Earlier this month Sun upgraded its compliance offering by introducing the Sun Compliance and Content Management Solution (SCCMS) that bundles compliance software for electronic records from AXS-One with Sun's own hardware, Solaris O/S and services. So is this just a 'me too' compliance product bundle from Sun and AXS-One? In the light of European IT managers' attitudes to compliance we talked to Mark Donkersley, group managing director, for AXS-One.
Q: What's actually new to customers about this?
A: The combined Sun Microsystems and AXS-One package is new, although the component parts of the system have been around for some years. Both companies have undertaken considerable benchmarking and interoperability testing so that Sun customers are provided with a turnkey, end-to-end compliance solution which includes servers, storage, applications (from AXS-One) and services. The key point is that all the component parts of the new compliance solution have been tested and optimised to work out of the box. So, time to implement and 'go live' is much shorter for the customer with obvious commercial benefits. Similarly, as Sun is selling and supporting the whole solution, the customer has one point of contact which facilitates easier management.
Q: Why is it better than the competing products?
A: Quite simply, there isn't a competitive solution on the market which has the same level of integration, interoperability, and functionality as this offering - it's unique in this sense - plus customers benefit (as I mention above) as the solution is end-to-end and they have one point of contact with the IT supplier.
If you take EMC for example, you get EMC storage, an O/S from another vendor and the e-mail component was originally from OTG which was purchased by Legato which in turn was acquired by EMC. This causes issues from a customer perspective - multiple vendors - and there are rumours that the integration of the solution is not particularly robust anyhow. Where you have disparate products, the impact on implementation costs and time scales can be considerable.
Comment: EMC also has a Documentum compliance offering.
Q: What's the price?
A: It depends on the size of implementation, specifically the number of users and mailboxes. It could range from tens of thousands of pounds to millions."
Q: How do customers size the Sun/AXS-One product set?
A: During the testing and benchmarking process, Sun and AXS-One developed a series of recommendations for customers so that a turnkey solution could be provided based on the number of email accounts and the volume of email traffic.
Q: Why shouldn't customers just opt out of regulatory compliance and avoid the expense of using this system?
A: Frankly, opting out of compliance is no longer an option for companies in the wake of scandals such as Enron and new legislation like Sarbanes Oxley. Historically, some companies may have been tempted to just pay a fine rather than incur the cost of implementing a compliant email/records management system. Regulators simply won't allow this today - the onus is on the company director to be responsible for corporate information. If they aren't, then fines or jail terms can be severe. Equally, the courts now take the view that companies have had enough time (and there is technology available to help them) to deal with the impact of compliance legislation. Finally, financial institutions are increasingly viewing companies who are fined as crooks and therefore won't work with them.
Comment: In the light of European companies considering delisting from US exchanges to avoid the expense, reckoned to be up to c£5 million anually, and hassle of US regulatory regimes it seems clear that opting out of US compliance is a possible option for such companies.
Mark Donkersley responded; "At the end of the day what is the worth of a listing in North America to the company involved? If it brings in less than the compliance costs then don't do it." He added, "It's simplistic to view it in black and white." Companies shouldn't have to be forced by Sarbanes-Oxley and other regulations into doing something that was worth doing anyway in terms of better corporate governance.
Q: Is there any other way of selling this other than threatening CEOs with fines and/or jail if they don't have a compliance solution?
A: The simple answer is yes. Solutions like the Sun/AXS-One offering not only enable customers to be compliant, but there are significant benefits in terms of improving business performance through better corporate governance and transparency of information. You also get Information Lifecycle Management benefits. But while some storage vendors view ILM as simply how to shift data from one area to another to reduce cost, we view it differently. ILM is all about the management of corporate information from capture to destruction based on the value of the content, and not just when it was last viewed. The key point is about management access, searching and retrieval which is where we score highly.
Q: What are the data protection facilities?
A: The challenge with data protection laws is that it varies depending on where you are. In the UK for example, you need to have due cause/reason to view another persons email, only accredited individuals can view other people's email, and this type of action must be audited. The AXS-One solution provides this capability - access to email limited by user/job description - plus robust and feature rich audit capabilities to meet regulatory requirements.
Q: What operating systems are supported - for the AXS One SW to run on and as source servers/PCs for e-mails, etc?
A: The Sun/AXS-One solution supports UNIX, Windows and a mixed environment which is a key competitive differentiator.