Storage for Compliance Applications

Similar documents
Automated Tiered Storage by PoINT Storage Manager Optimizing the storage infrastructure concerning cost, efficiency and long-term availability

Design of a WORM Filesystem Terry Stokes Dell EMC/Isilon

Securing Data-at-Rest

Introduction to Digital Archiving and IBM archive storage options

DELL EMC DATA DOMAIN RETENTION LOCK SOFTWARE

INTEGRATING EMC XTENDER AND DISKXTENDER FOR ELECTRONIC MESSAGING ARCHIVAL WITH NETAPP NEARSTORE

Compliant WORM Storage Using NetApp SnapLock

Information Lifecycle Management with Oracle Database 10g Release 2 and NetApp SnapLock

WHITE PAPER PAPERWISE DOCUMENT MANAGEMENT COMPLIANCE WITH SEC 17A-4

Challenges in Storage Systems: A NetApp perspective

HP NonStop Volume Level Encryption with DataFort

Sarbanes-Oxley Act (SOX)

Oracle Database Vault

IT Certification Exams Provider! Weofferfreeupdateserviceforoneyear! h ps://

Compliance and Privileged Password Management

Get More Out of Storage with Data Domain Deduplication Storage Systems

SARBANES-OXLEY (SOX) ACT

IBM System Storage N3000 Express series Modular Disk Storage Systems

Dynamic Storage Using IBM System Storage N series

HP Storage Software Solutions

SQL Compliance Whitepaper HOW COMPLIANCE IMPACTS BACKUP STRATEGY

Balakrishnan Nair. Senior Technology Consultant Back Up & Recovery Systems South Gulf. Copyright 2011 EMC Corporation. All rights reserved.

IBM System Storage Data Protection and Security Chen Chee Khye ATS Storage

EMC Data Domain for Archiving Are You Kidding?

Content Addressed Storage (CAS)

Archive and Compliance Management Guide For 7-Mode

Tape Sucks for Long-Term Retention Time to Move to the Cloud. How Cloud is Transforming Legacy Data Strategies

Information Lifecycle Management for Business Data. An Oracle White Paper September 2005

File System Archival with Symantec Enterprise Vault and NetApp Storage Solution

Complete document security

Rethink Storage: The Next Generation Of Scale- Out NAS

Optim. Optim Solutions for Data Governance. R. Kudžma Information management technical sales

Secure Messaging is far more than traditional encryption.

NetApp Solutions for Oracle

EMC DATA DOMAIN PRODUCT OvERvIEW

IBM IBM Storage Sales Version 8. Practice Test. Version QQ:

HIPAA Technical Safeguards and (a)(7)(ii) Administrative Safeguards

SECURITY & PRIVACY DOCUMENTATION

Archive 7.0 for File Systems and NAS

Oracle Backup and Recovery with NetApp Storage. Klaus Wagner Solution Architect

SAFEGUARD INFORMATION AND ENSURE AVAILABILITY WITH THE NETAPP BACKUP AND RECOVERY SOLUTION

Database Centric Information Security. Speaker Name / Title

Delivering Real Business Value While Driving Down IT Cost with Virtual Tape

Policy. Sensitive Information. Credit Card, Social Security, Employee, and Customer Data Version 3.4

Solving the long term archiving and retrieval challenges with IBM Information Archive

Cipherpost Pro is far more than traditional encryption.

IBM N Series. Store the maximum amount of data for the lowest possible cost. Matthias Rettl Systems Engineer NetApp Austria GmbH IBM Corporation

Infinite Volumes Management Guide

Oracle Secure Backup 12.1 Technical Overview

Upgrade Strategies for Oracle E-Business: Leveraging Archiving Best Practices

Boost your data protection with NetApp + Veeam. Schahin Golshani Technical Partner Enablement Manager, MENA

Hitachi Content Archive Platform

Power of the Portfolio. Copyright 2012 EMC Corporation. All rights reserved.

Administration and Data Retention. Best Practices for Systems Management

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved.

BEST PRACTICES GUIDE FOR DATA PROTECTION WITH FILERS RUNNING FCP

Data Archiving Using Enhanced MAID

CTA and CTA/VE 10.0 SP3 Interoperability Matrix EMC Part Number = Rev.09

SATA RAID For The Enterprise? Presented at the THIC Meeting at the Sony Auditorium, 3300 Zanker Rd, San Jose CA April 19-20,2005

Update on SAM-QFS: Features, Solutions, Roadmap. Michael Selway Sr. Consultant Engineer ILM Software Sales Sun Microsystems Sun.

