Regulatory Compliance Remains Hot Through 2007

At first glance, end users generally don't see regulatory compliance as their top security priority.

In fact, according to the 2006 VARBusiness Market Insight Report, a survey of more than 600 midmarket and enterprise IT decision makers, regulatory compliance didn't crack the top three highest spending priorities among companies of all sizes.

What did? The executives ranked compliance-focused spending behind investments in security infrastructure, backup and disaster recovery, and networking infrastructure.

However, regulatory compliance lagged only slightly behind the more pressing options, suggesting the sheer volume of new compliance requirements is touching companies of all sizes in multiple vertical markets. Likewise, the priorities in front of regulatory compliance—security infrastructure and disaster recovery (Nos. 1 and 2, respectively, on both the midmarket and enterprise list)—are a part of the fabric of ensuring businesses meet and maintain compliance.

"Compliance is probably the hottest thing on anyone's plate right now," says Doug Thompson, vice president of key alliance partnerships for MSI Systems Integrators of Omaha, Neb. (No. 153 on the VARBusiness 500). "After 9/11, people needed to be given a certain amount of time to swallow all the new requirements, but the tools that are available now make it easier to tailor compliance solutions to customers' needs."

Solution providers say compliance can be a tough sell to companies that haven't yet experienced any related setbacks.

"It's a question of whether the customer has awareness of the issue and whether they're willing to accept that they need to spend proactively on it," says Scott Holcomb, president of Houston-based Holcomb Enterprises (No. 387 on the VARBusiness 500). "If not, it becomes a crisis management issue once something goes wrong."

New compliance-related technologies are arriving in the marketplace almost as often as new regulations. Just last week, for example, Cisco Systems, as well as Edentify with Bankcars, released new compliance tools.

Cisco's PACE (Proactive Automation of Change Execution) configuration management suite is designed to help companies ensure that every device on their networks stays compliant. PACE comprises four products and three consulting services.

Meanwhile, Edentify, a developer of identity management tools, announced a joint development and marketing partnership with Bankcars combining Edentify's IDScreen risk management technology with Bankcars' Closed Account Reporting System. The new solution will enable financial institutions to verify applicant identities in real time and reduce the possibility of Bankcars' clients accepting customers with fake identities.

Financial institutions can use the Edentify/Bankcars tool to validate an applicant's identity and gauge the level of risk associated with it. It can also conduct background checks and maintain compliance with legislation such as the U.S. Patriot Act.

With security concerns of all kinds dominating solution providers' daily operations, the compliance question figures into almost every transaction, solution providers said. By staying op top of new developments--both technological and regulatory--VARs should be able to head off problems before they occur.

Read more articles based on findings from the VARBusiness Market Insight Report.