Data Assessment Service Targets E-discovery, Compliance

This week StoredIQ launched a new data assessment service, which is intended to help organizations get visibility into the unstructured information floating around the corporate network.Organizations can use this assessment to get a better understanding of where unstructured data resides on the network and what types of content are out there. This information can be used to assess an organization's e-discovery readiness, to help launch or enforce retention/disposition policies, or find caches of sensitive information that may be subject to PCI or compliance rules.

A service engineer comes onsite with a StoredIQ appliance that can connect to various content sources, including production and archive e-mail stores, ECM platforms, disk and tape storage systems, and PCs. The StoredIQ software indexes and categorizes the data. Then a variety of pre-built and custom reports are delivered as part of the service.

As with DLP products that seek out sensitive content such as credit card and social security numbers, this service operates under the premise that organizations can't manage what they don't know about.

This is a sensible premise. Companies may have an accurate picture of the volume of data sitting on file shares, user laptops, NAS filers and archives, but they don't always have a clear idea of what it is, what value it has to the enterprise, and whether they can get rid of it, move it to a lower-cost storage tier, or pack it off to a well-policed repository to meet regulatory requirements.

This service is available as the first step of a larger strategy to better manage corporate information. Note, however, that it's also a "rent-to-own" ploy by StoredIQ. By taking the service approach, organizations can make a limited investment of their own money and time (because StoredIQ sets up and installs the appliance) to see if they want to make this product a part of a long-term data management strategy. If they don't, StoredIQ takes its appliance and goes home. If they do, StoredIQ applies 50 percent of the service cost to the purchase price of the appliance.

The question for enterprises is what kind of data management issues they need to address. If they are most concerned about personally identifiable information and highly-targeted data such as credit card numbers, a DLP product may be a better approach. As our review of these products shows, many vendors have strong auditing capabilities to help organizations uncover such data residing in places they didn't expect.

While StoredIQ says it has the same capabilities, the flip-side of DLP technology is the ability to limit the risk that such data will slip out of the enterprise. StoredIQ and other vendors in its category, such as EMC Kazeon and Recommind, can't help you there.

However, if your business is more concerned about litigation and e-discovery, or compliance-centric retention and disposition, StoredIQ and its ilk are more appropriate tools. StoredIQ, EMC Kazeon, Recommind and others can help you find and preserve data such as e-mails and Office documents that are relevant to ongoing or potential litigation, and help identify information that falls under retention requirements.

The StoredIQ assessment service starts at $15,000. Pricing is based on the service options and data volumes.