Data-at-Rest Encryption Addresses SAN Security Requirements

The NetBackup catalog resides on the disk of the NetBackup master server. The catalog consists of the following parts:

Provisioning with SUSE Enterprise Storage. Nyers Gábor Trainer &

Cost savings of disk-based backup using a Dell PowerVault DL Backup to Disk Appliance powered by Symantec Backup Exec 2010 R2 vs.

Gramm Leach Bliley Act 15 U.S.C GLBA/HIPAA Information Security Program Committee GLBA, Safeguards Rule Training, Rev.

NETAPP - Accelerated NCDA Boot Camp Data ONTAP 7-Mode

Availability for the Modern Data Center on FlexPod Introduction NetApp, Inc. All rights reserved. NetApp Proprietary Limited Use Only

Don t just manage your documents. Mobilize them!

Xcellis Technical Overview: A deep dive into the latest hardware designed for StorNext 5

NAS When, Why and How?

Meeting Today s Enterprise Storage Challenges: A Better Backup and Recovery Solution

Optimizing and Managing File Storage in Windows Environments

EMC DATA DOMAIN OPERATING SYSTEM

Information Infrastructure Forum

Effizientes Speichern von Cold-Data

Cloud-enable your NetApp Storage with EgnytePlus File Sharing Infrastructure

Storage Made Easy. SoftLayer

Overview of Archiving. Cloud & IT Services for your Company. EagleMercury Archiving

Enabling Information Lifecycle Management Today

Aspects of Information Lifecycle Management

Copyright 2010 EMC Corporation. Do not Copy - All Rights Reserved.

WHITE PAPER. Iron Mountain Delivers File Archiving Service. By Brian Babineau With Lauren Whitehouse. February, 2009

Oracle Audit Vault. Trust-but-Verify for Enterprise Databases. Tammy Bednar Sr. Principal Product Manager Oracle Database Security

DELL EMC DATA DOMAIN EXTENDED RETENTION SOFTWARE

COMPREHENSIVE RETENTION COMPLIANCE: HOW KEEPITSAFE ONLINE BACKUP CAN HELP YOUR BUSINESS

DataONTAP8.1Archiveand Compliance Management Guide For 7-Mode

Veritas Scalable File Server (SFS) Solution Brief for Energy (Oil and Gas) Industry

MySQL Enterprise Security

HP StorageWorks LTO-5 Ultrium tape portfolio

Data Security: Public Contracts and the Cloud

HIPAA Compliance & Privacy What You Need to Know Now

NetApp Data Compression and Deduplication Deployment and Implementation Guide

product overview CRASH

Storage Security Best Practices Martin Borrett, Lead Security Architect NE Europe, WW Tivoli Tiger Team IBM Corporation

Symantec Reference Architecture for Business Critical Virtualization

White paper. Usage Trends for Flash Storage with Epic

Symantec Backup Exec Blueprints

IBM Internet Security Systems October Market Intelligence Brief

GlobalSearch Security Definition Guide

Quest DR Series Disk Backup Appliances

Transcription:

Storage for Compliance Applications Karthik Kannan Network Appliance 495 E Java Drive, Sunnyvale CA 94089-1125 Phone: +1-408-822 6000 E-mail: kkannan@netapp.com Presented at the THIC Meeting at the Sony Auditorium, 3300 Zanker Rd, San Jose CA 95134 April 19-20,2005 9/5/2004 1

Agenda Compliance challenges and trends Regulatory requirements for storage SnapLock TM introduction SnapLock differentiators SnapLock summary 9/5/2004 2

Agenda Compliance challenges and trends Regulatory requirements for storage SnapLock TM introduction SnapLock differentiators SnapLock summary 9/5/2004 3

Many Regulations, Diverse Requirements SEC 17a-4 Sarbanes-Oxley GoBS SB 1386 Basel II Check 21 Graham-Leach-Bliley Act Patriot Act HIPAA Many regulations affect business operations Some have specific storage requirements Others leverage storage infrastructure 9/5/2004 4

