Enterprise Applications - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Enterprise Applications


Compliance Is Close at Hand



 By: Jim Rapoza
2006-05-22
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Enterprise Applications story.


  Table of Contents:
  1. Compliance Is Close at Hand
  2. ' Systems for Managing Compliance '
  3. ' Assuring Secure Compliance '

Rate This Article:
Poor Best
Compliance Is Close at Hand
( Page 1 of 3 )

Tech Analysis: The means for meeting regulations is as near as your IT stack."Whats our compliance strategy?"

Pretty much every worker in technology management has probably heard some version of this question in the last few years. From the Sarbanes-Oxley Act to the Health Insurance Portability and Accountability Act to industry-specific regulations to security best practices to internal corporate governance issues, every single company has to deal with compliance in one way or another.

But how did you and your IT co-workers handle that question about the companys compliance strategy? Did you decide to build internal applications and processes to address your compliance needs? Or did you go out and buy enterprise software solutions specifically designed to handle compliance?

The option to buy a "compliance solution" can be a very attractive one. After all, there are plenty of large software vendors out there peddling products designed to ease your compliance woes. And pretty much every major analyst company has released charts and studies showing the leading vendors in regulatory compliance.

And, face it: In many businesses, there can be a lot of pressure to have a dedicated product to handle a major problem. When it came to enterprise security, for example, lots of companies succumbed to the attraction of big single-box security solutions, so why not do the same for compliance? These kinds of products make it much easier to answer that lead-off question: "Our compliance strategy is based on Acme Softwares Compliance-o-Matic."

Resource Library:

But in the same way that single-product security solutions couldnt address the complex and widespread issues they were up against—not to mention that they became a single point of failure—compliance isnt something that can or should be handled with one product.

When it comes to security, every IT manager worth his or her salt knows that each level of the IT stack needs security measures in place—from the network to the servers to the applications to the user systems to the access control procedures. Compliance requires much the same.

In fact, eWEEK Labs has seen key compliance capabilities in nearly every product weve tested in the last few years. Conversely, weve seen many products labeled with the word "compliance." These products proved to be effective tools for helping to manage regulatory issues, but, in all cases, every so-called dedicated compliance product weve tested was actually just something else (a security scanner, document management system, storage management application, reporting tool and so on) rebranded with compliance in the name and with additional features added to boost its compliance capabilities.

In fact, eWEEK Labs contends that the makings for a robust compliance management platform are right at most IT managers fingertips (see chart, Page 33).

Strong reporting is a must for any product that touches a compliance area, but reporting tools alone are only part of the process. Document management and enterprise rights management systems not only provide reporting on how documents are being routed and used in a business but also can be used to make sure that content never ends up in the wrong hands.

Powerful ILM (information lifecycle management) and CAS (content-addressed storage) systems make sure that regulated data can be easily tracked and managed throughout the storage infrastructure. Identity management products control who can access what and who has been accessing what. And security scanning tools let administrators know where their security infrastructure fails to meet industry standards and regulations.

So when that question about your company compliance strategy comes up, we offer another response to the standard build-or-buy answer based on our testing: "Were leveraging the compliance capabilities in the applications and systems that our organization already has in place."

An even more important part of that answer should be: "Were making sure that new products and upgrades that are added to our infrastructure have strong compliance capabilities that will meet the specific needs of our business."

Following, we break down several areas in which compliance capabilities should be a key factor when choosing a solution for your business, and we make recommendations for how to best leverage existing solutions to meet various regulatory mandates.

Storage

When it comes to compliance, no other technology area is more important than storage. To a large degree, all your companys compliance initiatives rely on the capabilities of your storage infrastructure.

In fact, if you went back through all eWEEK Labs storage software reviews from the last few years, youd see that most of them could be easily co-branded as compliance reviews: From archiving tools to ILM to our recent look at CAS, dealing with compliance is always a core evaluation benchmark for storage.

