To meet corporate and industry compliance requirements (SEC Rule 17a-4(f)) for storage of data, ECS implemented the following:
- Platform hardening - Hardening addresses security vulnerabilities in ECS such as platform lockdown to disable access to nodes or cluster, all non-essential ports (for example, ftpd, sshd) are closed, full audit logging for sudo commands and support for SRS (Dell Secure Remote services) to shut down remote access to nodes.
- Compliance reporting - A system agent reports system’s compliance status such as Good indicating compliance or Bad indicating non-compliance.
- Policy-based record retention and rules - Ability to limit changes to records or data under retention using policies, time-period and rules.
- Advanced Retention Management (ARM) - To meet Centera compliance requirements a set of retention rules were defined for CAS only.
- Event based retention - Enables retention periods that start when specified event occurs.
- Litigation hold - Enables temporary deletion prevention of data subject to legal action.
- Min/max governor - Per bucket setting for minimum and maximum default retention period.
Compliance is enabled at the namespace level. Retention periods are configured at the bucket level. Compliance requirements certify the platform, and it is because of this that; the compliance feature is only available for ECS running on appliance hardware. For information about enabling and configuring compliance in ECS, see the current ECS Data Access Guide and the most recent ECS Administrator’s Guide.