Welcome!

Web 2.0 Authors: Jason Bloomberg, Yeshim Deniz, Roger Strukhoff, Pat Romanski, JP Morgenthal

Related Topics: GovIT, SOA & WOA, Virtualization, Search, Web 2.0, Cloud Expo, Security

GovIT: Blog Feed Post

Cloud Archiving and Compliance

Clients like governments and the finance industry have extensive requirements for archiving and e-discovery

Our Cloud Archiving and Compliance best practices will define a maturity model for this hugely important segment within the industry.

It will also produce a best practices white paper, tailored to meet the needs of the NIST Business Use Case that defines the specific requirements for this functionality,  the FAA E-Discovery scenario (11-page PDF).

It will also describe a response to the general best practices defined in the recent CIO.gov document: Best practices for ITaaS, which also describes eDiscovery requirements. Download the 44-page PDF here.

Cloud Archiving Managed Services
This is such a hugely important area for Cloud Providers to develop new services because of the double impact it represents.

First there is the simple facet of the business opportunity. Clients like governments and the finance industry have extensive requirements for archiving and e-discovery.

Secondly and the accelerating factor is that the biggest hold up to Cloud adoption is the lack of maturity in this area. Typically the fears all centre on issues like data residency, where is the data hosted, and what protections are in place to ensure this data is not tampered with and so on.

These are requirements that archiving solutions deal with straight off the bat.

The Gartner Magic Quadrant places vendors like HP (Autonomy), IBM and Symantec as the leaders in this space, but this is a focus on the overall broad category of enterprise archiving, meaning it includes traditional on-site systems too.

Where the real challenge and opportunity is presented is how these types of capabilities can be absorbed into Cloud hosting environments, challenges that are well described in this white paper from another of the vendors Proofpoint: Cloud Computing and eDiscovery.

They describe critical points like:

Cloud computing makes IT operations fast and nimble, but it doesn’t necessarily make ESI easier to discover or legal holds easier to enforce. On the contrary, cloud computing can make legal holds and ESI searches more complex, time-consuming, and difficult. The vast majority of cloud providers would be unable to satisfy the stringent security, privacy, and data access requirements of corporate counsel and other stakeholders responsible for managing legal risk exposure.

They are exactly right on this, which is a blunt explanation of why Cloud adoption is still very low despite the huge hype. There`s your answer.

Also Proofpoint describe the solution, and the associated opportunity for Cloud Providers:

Enterprise IT departments need guidance for deploying eDiscovery applications and for crafting Service Level Agreements (SLAs) with cloud service providers, so that new cloud computing initiatives don’t undermine the enterprise’s investments in eDiscovery.

If Cloud Providers do this they will not only open up a specific product segment, Cloud Archiving, but they will also alleviate Cloud adoption fears in general and open the floodgates for broader adoption of all Cloud apps.

This is why, in my opinion, Cloud Archiving is the single most important product area for Cloud Providers to invest in.

Cloud Archiving – Service specifications

For a taste of these market opportunities we can review a number of related industry initiatives.

Managing Government Records - President Obama recently declared the ‘Managing Government Records‘ initiative , to better use Cloud technologies to perform Information Management and achieve Open Government. Canada also recently announced a similar initiative, to build a ‘GC Docs’ portal that publishes all of their records.

The NIST Business Use Case details the required service specifications, begun with this high level introduction and overview:

“The Federal Aviation Administration (FAA) is examining how to implement cloud-based e-discovery and Freedom of Information Act (FOIA) processes for email. The system must be able to perform discovery in both its in-house email implementation (Lotus Notes) but also in cloud-based email systems. The system will also be used to manage content for compliance purposes, and will serve as an archive of FAA messaging content.

The long-run goal is to support four primary functions: e-discovery, electronic records management, FOIA, and privacy. These four processes have similar needs and capabilities, including searching business applications, document repositories, email (including calendar, contacts, tasks, etc.) and instant messages, and distributed storage (both internal and external) for electronically stored information (ESI) meeting defined criteria.

The focus of this business use case is the processes and systems required to respond to e-discovery and FOIA requests as they pertain to email message data and other supporting data such as calendar entries, tasks, attachments, etc. that are produced and processed by the FAA’s traditional and cloud email messaging systems.”

Our Cloud Archiving best practices program will detail how Cloud Providers can develop products in this area to meet these requirements and opportunities.

Read the original blog entry...

More Stories By Cloud Ventures

The Cloud Ventures Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net