Data Storage Compliance

Data Storage Compliance

Welcome to IPSOFACTO… a magical place of LOVE and I.T. in Downtown San Francisco! joy@ipsofacto.net

Data Storage Compliance And Corporate Regulations

Data storage compliance and corporate regulations are having an impact on the storage organization as well as the management practices employed to retain, search, certify and destroy data. In spite of the many regulations that now govern records storage, there are no mandates or guidelines that dictate any implementation. Companies are often left idle in their quest to identify the regulations that relate to them, identify what data should be saved and implement storage to meet those various regulations. Many wonders what the essential goals of data storage compliance are?

The actual terms of each regulation on compliance vary dramatically, but storage compliance regulations typically focus on three distinct areas: retention, integrity, and security.

Retention will dictate how long data must be kept in storage, but stored data must also be quickly retrievable in the face of compliance audits or legal discovery. Search is a very serious issue with retention — an organization will need advanced tools to locate relevant data stored for 10 years, 20 years or longer. Data will also need to be readable over time, which can be a crippling problem as operating systems, email server versions or other elements of the storage infrastructure evolve with technology. For example, consider all email records saved today may not be readable by operating systems and applications 20 years from now — even if the media is completely intact.

Integrity is also called “immutability;” making sure that data has not been changed or lost because of corruption or media failure. Remember that tape had been the traditional immutable media for many years. However, disk-based write-once platforms, like content addressed storage (CAS), meet the high demands for rapid accessibility.

Then security, as it sounds, protects sensitive data from unauthorized access. Security is typically part of the storage platform (e.g., user authentication in a CAS platform), though we see encryption is taking on a more prominent role for tapes and file servers today. Regulators will often require companies to have policies and procedures in place to manage integrity and security.

 

mm
Steve Boullianne, Multiple post-graduate degrees, Mind/Body/Spirit enthusiast. 139 IQ & Mensa. Loves Skiing, Scuba, and Food. Steve’s First job out of college was programming satellites for AT&T. Founded IPSOFACTO in 1996, Y2K boom, e-Commerce super success, 2.1 boom. Steve is ready to Mediate high quality for all life, our one planet, and human kindness. Loves to dance and tell jokes. Steve believes that Excellent Communication is key to human success (and failure). Steve has 3 sons who are his STARS. They will carry the world into a brilliant future. Since 1996, Steve has been a volunteer drug and alcoholism counselor in the Bay Area. The power of the Great Spirit is in you. Steve is a good friend to have.