This, of course, makes sense. Many regulatory compliance requirements deal with what data is saved, how to find and retrieve that data, and how to make sure that the data hasnt been altered or tampered with. Like enterprise content management, storage management systems aid compliance simply by providing their standard functionality.

Next Page: Systems for managing compliance.





  Reader Comments: Compliance Is Close at Hand
>>> Be the FIRST to comment on this article!
 


 
 
>>> More Enterprise Applications Articles          >>> More By Jim Rapoza
 


x}r㶲s\@♵MQG-45SHHbL\$e[/Oo<xӅ|LIlK@7F;;~$rhiɅc,Jv1;D;;?.ІP|oS sѩe軫F]̱]kkHNშ :#:@.Ps< j9뻲9ԗoˏne0-ڶAQ6)֐N0-Z P8 P.{@~. DuXqHGHaT6^ ;s9ȹ3z$1d9c';{ -,v2M*5f{б:9z uur<J@J53ҦE4b™EQ ,GQ%?[ڗu&u}Y6f0R*CA-tV?#;SjqsҺy\7=rҽ&qٙyN0p3 Z\vO|SQ&ںa#j}IɽGf=jIo]}<:$7cYn[_gs`HlDmYܾ̑\Ryka)(7F`X@7? iP2ML9X@/@ש#AWtBm&T3o`2 4.̻zh-Aho*KhLru&@Sk~$M cΚb.L2o<|J{mR—U/(AM/ 5|*\($ٛ"G;z̈_"ʥcp1S{.S4ipq]7Du..*s5-wfxaZ*;{8i7-һ^5O0*>cq4Y`A-. 8ǹ:mn:~l:} 5KXW @8ʍ??1m!S[ö@ .Si3+k~L>:NRm)5ٴ>l;4}t>჆$>hhƋMriOLrӇtu4Aο wF|hx: C 00w9uLP#iAтMx>tTێ]6}l2w9;-L&w&zrWt#` VPCh9N@tmS(r`)ڝfZдc@]ih[`r fG ǏiТ0T]2akRJMIas(zq |X0b=9ߛ8[%5f/.K I{y]ؕ.R\|rnN > |4'Z>pdZ`/R7:Ÿz;HySI_)~$[b"ud\6˰@e9ִ&3r,˹& zfd͞0R´g9&'zI4*$o秚+F#A̧^ǨalEk 570M:CLKo=9NglQIBOB%)` L] T<5&y[# DA#Ez . ZC ЏB(rDUXUcKQ0SKm{hAx-X\>L*'~?DFQ}G=ܴ>?CU^of8OZV,֪15ǩV\=,)j7+|&)R3KuqF'|m>/N7TFi Y<\Jo0t .tȕ6gs|eLZմlxTa/I;$#vKTNJ R0=f^9/l?!jאj8CynR)brdLǖ8+ѡ,Xr*-ÏR U#tT#CWta7 X]QiSiQ9^RӲ*ZЁQ}Ϲ5u4|X\.``!>v=1HaY[ R׊ ~e::{oR64F@2<"C8bS>tZ{PDK&nƚ667/=Od[̌<9yn2$8z0JL;%95$_ۂ3Jnbۤs:n&2006y-0P>O\Qr/ XDb+>A:+lC30XfSf~508 LBli̕[2A^ r6_?J=[L4G@V1-0]̞̙A mۨ*X9 6?b}u"lֳ>AqHlw\Kć`_Ijf΁MBPr 2=ct864>uGci lm[Q z;&KDVжU0Hz.qLspIE>2I*"Eeb 8)LUKj{[ S/0ւBMAh|?