM SSDs vs. DRAM-less SSDs: What You Need to Know

Solid-state hard drives (SSDs) come in various form factors and a wide range of capacities, but another way to differentiate among them is whether...

What is PCIe 5.0?

This article explains what PCIe generation 5.0 is, how it affects SSDs and other storage devices, when and and when not to upgrade, and what the costs of PCIe 5.0 SSDs are.