Compliance has propelled storage from back office obscurity to the top of the boardroom agenda and with its newly raised profile comes newly raised budgets, the likes of which would have previously been unimaginable for a storage architecture. But how do pressured CIOs make the most the new budget and what are the long term business benefits it can deliver?

The retention of data has become one of the most pressing issues facing business today. From SOX to Basel II, new laws and regulations put in place by governments and international bodies are forcing companies to address the way they manage data from conception through to disposal. Compliance has propelled storage from back office obscurity to the top of the boardroom agenda and with its newly raised profile comes newly raised budgets, the likes of which would have previously been unimaginable for a storage architecture.

However, long before compliance was an issue, companies were beginning to realise that data - one of a company’s greatest assets - could deliver real business benefits if managed effectively. The risk now is that the pressures of compliance will distract companies from realising the full business value that can be derived from their data, forcing them instead to tackle the issues of auditing and protecting data instead of how to use it to their business advantage.

Yet, this need not be the case. Before undertaking any project, the storage practise within my company works with customers to develop a four point plan, to understand their storage needs based on the business and legal requirements for their data. By taking time to identify the data that is important to an organisation, and understanding how to manage, share and protect it, forward thinking companies can manage data from its point of creation right through to its achieving and retrieval. Such an holistic approach to Information Lifecycle Management (ILM) can deliver real business value while simultaneously helping to achieve the best practice which underpins much of today’s compliance regulations.

The first, and perhaps the most daunting step, to achieving an effective ILM strategy is to assess which data is important to an organisation. This is determined by its usefulness to the business and its associated risk. Identifying which data is important from a business and compliance perspective, what grades of data are stored within an organisation, and who needs to see it, are the basic building blocks of a successful ILM project. Similarly, taking time to understand the priorities different parts of the business place on different data, and understanding the process and reporting capabilities that help them use this data effectively is essential. Everything else will stand or fall, based on how complete the original data capture is, and decisions based on high-quality information will have better foundations than those based on poor or incomplete information.

Only once data has been categorised in relation to its business value and risk, how it needs to be accessed, and by whom, should consideration be given to the type of storage solution to implement. The new Basel II accord requires financial services companies to store a vast amount of customer data so they can reduce the amount of capital set aside to cover risks. Access to this information after the transaction is completed will be required seldom, if ever, but compliance dictates that companies manage and protect this information in an appropriate way. In contrast, timely access to customer correspondents, audio recordings of customer complaints and access to a company’s transactional database can improve both the quality and speed of customer service, and even reduce customer service costs.

With this in mind, enabling the business to access information at a speed/cost ratio, which reflects the value of the data to the organisation, is a compelling business argument. Getting the ratio right is intrinsically linked to storage optimisation. As storage becomes more sophisticated it is possible to architect a consolidated physical or virtualised storage network, which combines existing storage infrastructure with best fit technology. So, while it may make sense to store primary, high value data on disk, it can be up to fifty times cheaper to store tertiary data on tape.

Architecting a storage infrastructure in this way ensures data storage costs grow in proportion to the relevant ‘active’ data in a company’s disk drives and not because of the total volume of data that needs to be stored. Cleaning and de-duplicating a company’s existing storage can also yield significant re use of space and further reduce the overall cost of an holistic ILM strategy. Optimisation of this nature ensures that a company increases its ROI on assets. It also guarantees a reduction in the cost of storage compliance on an ongoing basis, while enabling timely access to essential information.

Keeping data is one thing. Keeping it securely is another. An information audit in the early stages of an ILM project, as well as helping to assess the best types of storage to implement, will also ensure safeguards are put in place to protect the data that falls under the corporate governance banner. The Sarbanes Oxley Act, for example, requires companies to file an internal control statement with its annual report that includes ‘an assessment….of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.” Identifying this data in the early stages of an ILM implementation, and establishing reporting and auditing capabilities to demonstrate storage management policies and processes are compliant, will ensure that systems and procedures are reliable and data is protected as it needs to be.

My company’s four point plan is, of course, only the starting point. Carried out thoroughly it will provide a solid foundation from which an holistic storage environment can grow; one that is better able to respond to users because the data is understood, better able to provide competitive business edge because data will be organised, and better placed to adhere to compliance regulations because information is being managed from conception through to disposal. Addressing the fundamental issues of business efficiency and competitiveness as it does, it is little wonder that storage has become the boardroom topic of the day, the only question remains is why it hasn’t happened sooner.

BIOS, Dec 19, 06 | Print | Send | Comments (0) | Posted In Networking