Regulated Data Growth Exploding More data under regulatory purview Structured Data Semistructured Data Unstructured Data Long retention times Sarbanes-Oxley: Audit Correspondence Audit + 7 Years SEC 17a-4: E-mail, Financial Records 3 Years Trading Records End of Account + 6 Years HIPAA: Hospital Records 5 Years Medical Records Life of Patient + 2 Years 0 5 10 20 25 30 35 40 45 50 60 70 Minimum Compliance Retention Period (Years) 9/5/2004 5

Trends Driving Regulatory Solutions Costs of noncompliance are high High fines Damage to company reputation Need rapid information access and retrieval Fines for slow recovery Need quick response in legal discovery Retrieving data from offline storage is expensive 9/5/2004 6

Trends Driving Regulatory Solutions Disk Prices Falling; Drive Reliability Increasing $10 $ per Gigabyte Tape Disk $10/GB $0 1992 2003 Specified Mean Time between Failures 1,500 Enterprise K Hours 500 Desktop 0 1991 2001 Result: Compliance Storage Moving to Higher- Capacity, Reliable, Lower-Cost WORM Disks 9/5/2004 7

New Options: Disk and Tape Pricing Trends Cost ($/GB) $10,000 $1,000 $100 $10 $1 $0 Tape IDE/ATA Disk 1993 1995 1997 1999 2001 2003 2005 Chart source: Seagate Technologies. Prices are for drive/tape media cost only. Does not include library, robotics, shelf, carrier, compression, RAID, or software costs, nor operational and management costs. Disk costs near tape costs Disk TCO lower than tape TCO 2004 capacities* ATA 320GB LTO-2 200GB 3590H1A 20GB 9940A 60GB 9940B 100GB 2006 (expected)* ATA >1TB LTO-3 400GB 9940B 200GB *Native capacities for one disk or one tape without compression 9/5/2004 8

Agenda Compliance challenges and trends Regulatory requirements for storage SnapLock TM introduction SnapLock differentiators SnapLock summary 9/5/2004 9

Regulatory Requirements Are Diverse SEC 17a-4(f)(2)(ii)(B): Verifies automatically the quality and accuracy of the storage media recording process. SEC 17a-4(f)(2)(ii)(A): Preserves the records exclusively in a nonrewritable, nonerasable format. GLBA 501(b)1: insure the security and Confidentiality of customer records and information. GLBA 501(b)2: Protect against any anticipated threats or hazards to the security or integrity of such records. HIPAA 164.306(a)1: Ensure the confidentiality, integrity, and availability of all EPHI the CE [covered entity] creates, receives, maintains, or transmits. HIPAA 164.312(c)2: implement electronic mechanisms to corroborate that EPHI has not been altered or destroyed in an unauthorized manner. SoX 1520(a)(1): shall maintain all audit or review work papers for a period of five years (revised to seven years). 21CFR 11.10(a): Validation of systems to ensure and the ability to discern invalid or altered reports. 9/5/2004 10

Compliance Drivers and Requirements Market Drivers Litigation protection regulations: SEC 17a-4 Sarbanes-Oxley NASD 3010/3110 DOD 5015.2 SB 1386 Graham-Leach- Bliley HIPAA Basel II Check 21 GoBS Patriot Act 21 CFR Part 11 UK Data Protection Act Compliance Requirements Data permanence: Immutable storage Data authenticity Data integrity Data replication Privacy and security: Authorization Access controls Encryption Auditing Secure deletion Most Companies Are Subjected to Multiple Regulations 9/5/2004 11

Agenda Compliance challenges and trends Regulatory requirements for storage SnapLock TM introduction SnapLock differentiators SnapLock partners and customers SnapLock summary 9/5/2004 12

Data Permanence Solution: SnapLock Nonerasable, nonrewritable magnetic disk storage (WORM) Add-on software license Enabled at a volume level Fine-grained management File-level retention policies Reclaim space with file expiration Tamperproof ComplianceClock Open protocol interfaces Data access via CIFS and NFS Easy application integration without closed, proprietary APIs High performance implemented on industry's fastest NAS platforms 9/5/2004 13

SnapLock TM Implementation LAN LAN or or WAN WAN Data ONTAP TM Operating System CIFS Windows NFS UNIX, Linux WAFL File System Disk Management (RAID) Other Protocols Volume #1 Regular Volume #2 SnapLock SnapLock is tightly integrated into Data ONTAP Enforcement takes place from the file system to RAID layers independent of protocol 9/5/2004 14

