Print

Comment

Email

Digg

Del.icio.us

Reddit

Twitter

The recent Satyam fiasco has thrown up a lot of issues. Data management happens to be just one of them. Data management and auditing has long since been an issue of discussion in India. But thanks to compliance and regulatory issues, little has actually happened beyond board rooms and panel discussions.

However, after the famous Raju Confessionals have been out in the open, companies are finally waking up and realizing that a well managed database can be an answer to many troubles. Corporate governance as a concept has never been taken too seriously in India, but with the offshore clients cynicism coming attached with the Satyam scam, the importance of a highly scalable and flexible data system with multiple back-ups is being increasingly felt.

It is too early to say whether this sudden accountability wave will die down with lapse of time, but we have tried to see what are the characteristics that this wave is displaying right now.

Storing Intelligently
The need of expansive storage is nothing new for enterprises. With the amount of data growing phenomenally, something like an intelligent storage drive began to be visible in the industry. This happened somewhere around the 1990s.

Says Neeraj Mediratta, CEO, Ace Data Devices, Some fifteen years back, storage used to happen on servers that had size limitations. On the other hand, the amount of data was increasing substantially. That when people started thinking, what if storage goes beyond the server capacity?

And much like a slow revolution, we saw the evolution of storage from Direct Attach Storage to Network Attached Storage. However, more than data auditing, storage focused on data usability. Until now, and to some extent even now, storage is aimed more toward servicing the applications better and faster. The primary goal was to provide a quicker user experience.

The first move toward intelligent storage came with SCSI, which had a data transmission rate of about 80 Mbps. The next level came with Fiber Channels, which although afforded great performance (4 Gbps), came with a huge cost that restricted its adaptability. The answer to this came in the form of IP SAN (Storage Attached Network). SAN, also known as iSCSI, comes with an average performance of 1 Gbps and has a separate network laid out for storage.

According to Mediratta, there is a sort of integration happening in storage now, with various forms of storage coming together to form a kind of secure storage ecosystem. He says that most of the larger enterprises are working on the storage model wherein they store their business critical or core applications on a fiber cable network, and the non-business critical applications on the iSCSI or SAN.

There is a sort of integration happening in storage now, with various forms of storage coming together to form a kind of secure storage ecosystem Neeraj Mediratta, CEO, Ace Data Devices	In the wake of recent events like the Satyam scam, historical data assumes paramount importance Shekhar Das Gupta, president and COO, Solix Technologies

This unification, says Mediratta, has lead to an inbuilt data management system within the storage. He says that there are ideally four stages in an information life-cycle. These arestore, protect, optimize, and leverage. Given the level of functions that storage provides today, the likelihood of losing data is very less, he notes.

Storage now operates on the WORM principle, which translates aswrite once and read many times. There are several tiers of storage that offer easy access and scalability across data. Intelligent storage can reduce the need of various additional audit tools, he adds.

From Storing to Securing
Several years back, the US government woke up and introduced compliance norms like Sarbanes-Oxley, HIPAA, FDA 21 CFR Part 11, EUDPA, and the usa Patriot Act, that made it compulsory for companies to monitor data access and submit reports on the same. This was because a bulk of very sensitive data was being captured and maintained electronically, and that mode of operation came with its own threats.

These factors have led to increased scrutiny and more demanding findings by both internal and external auditors, with 2004 being an especially important year for compliance with a large set of regulations. Companies today must prove that they have a recorded audit trail of who has accessed (or even tried to access) specific information. Regulators, shareholders, board members, customers, and others now insist that companies prove they can determine whos done what to their databases, and when.

And like everything else, technology enablers found an opportunity that was inset within this threat. Thus came the data auditing tools that sit over and above your storage, and can track the movements made by individuals or entities to access or change data.

Although a sound set of laws is still missing in our country, data auditing tools are already making their debut. Solix Technologies Data Management Suite is one such tool. Solix provides solutions that sit on the ERP and provide long term retention of data. This becomes very important from a companys compliance perspective.

As per Shekhar Das Gupta, president and COO, Solix Technologies, In the wake of recent events like the Satyam scam, historical data becomes of paramount importance. In these cases the first issue is that of long-time retention of data that translates into a huge amount of storage capabilities. The next issue is that of accessthis includes aspects of extracting relevant information from humongous amounts of data that is stored at various places. And this requires very advanced search capabilities, and according to Gupta the search is akin to searching for a needle in a haystack.

The final step includes recording. This is the step that entails major auditing tools and records sensitive data. Gupta says that audit tools like the ones they offer can record things like who, when, how and from what location data is being accessed or tampered. And since all this is done by the same software, it eases a lot of management and tracking hassles.

Moreover, solutions like these can reduce the storage requirements of a company drastically. Gupta says that one terabyte can approximately be compressed to about 200 Gb. That certainly spells good news for organizations for whom managing data was nothing less than a nightmare.

Such solutions also imbibe capabilities to move sensitive data to a new application or a completely new storage. It also has a log of people who accessed data.

However, Gupta agrees that data auditing as a concept still has not caught up in India. Most of our clients are in the US and Europe, and because of the compliance issues there is a huge requirement of such tools, especially in the US since it is followed like mandatory there. But he is optimistic of corporate governance catching up in India and making things like data auditing mandatory for big firms.

In fact, he already sees a positive movement in this regard. Solix, one of the pioneers of data-audit -ability has recently tied up with Oracle Financial Services Software, a majority owned subsidiary of Oracle. OFSS will offer Solix EDMS as embedded functionality in Oracle FLEXCUBE to help automate, archive and purge processes by classifying data, configuring and executing archiving and data migration routines. Gupta believes it to be a very positive sign. In the future he says, tools like these will be more indispensable. That is because Satyam is certainly not the last one that India is hearing about, he says as he sums up.

Mehak Chawla
mehakc@cybermedia.co.in.

Page(s)   1