Compliance tools unveiled to meet US government legislation

With a number of US laws mandating corporate adherence to reporting guidelines, suppliers across such diverse segments as ERP,...

With a number of US laws mandating corporate adherence to reporting guidelines, suppliers across such diverse segments as ERP, search, document management and security are flooding the market with compliance toolsets.

PSS Systems this week will introduce compliance software designed to apply and enforce policies on distributed documents. This week, IBM and Symantec unveiled infrastructure- and security-focused compliance offerings.

An organisation's needs will vary widely depending on how various regulations apply, but the key technologies involve workflows, internal control software, records management software, and CRM or compliant management software, said Erica Rugullies, an analyst at Forrester Research.

"There are a ton of small suppliers offering point products that can help with compliance," she said.

"There may be a place for those products, but to avoid a huge number of point tools, IT organisations should first look at what they have. Many companies already have the building blocks for compliance within their IT organisation."

The PSS1 system includes software that automatically applies policies to distributed documents and enforces the policies without involving end-users, according to Gary Kinghorn, director of marketing.

The PSS1 central server, called Policy Authority, is the main hub for centralised policy definition, such as user and group definitions, and document classifications.

"Content management, server, and storage [products] are all based on a repository," Kinghorn said. "They say, 'You put your stuff here and we will control it.' But anything that comes out of the product is unmanaged."

IBM has also unveiled a compliance strategy which packages a set of infrastructure products with services.

The nine hardware, software and services offerings include IBM Email Archive and Records Management Service, IBM DB2 Content Manager for Data Retention Compliance, IBM Lotus Workplace for Business Controls and Reporting, and IBM Tivoli Storage Manager for Data Retention.

"IBM customers need a technology provider and software provider but also a business adviser to make it all come together. The glue that pulls [the packaged offerings] together is the business service consulting," said Steve McLaurin, a partner at IBM Business Consulting Services.

Security supplier Symantec has rolled out the Enterprise Security Manager 6.0, which can perform more than 2,000 security and vulnerability checks on business applications and platforms to ensure that systems are compliant.

Cathleen Moore writes for InfoWorld

Read more on IT strategy