SnapLock TM : Simplicity Application Basic Data Storage Primary Storage CIFS or NFS Protocol WORM Volumes Archival Application Access Data and Move to WORM Storage Filer Create a SnapLock compliance (WORM) volume Archive files to SnapLock volume via CIFS/NFS Set each file s expiration date You can always extend the retention period, but can never shorten it Mark files read only Prevents any and all alterations, overwrites, or deletions until file expiration NearStore 9/5/2004 15

Complementary DATA ONTAP TM Features: Data Integrity Protection before data written to disk NVRAM holds data until written to disk Automatic error scanning Block-level checksums Immediate write verification Media scans Self-healing RAID for media errors or single-disk failure RAID-DP for double-disk failure RAID scrubs 9/5/2004 16

Complementary Data ONTAP TM Features: Security and Confidentiality Confidentiality IPSec protocol SSH/SSL-encrypted management interface Authentication Kerberos, LDAP authentication Authorization Active directory; cross-platform ACLs LUN masking, hard zoning, port binding MultiStore TM Auditing Syslog, CIFS access logging Shredding Volume sanitization, cryptoshredding 9/5/2004 17

Regulated versus Enterprise Records Retention SnapLock Compliance Strict SnapLock Trust nobody Permanently nonerasable, nonrewritable disk storage (WORM) Until file expiration Safe from any keyboard attack Complies w/ SEC regulations Meets SEC 17a-4 requirements Easy WORM-to-WORM replication SnapLock Enterprise Flexible SnapLock Trust administrator Revision-safe, long-term storage solution Virus and application bugproof Enables best practices business records retention Partial storage admin control Admin can destroy volume to reclaim space Cannot modify/delete individual records 9/5/2004 18

Agenda Compliance challenges and trends Regulatory requirements for storage SnapLock TM introduction SnapLock differentiators SnapLock summary 9/5/2004 19

Unified Architecture, Open Protocols One architecture, one management interface: Full interoperability Reduced training Higher productivity Archive Reference Remote Office Back Office Operational Business-Critical Open protocols: Easy integration No vendor lock-in 10x to 100x faster than API solutions Start small and scale with need: 0.5TB to 96TB on a single system 9/5/2004 20

NetApp Delivers Total Enterprise Compliance Total Enterprise Compliance Remote Site FAS Primary Storage Windows Primary Site UNIX NetApp Cluster NetApp gfilers Windows E-mail Server ERP/ECM Server DR Site DR Site LockVault LockVault Data Privacy Compliance NearStore Compliant Efficient Backups Archival Application SnapMirror Compliance Journal SnapLock NearStore SnapMirror Unified Backup and Compliance Policy-Driven Compliance 9/5/2004 21

Agenda Compliance challenges and trends Regulatory requirements for storage SnapLock TM introduction SnapLock differentiators SnapLock summary 9/5/2004 22

Media and Analyst Opinions NetApp is offering its customers a flexible way to deploy WORM functionality into existing environments across different tiers of storage. Peter Gerr Enterprise Strategy Group 9/5/2004 23

Media and Analyst Opinions The SnapLock software is particularly impressive given the sensitive nature of archived documents, especially in light of recent regulatory and financial scandals. The idea that a backup onto a file server can be nearly as well protected as backups to a secure off-site or optical vault is impressive. Once [the] data sources are defined and have been successfully backed up to the R150 once, the system is close to install and forget, doing its work with minimal administration. The benefit is that a company won't need to hire additional administrators to run a NearStore R150 system. Alan Zeichick InfoWorld 9/5/2004 24

Media and Analyst Opinions The market has quickly shifted though from purpose-built systems to software that is disaggregated from hardware. Network Appliance SnapLock set the precedent for that." Peter Gerr Enterprise Strategy Group www.nwfusion.com/news/2004/0503archivas.html 9/5/2004 25

Media and Analyst Opinions Unveiled in April, SnapLock provides online archival and long-term protection of data. Using a feature called WORM write once, read many the software marks the files as read only, thereby preventing them from being altered. Marilyn Much Investor s Business Daily 9/5/2004 26

SnapLock TM Customers Over 4 PB of compliance storage Over 250 customers Customers span multiple industries Deployed worldwide Used to comply with SEC 17a-4, GoBS, GLBA, HIPAA, SoX, etc. Independently audited for compliance E.g., Cohasset SEC 17a-4 4 report *, GoBS certification *www.netapp.com/ftp/cohassetreport_snaplock.pdf. 9/5/2004 27

Thank you.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback