Governance, Risk & Compliance

Kazeon lowers the costs of compliance by rapidly identifying and acting on information subject to risk or regulation.

Information Governance Risk & Compliance Challenge

Governance, Risk and Compliance (Compliance) have become critical issues over the last few years. With the pace of regulation continuing to increase, their impact on IT has become substantial. Dealing with compliance issues is challenging as both risk and regulation emanate from many sources, which requires continuous monitoring and impact assessment. Meeting the demands of Sarbanes-Oxley, Basel II, the revised Federal Rules of Civil Procedure, or the Gramm-Leach-Bliley Act, for example, means that the cost of compliance grows with each new regulation, especially if the IT organization implements separate controls for each. To manage these costs, many enterprises are adopting standards, enabling them to meet multiple regulatory requirements with a single set of controls. CobiT, ISO 17799 and ITIL are among those being used.

From an IT perspective, the problem of managing compliance issues is most acute for unstructured information - the data that resides in files and filesystems. Some organizations have deployed applications for email archival and enterprise content management (ECM) to address Compliance requirements. However, a complementary solution is needed for file and email data not residing in these repositories, as these information assets cannot be tracked and managed for compliance known to the organization.

The problem of managing information that presents a risk and is subject to regulation is difficult not so much in terms of enforcing access control and managing retention, rather it is the determination of which information should be subject to more rigorous access control and managed retention that is the most difficult task. Most organizations have no way to make this determination and equally have no method to ensure that their policies related to privacy are being followed; manual audits are simply too time consuming and costly to be either thorough or frequent enough to detect and resolve issues.

The Kazeon Governance, Risk & Compliance Solution

The Kazeon Governance, Risk & Compliance solution, combined with optional Retention Manager Software for NetApp SnapLock or EMC Centera, provides organizations with the ability to identify, classify, secure and manage the retention of documents subject to regulation scattered across corporate networks.

Identify files based on file attributes (filename, size, extension, etc) and/or content contained Payment Card Industry (PCI) compliance results. within the files Automatically or manually move/copy the files identified to NetApp SnapLock volumes/EMC Centera (Compliance Storage) and set the appropriate retention dates. For example: - Find all files created or modified between January 1, 2004 and January 1, 2007 containing the words “financial statement”; move them into Compliance Storage, and set the appropriate Payment Card Industry (PCI) compliance drilldown. retention date. - Find all PST files owned by user “M Jones”, tag them with case name “mjones_1752”, and copy them into Compliance Storage so that they cannot be altered or deleted and can be rapidly Setting Actionable Services on PCI compliance Results Set searched in preparation for a lawsuit Search content already stored in NetApp SnapLock volumes/EMC Centera <Set policies to automate many processes - Find all files owned by the group “finance”, copy them into Compliance Storage, and set a retention date. Automatically repeat this once a week. Automatically report on the status of compliance data moved to the Compliance Storage by the IS1200 - Report daily on files that have met their expiration date and send an e-mail to the compliance team for review. - Generate weekly reports showing files that have been moved into Compliance Storage and e-mail them to administrative staff. Output sets of files to PST,XML or CSV for auditors

The Kazeon Governance, Risk & Compliance Benefits

The Kazeon Governance, Risk & Compliance solution dramatically reduces the cost of identifying information subject to risk or regulation from the massive amounts of file-based content distributed across the enterprise. Furthermore, Kazeon’s ability to automatically classify and act on targeted information ensures that the information subject to risk or regulation is retained for the correct period of time and has the right service levels applied to it throughout its lifecycle.

Lower the costs of compliance by rapidly identifying and acting on information subject to risk or regulation

Ensure permanence, accuracy, integrity, and security of data by moving or coping information to leading compliance storage solutions from Network Appliance and EMC

Ensure consistent enforcement of polices by setting rules-based policies based on compliance requirements and file content.

Rapidly locate specific content already stored in NetApp SnapLock volumes/EMC Centera using search

Provide requested data to auditors rapidly and conveniently by sending output to PST, XML or CSV

Conduct rapid risk audits by reporting on or searching for documents that present a particular risk profile

For more information on Kazeon solutions contact the NAS sales team on 0870 752 6250 or complete and submit your contact details on the form provided under Contact Us