For storage networkers, the landslide of new "compliance" laws is a mixed blessing, says a new report from Byte and Switch Insider, this publication's paid subscription research service.
The report, "Compliance: Do No Evil," says that on one hand, the latest slew of regulations governing corporate documentation, such as the Sarbanes-Oxley act, can be viewed negatively as the regrettable result of a few bad apples that are now making life miserable for everyone. On the other, IT and storage professionals can benefit from compliance in several ways:
- Compliance gives the IT and storage functions a more strategic role in the company.
- It's another opportunity to emphasize the need for centralized management (i.e., to stop the proliferation of storage islands).
- It can be a key driver for many firms to implement an overall information lifecycle management (ILM) strategy.
- It's another step on the path to automated, policy-based management.
Recent laws and regulations may be considered a Full Employment Act for compliance-related workers. Thousands of person-hours will be spent in 2004 to ensure compliance with Sarbanes-Oxley alone, the report states. Besides requiring auditors, accountants, and other experts, a compliance strategy calls for expertise that can only come from storage administrators.
The report gives specific advice on technical issues to consider in any compliance strategy, such as the ability to add indexing to data records, to choose the right medium for data retention, and to make information backup and retention dependent on events rather than just a cycle of time.
Storage admins will need to evaluate products to determine how existing gear can be adapted: Up to 67 percent of companies expect to deal with compliance using tools they already have, the report states.