IBM Debuts Compliance-In-A-Box Device

IBM on Thursday unveiled a compliance-in-a-box device targeting businesses and government agencies that need to preserve data required by the growing number of new laws and regulations.

The TotalStorage Data Retention 450 bundles hardware -- a server and associated storage -- and data retention software in a single, secure rack cabinet, said IBM. It is aimed at companies that must comply with laws such as Sarbanes-Oxley, the Health Insurance Portability and Accountability Act (HIPAA), and the SEC's Regulation 17a-4, all of which force organizations to better account for their data and prove that it's not been altered.

Powered by an IBM eServer p615 using one or two Power 4+ processors and running the AIX operating system, the all-in-one device can be equipped with a wide variety of storage devices -- more than 600, according to IBM -- including less expensive tape storage hardware. It can be configured with as little as 3.5 terabytes of storage capacity or as much as 56 terabytes in one or two FAStT600 servers.

The heart of the Data Retention 450 is its data policy and retention software, Tivoli Storage Manager for Data Retention. Tivoli can verify that data is written correctly, ensure that no modifications are made to the information once it's stored -- a critical requirement of compliance laws and regulations -- and uses policies to automatically store data for the required amount of time or until a defined event occurs. During an audit, for instance, Tivoli will refuse to allow deletion of data for an indefinite period -- even if other policies say it can be dumped -- and release it only when the investigation or litigation ends.

IBM isn't the only vendor fighting for market share in the compliance space. In fact, analysts see the Data Retention 450 as a direct response on EMC's similar Centera Compliance Edition, which debuted in April 2003.