Compliance is no more a buzz word for business around the world. It is a requirement globally and especially in the United States. Companies are concerned about being non-compliant with the many laws and react by creating an independent organization rather than making compliance part of the overall business and its work culture. This new organization makes compliance the primary driver which often diminishes the company’s productivity and causes considerable frustration throughout the organization. Companies need a better management model that includes compliance as a part of doing business.
As the network touches all aspects of the company, it is a good place to start the approach to compliance. Besides, understanding network compliance, today one requires an understanding of both how Information technology (IT) has grown and how compliance has changed.
IT grew in response to an immediate demand by business for more, better, and faster information using the devices and tools available at the time. While this growth made business more efficient, the growth process often resulted in an inefficient “patchwork” of disparate devices. Networking made use of the devices that were not originally intended for communicating. This growth of IT over time made gathering coherent information very challenging.
This growth of IT also fundamentally changed the way business was conducted. The scale, speed, and scope by which information was processed resulted in new services and new capabilities that would have been unimaginable some 20 years ago. New services and capabilities have expanded IT to affect virtually everything from healthcare and finances to the way corporations are organized. Consumers now have remarkable access to information and organizations strive to make their operations increasingly transparent.
This innovative growth resulted in new threats to corporate and customer information. In response to these threats, a myriad of international, federal, state, local, and industry regulations were designed to help ensure security and privacy of data and resources.In the beginning, businesses approached compliance by considering only regulations that applied to their industry and by limiting their view to a device or a network segment. Today, the complexity of both the constantly changing network and the ever expanding sets of regulations make any limited approach to compliance inoperable. The only unifying factor in this complex picture is the network itself. Only an overarching view of the entire network will serve to provide compliance today. Getting this holistic view of the network can be extremely challenging.
Networks span a variety of locations and sites. Regulations require not only compliance for a business’ own infrastructure but for those of business partners as well. On top of that, the network and the regulations are often changing independently of each other. These changing events make today’s compliant technology quickly outdated.