Big Blue Asks: Do You Comply?

Storage vendors such as EMC and Hitachi Data Systems have been pounding the tables of late, proclaiming that they have the answer to the compliance bugbear many corporations have been facing the past couple of years with the passage – or pending passage – of federal regulations that require documents to be saved for definitive periods of time.

While many of these vendors are treating compliance with software solutions under broader information lifecycle management (ILM) strategies, IBM is taking a different tack. The company already had enough of the technology pieces in place to create such solutions, but officially put them to use at a time when concern over meeting regulations has perhaps reached its pinnacle; with so many new rules in place, enterprises want to steer clear of fines for non-compliance.

To wit, the Armonk, N.Y.-based systems vendor Wednesday drew the curtain on a number of products and services targeted at helping corporate customers manage their data in accordance with federal regulations from such bodies as the Securities and Exchange Commission (SEC).

Steve McLaurin, partner and certified information systems auditor of IBM’s Business Consulting Services, says IBM has an advantage over rival vendors
because the company acquired a great deal of auditing mindshare when it successfully acquired consulting powerhouse PricewaterhouseCoopers (PwC) last year. IBM is working with such partners as iLumin, IXOS, KVS, Northrop Grumman, NuGenesis, SearchSpace, Siemens, and VeriSign in its compliance endeavor.

McLaurin reports IBM’s new services include:

• IBM Anti-Money Laundering Service – IBM and Searchspace have developed a hosted utility solution to satisfy requirements of the USA Patriot Act of 2001, which holds that companies put a program in place to prevent and detect money laundering
  



• IBM Email Archive and Records Management Service – IBM will help provide financial services companies with a real-time archiving and records
  management utility service for storing e-mail and instant messages to help customers satisfy NASD and SEC regulations, including SEC Rules 17a-3 and 17 a-4, NYSE 342 and 440, and NASD Conduct Rule 3010/ 3110
  



• IBM DB2 Content Manager for Data Retention Compliance – Software that combines IBM DB2 Content Manager, DB2 Records Manager, and DB2 CommonStore, as well as services with third-party software from iLumin, to help companies meet SEC and NASD regulations
  



• IBM Lotus Workplace for Business Controls and Reporting – Software that helps firms manage information in their efforts to comply with compliance requirements, such as Sarbanes-Oxley, Sect. 404

Stan Lepeak, vice president of Professional Services Strategies at research firm Meta Group, maintains no other vendor has as well rounded a portfolio for
compliance solutions as IBM at this point, noting that the company has taken advantage of its PwC assets to package new services based on existing infrastructure.

IBM Business Consulting Services (BCS) has also released a survey regarding compliance in which the surveyors found that only one in ten surveyed CFOs and financial executives view their internal controls as compliant with Section 404 of the Sarbanes-Oxley Act today, which is eight months before the compliance deadline. Lepeak believes the survey to be accurate and says it shows that IBM has been scrutinizing the effort as opposed to just throwing solutions together from its vast pool of resources.

Other new IBM solutions for compliance include:

• IBM Tivoli Storage Manager for Data Retention – Expanded policy-based data retention capabilities in this software provide non-rewriteable,
  non-erasable storage controls to prevent deletion or alteration of data stored using IBM Tivoli Storage Manager before the policy-based retention
  criterion is satisfied
  



• IBM TotalStorage FAStT EXP100 Storage Expansion Unit – A storage disk expansion enclosure that utilizes Serial Advanced Technology Attachment
  (SATA) disk drives
  



• IBM TotalStorage Enterprise Tape Drive 3592 tape media and drives – IBM will create a Write Once Read Many (WORM) media technology for the 3592
  tape drive. With it, data on the cartridges can’t be overwritten.
  



• IBM Asset Disposition Data Disposal – Disk Wipe Services to ensure that proprietary information – financial or medical records, for example – is not left on disk drives

IBM counts ChartOne, i3 Archive, National Account Service Company, JPMorgan Chase, and Viewpointe Archive Services as customers it is already helping to meet government requirements with regard to data management and retention.

Story courtesy of Internet News.

Back to Enterprise Storage Forum