|{AcEi\xkc}ʧb TuQRnTRXUʅ7Ϣ C.JpimEB%3R-ܛ`@O|KO]T0%ezIMqza/;CnK-%. ^ذ:Zk.ܒ(tם7/f1secfaI3N9`{IO$# 3#f}ENIjVڳ$t`1۳<%8tpL\'eM=J皽6D= ϟݜw;s`>L;J@ r;qG;a>&rakS@JڃR#GYdI.|akJZܯ]q,g$ ,$(e,zǣx]!6ps^a?qp-<91=QhZavOT++f4A48&ov/>BZaabE1 wcyJV~ZgZqRtt,+w~g}e_:i^t?&=~fl?<uaa=$gY?0KKxiïR)X|8~lIiM q޲oSR=h3 J@c$bwmɾW2zV^5[ta؆'0F@IDW~Bh^v.ŗtk~w.R1~J`&!y9<`IN*axݼO8>m48Z&IEyD)t_6"B@ ˸t[k,8;XMr!}%=C٠khLخ;+^WX2k~~ I5:=> Bp(`$X)XAU:]7?GG:Ky6P^S QW"REh%IA%&g <@&9NhDu~mnER}CeNx>HАݙc-p溟8#M[^:ݷza'3 ]sݿwI]iNwl'UzyZ J}~l't:D(y[e{wCȊ̅S.{r!FtZx@2&n_%3 =яki^x̠t4u遧{ {!.u06.ydO#@/-vh14Y AAXy !Vorl8Grs&8<O$Feuw#S'gSc3/HF#%g&ySϱmF @|Ր;as*|b \<eOB•Wc#ZT=9b,0eRO˭^^'\/_wz7u- 9oxv ƣUDdWZ-WKú?d~ iZ:}ұG:+c9Iz3٢\hx^:RԵhkӾX<Μ{wH'-sl.w_SEeKi9 Ϥ93~L8 ̲yeDp'K.*(&|j T.#N8=5+aw9:)>^o;3 . Q-r ,fG']/=(}gIʘNx0_BdGdAWAgY ̥ gK}g؜jB} L@- rF-6|p4uYD¢x?!`أwZL3s}TcQA7o)ŠwRjcY* Kɒ+voWH\+D*)'?0湙jEfHn5;<;ŋVd)}9< s2.ⴗJބbs42,y|!ń!`e͢^00=3"+. ej!z\3^fy}CG 1Y> ؈DUP70Dx2}?cIqy#H?;bPQ1T9 L~vT] Ә4 5%$8i!e6$7Ka^$@:v bHBe" #ˏ\{lrDI秣=K'(Z3)fB:=6罿|[(hIQ$6yb/Qէ3P7m 7A1wԖKXjgIާS<e%mS"tj+1% - m}/YVz }S ղL e/A%9C#cr +6t(|+D$yA/5ktPE>qi=2f0A@X3 'ښg͙E2ъ=(a@JTC% *p2 t^MY y"<'U$s '!P,%H$' KG)o6X$U&%*tn;ePt/d4?pPSuoT$%R桐L_:CJ0UG'B2 B2V4siiDhX_+yvG`P4 A} 3/߅3osH>,ROϱ0L5T:3H~CWݐ69ڶ?fgKMx0^Ejc^l B$D Hb(s;\*Z'Q7+kcRwH"Dl4 bٽnu&<H OH] '=y-pxrV8 9T&N# +T3-I}blIe,0F#dҖ4@'Rg;k/OE{/eCF,#vR =53X =>q&BB@z)XiSߐ=*lkko^D\d)_rrsã/c66W_szJ.8Z?8Υ07aX7_0Is/N&%۞J6if Ig|[2@ eˡWqUc\o7ZWwFbLGNjĸJJ0j{{i/+1~Hګkfн3B;sxcEju) +K,-^a9eE&d[h ilwA5 Rx33lSěG75|G*%F¯R9*1f㍸=TQ 6iJBGh5=QdyROcSP08mr d  Ƅ)RUfwܠ~z*ڟOeh^f#n+j05 /:U@ĩ8AmkZ-Gt Mx}87+ SxC7)*=E-%=Vhpt8lExA%1K= o 9# XZ `Oh$~b Ӏ"uFf."T( .dȍM9'yo_*<>wfMd=7:}GT7ڜ. 3= L9asH ]TW\Axu=^T$a]X>q`Yuh c6zSpA1HSx+ח~aHe t03*YF2*mG&^I79i[ 45`BRA~9 26)mDR,( s[36#&|Mg:݋#+&(?