Learn about our Governance, Risk & Compliance Solution:
“Regulatory compliance has become a critical element in IT decisions in the same way that ebusiness, client/server, ERP and other major technological innovations have in recent years.”
Gartner Group
Governance, Risk and Compliance (Compliance) have become critical issues over the last few years. With the pace of regulation continuing to increase, their impact on IT has become substantial. Dealing with compliance issues is challenging as both risk and regulation emanate from many sources, which requires continuous monitoring and impact assessment. Meeting the demands of Sarbanes-Oxley, Basel II, the revised Federal Rules of Civil Procedure, or the Gramm-Leach-Bliley Act, for example, means that the cost of compliance grows with each new regulation, especially if the IT organization implements separate controls for each. To manage these costs, many enterprises are adopting standards, enabling them to meet multiple regulatory requirements with a single set of controls. CobiT, ISO 17799 and ITIL are among those being used.
From an IT perspective, the problem of managing compliance issues is most acute for unstructured information - the data that resides in files and filesystems. Some organizations have deployed applications for email archival and enterprise content management (ECM) to address Compliance requirements. However, a complementary solution is needed for file and email data not residing in these repositories, as these information assets cannot be tracked and managed for compliance known to the organization.
The problem of managing information that presents a risk and is subject to regulation is difficult not so much in terms of enforcing access control and managing retention, rather it is the determination of which information should be subject to more rigorous access control and managed retention that is the most difficult task. Most organizations have no way to make this determination and equally have no method to ensure that their policies related to privacy are being followed; manual audits are simply too time consuming and costly to be either thorough or frequent enough to detect and resolve issues.
The Kazeon Governance, Risk & Compliance solution, combined with optional Retention Manager Software for NetApp SnapLock or EMC Centera, provides organizations with the ability to identify, classify, secure and manage the retention of documents subject to regulation scattered across corporate networks.
Identify files based on file attributes (filename, size, extension, etc) and/or content contained within the files
Automatically or manually move/copy the files identified to NetApp SnapLock volumes/EMC Centera (Compliance Storage) and set the appropriate retention dates. For example:
Find all files created or modified between January 1, 2004 and January 1, 2007 containing the words “financialstatement”; move them into Compliance Storage, and set the appropriate retention date.
Find all PST files owned by user “M Jones”, tag them with case name “mjones_1752”, and copy them into Compliance Storage so that they cannot be altered or deleted and can be rapidly searched in preparation for a lawsuit.
Search content already stored in NetApp SnapLock volumes/EMC Centera
Set policies to automate many processes
Find all files owned by the group “finance”, copy them into Compliance Storage, and set a retention date. Automatically repeat this once a week.
Automatically report on the status of compliance data moved to the Compliance Storage by the IS1200
Report daily on files that have met their expiration date and send an e-mail to the compliance team for review.
Generate weekly reports showing files that have been moved into Compliance Storage and e-mail them to administrative staff.
Output sets of files to PST,XML or CSV for auditors
Payment Card Industry (PCI) compliance results.
Click to enlarge.
Payment Card Industry (PCI) compliance drilldown.
Click to enlarge.
Setting Actionable Services on PCI compliance Results Set.
Click to enlarge.
The Kazeon Governance, Risk & Compliance solution dramatically reduces the cost of identifying information subject to risk or regulation from the massive amounts of file-based content distributed across the enterprise. Furthermore, Kazeon’s ability to automatically classify and act on targeted information ensures that the information subject to risk or regulation is retained for the correct period of time and has the right service levels applied to it throughout its lifecycle.
“Kazeon has delivered a comprehensive suite of products that are configured to meet specific information classification requirements such as electronic
discovery, compliance with record retention and information privacy regulations and data archiving. ”
Taneja Group
Kazeon Governance, Risk & Compliance Benefits
Lower the costs of compliance by rapidly identifying and acting on information subject to risk or regulation
Ensure permanence, accuracy, integrity, and security of data by moving or coping information to leading compliance storage solutions from Network Appliance and EMC
Ensure consistent enforcement of polices by setting rules-based policies based on compliance requirements and file content.
Rapidly locate specific content already stored in NetApp SnapLock volumes/EMC Centera using search
Provide requested data to auditors rapidly and conveniently by sending output to PST, XML or CSV
Conduct rapid risk audits by reporting on or searching for documents that present a particular risk profile.
|
