The Upside of Compliance

When it comes to regulatory compliance, there's no such thing as sufficient preparedness. While IT pros struggle with existing regulations, new ones loom. The powers that be in the European Union are rattling their sabres, promising new and more complicated rules, and other groups are endorsing complex sets of procedures. (See EU Compliance Looms for Stateside IT and ITIL Irritates IT Managers.)

All of this compliance activity threatens a domino effect for IT. First, it forces more work onto groups that are already pressured. It also could topple the budget in many shops, as managers must buy technology and services to cope with compliance demands. Indeed, it looks as if the trend is proving Gartner Inc. 's prediction that IT compliance spending will jump to between 10 percent and 15 percent of IT budgets this year. (See Compliance Takes IT Bite.)

The strain of working harder with fewer people, combined with the growing pressures of new technology and added spending, exposes IT pros to an unprecedented loss of control and potential conflicts with constituents.

"The IT department will be viewed as the really bad guys, because we will be blamed for the organization not being able to do what they want to do," one manager told Byte and Switch senior editor James Rogers last week. Another was even more pessimistic about getting any sympathy from end users: "The business couldn't give a crap about IT," he said. Talk about a potential minefield.

No wonder storage pros are complaining about compliance more loudly than ever. Steven Attias, chief information security officer of New York Life Insurance, describes compliance as "running on a treadmill that's constantly getting faster – and increasing in elevation at the same time." (See Compliance Remains Elusive Target and Fed Up With Compliance.)