-p E {GLƙ;fQWi_$R + vqY@y#LL݂zĂG(^bJ ͍$u~ fVK) &X`4A"\2Mà~?]_:'Afp͒w\j:rtT {b8+M 5߃3,ȏ]IKlݜ(83Z1I(tCK/Hzs,w'H_PbޅR-'I]+A !2,=Vr$|kwy |HfE3{8~BOz%rEeW0`A='92bg44\K L]#&O=lFLfcyuutI\ۤw|ݹw}޽Q֊_l՝nqI}uݹ'31F;6ϵM&E`,ejE)3C9,j6W#\gqxixɎ(ah,.6j5{$;G(%lFyїU1oLl+,=VԊkm8Gj:ٙ%K#C󩅧9mzfx9j0C=W܄H @1@C|k{5Bx_m;gBP~ (By794h3ʏx} $>ӌ~:Yg}yktZпNF?ӹ(w2k|ey|s_d/}/2{ȠE^^d'eSFeQ~0{ s!?0~ׅw3?]/ rqWU?{^}~Z_c}OYߧ >>eoʁo2ڿh&s$eCP̐.Np2˹Q+/ޯ4{zY~8=u^Le|pO15D -BfhNh{@$~;?薉#usgCRRՒRJZVr?'k0 #G1wQTY)ȅ[V R`" *s>P`24UJ` Pz!OJ1=4c­dKbp EУcoжH*˘@͛YH~ݢHጽNѯXJ 1`"R ?N*q0 j6d%Q(;әg_mot1*m{{[dך:Gq$Ss#KфY"DӸ&hlУm{whıŴ)9P3l1@Щ zdKdp!gB-Zыt^Q@aD˺B`u ,jϗ=3[nb扵U$7O#aU[ {w˹FU:x, #XC0 |'^n\#S?p$c2 ?L/ut 1vjIc4L2<_b 3Gw>E7x>&Ơ}ֽD#Z#7XYNƀ_@3_/7N7"fG"=/.5kx%6,x((ۀJoē}ↄtA6H_,mgrlCkVvu;L[Τaœj@@rĶ/ n>9 KB@z_nP.; m߭*j~)B n`Z(>/A>7]{!f5!a"qz0q?K+_yl x Qh/I'kQ`8O]PN<>x8" "kH "s{B|%؄wjP%n2!-9p<& ~ł k!׶+2}jQwh}r:Wѵ[40Ƅ!نI b+n5w"2cX =`?GcС_km"tZзkdY9Hr&zU h$.7=j"6: gCCJҢwr\L籽$0\d~\g;Tl[i>dt[85_xGl#,ޓ |o,C/y´wDqKNvޒۍƾ( ;>ьU%#t|1(HxҍHqp/>~؆|%O' ϻ9eKB$u' FϨfC>X의6eٲs1ebV!_2B<ԼlQ޺%qm.a; +C&:bf:γ@W (|x@loM(.e~9-/p,ZftO6C|%Joz7 =HJ B ϱengn`Cl .3./Y& hWa! e;1KLP`O3&gw6G-HGx kyf#ŧSW<2JP'jŞi#t|@ =(ۊnFTt %`GYU`+r8ǩ Vmx ut+e!.0w:˟lہR#nȅ-` jk7EmEtAcwϏp`2u^=W ɤ{%̅2 !NZxyU~ҥN.I,'_aQd+8*)ؐsk` bOP1,sLf7}MaN*)Asa#El [ApNWesS<"Y4.ǎ;g)/:|WNENE<<Sf}')VSL_Xџ_Q>q*'\b T*7Kwb~; <^E$ghV;yv<;u~m a% ѨTߴ;gu  -MGݏ-)h,)ZNN`Xfչ۝wߺ"f/On6%c(|NVKI+n^ͦG(ϗ wE&l)vsml-6C-;In*