[FoRK] deepfile goes into corporate compliance as StoredIQ

Ken Meltsner meltsner at gmail.com
Tue Mar 8 17:22:17 PST 2005


I have to wonder which bar in Austin deserves credit for deepfile's
new corporate-friendly name, StoredIQ.

The product description is a bit underwhelming as well, but it
certainly sounds useful.

"StoredIQ 3.0 is the first content-driven compliance and security platform that:

    * Scans the internal content of files and e-mails.
    * Classifies them based on business rules
    * Enforces user defined automated policies

The result is risk mitigation by:

    * Ensuring adherence to corporate and regulatory compliance guidelines
    * Protecting information security."

If I were the marketing folks, I'd reverse the order of the two
bulleted sections, perhaps something like this:

<rant>
If your organization has been dragging its heels coming to terms with
the new laws that are about to crush your IT department, hoping that a
big health care kereitsu will get the Bush administration to give them
a year or two before they're really, absolutely needed, you're in
luck.

*  Quantify your legal exposure by finding out what actually out on
your old Novell servers and squirreled away on network-attached
storage

*  Classify the documents based on a deep understanding of documents
(Q:  Who writes the business rules?  How do you validate them?)

*  (The easy part) Enforce policies based on the results of the
previous steps....

</rant>

The scanning part is easy.  Running the business rules is easy.
"Enforcing" the business rules: straightforward.   Figuring out what
the documents have in them: really hard.

It's interesting to me that most of the proposed solutions are roughly
at the level of CLIPS + Unix find.  And despite the promised white
paper, not a lot of detail on the really hard part....

Ken
-- 
Absolute power corrupts absolutely, but model train sets do a pretty
good job as well

-- 2/28/05, in a odd dream


More information about the FoRK mailing list