Storage resellers may feel a pinch from that policy change—or maybe not—based on the results of a recent poll of storage managers. Compliance is taking a back seat to more urgent, everyday storage matters, they say.
In late summer, I attended a SNUG (Storage Networking User Group) meeting where an OEM storage vendor talked about roadmaps.
The speaker in question was Dave Ellis, director of high performance computing architecture at LSI Logic, a maker of HBAs (host bus adapters), RAID and drive controllers and other OEM storage technology. All of this is practical stuff that makes its way into SANs and servers near you.
He identified a number of technology trends on the companys roadmap, and also examined a number of market trends that could effect that roadmap, such as consolidation in the industry and an emphasis on mid-market solutions.
Of course, compliance was a significant factor in the companys roadmap. The company and its OEM customers were making gains by the legal requirements of enterprise customers to store and retrieve an increasing variety of business data as well as handle the increasing volume of that data.
However, he warned that cycles are an unwelcome fact in the technology industry and that the compliance juggernaut could be slowed or stopped. He wondered how the drive to "keep everything forever" could be maintained.
"Sooner or later, somebody will come in [to Washington] who will say: Stop the madness. As resellers and suppliers, we will be affected by this cycle," Ellis warned.
That "somebody" may be Treasury Secretary Henry Paulson, who on Nov. 20 suggested in a speech that SarbOx rules were hurting the competitiveness of U.S. capital markets.
Paulson said the Sarbanes-Oxley Act of 2002 targeted executives who put their personal interest above the interests of their shareholders, which then undermined confidence in our markets. "Thats not competing, thats cheating," he said.
Since SarbOxs rules for listing, regulatory and legal enforcement were "extensive and significant," he said, it took time for companies to understand, process and then implement the changes.
That implementation phase has made compliance a hot category in the past few years.
The rules require companies to store relevant financial records, which has been understood to mean structured databases as well as unstructured data such as e-mail, messages and even digital voice.
"Many of the results have been positive. At the same time, as corporations, financial institutions and regulators continue to adapt, questions are being raised about the long-term impact of these changes. Our goal is to preserve the integrity of our markets while maintaining their competitiveness," Paulson said.
To many it appears that this preservation would be achieved by yanking out a good many teeth from the SarbOx rules. Or as politicians often call it: "striking the right balance."
"When it comes to regulation, balance is key. And striking the right balance requires us to consider the economic implications of our actions. Excessive regulation slows innovation, imposes needless costs on investors, and stifles competitiveness and job creation.
"At the same time, we should not engage in a regulatory race to the bottom, seeking to eliminate necessary safeguards for investors in a quest to reduce costs. The right regulatory balance should marry high standards of integrity and accountability with a strong foundation for innovation, growth and competitiveness," Paulson said.
The proposed revisions may become public in December.
Still, Sen. Christopher Dodd, D-Conn., who will become chairman of the Senate banking committee in January, said problems with SarbOx were exaggerated by the critics.
However, he said he is aware that fellow Democrats are siding with the administration to change the rules.
Dodd told the New York Times that he will resist changes if the proposals "weaken transparency and stability and the competence in the system."
So, will this Fed FUD be enough to stall the storage markets SarbOx growth? Perhaps so.
If such an event was already on the radar screen for storage companies, then we should expect that they will proceed with caution.
Naturally, it will be a wait-and-see opportunity for customers to take a bit of a breather, even as the rules are still in effect.
In addition, SarbOx is only one portion of the compliance picture.
At the summer SNUG meeting, one local reseller said he wasnt worried about the potential for SarbOx changes.
He said he was gaining customers requiring lots of new storage for HIPAA compliance.
He noted that big files are now being attached to electronic medical records, such as X-ray scans, and these files need to be kept even beyond the lifespan of the patient.
At the same time, storage managers appear to already be moving on, according to a recent study released by StorageNetworking.org, the organization that runs the SNUGs.