Compliance Solutions

Retain, Retrieve and Protect Your Information

Regulatory compliance is a key factor in the accelerated growth of saved data. The myriad of regulations impacting every business as well as those targeted at specific industries are causing companies to adopt a defensive “just in case” approach and they save more than might be needed.

There are critical reasons for deciding to “lock down” sensitive company information. Not doing so can potentially expose a company to increased financial risk. Often, data must be unchanged, with auditable proof of its immutability so it can be delivered in legal proceedings or to regulatory agencies performing audits. Failure to do so could result in substantial financial exposure as a result of fines and legal awards.

The Regulations:

There are a group of regulations that have specific impact on what you retain, how it is stored and for how long. Some examples are:

Regulation	Regulatory Agency	Industry	Requirements
SEC rule 17a–4	Securities and Exchange Commission	Financial	Length of data retention storage media
21 CFR Part 11	FDA	Pharmaceutical	Data security, integrity, audit ability
Sarbanes Oxley	US SEC	Public companies	Data protection, immutability
HIPAA	US Health & Human Services	Health providers, Health insurance	Privacy, security, long retention periods
Gramm-Leach Bliley	Federal Trade Commission	Financial services	Encryption, security, data destruction
SB 1386	State of California	All Industries	Encryption

Specialized Compliance Solutions

Removable media (optical disk) was an early preferred storage media due to lower costs per gigabyte. Dramatic cost reductions of magnetic disk drives combined with the excessive cost of managing removable media have led to the demise of optical disk. In addition, recovery /discovery time to comply with legal eDiscovery demands have dramatically shortened, resulting in the need to find information faster or face fines.

Specialized disk–based archiving emerged as an alternative for compliance based archiving due to its rapid search abilities and secure storage capabilities. EMC Centera is an example of such a device. Centera is a purpose–built compliance storage device with a proprietary interface and premium price.

A new evolution is occurring due to new technology that enables the inclusion of compliance information within the general purpose disk–based storage solution. This change eliminates the need for separate costly and complex compliance systems and delivers the cost saving benefits of using general purpose storage for compliance archiving – all within one system.

Permabit Solution:

Permabit Dedupe 2.0 storage storage is a disk–based archiving solution that delivers the answer to all of your compliance and general purpose archive needs in a single solution. By managing the information within a single multipurpose system, you can optimize your storage costs and resources.

The Permabit Enterprise Archive offers:

• Cost Savings — Using Permabit’s built–in SDR, offers effective cost of less than $1 per gigabyte – lower than any other disk–based archive solution in the industry.

• WORM Retention — Able to lock down data to insure immutability and deliver chain–of–custody proof with content certificates.

• WORM Flexibility — Create a WORM volume at any time, as any read/write volume can be instantly converted to WORM using the Convert to WORM feature whenever required.

• Compliance WORM — Volumes created using Compliance WORM cannot be deleted or altered until the retention period has expired. This is a requirement for regulations such as SEC 17a–4.

• Enterprise WORM — Volumes created using Enterprise WORM allow administrators to delete an entire volume, just not the files under retention within the volume.

• Flexible Encryption Policies — Retention periods can be uniquely specified or policy driven based on file type, origin or application.

• Digital Fingerprinting — Manages data integrity for data at rest and on the fly. Federal Regulations define SHA–256 hashing algorithms as a requisite to address these issues.

• Policy–based File Management — Driven by source application or defined uniquely by file type or owner.

The graphic below shows the WORM volume management capabilities with the ability to define access, management rights, retention periods and encryption and compression functions.

	Figure 1. Permabit interface allows easy, flexible access to set WORM policies.  >> Click for larger image