Home > Storage > PowerScale (Isilon) > Product Documentation > Security and Compliance > Dell PowerScale: SmartLock Best Practices > Enterprise mode
Enterprise mode permits storing data in enterprise directories in a nonrewritable, nonerasable format, protecting data from deletion or modification.
You can create enterprise directories in both Enterprise and Compliance modes. If a file in an Enterprise directory is committed to a WORM state, it is protected from accidental deletion or modification until the retention period has expired.
In Enterprise mode, you may also create regular directories. Regular directories are not subjected to retention requirements.
A cluster operating in SmartLock Enterprise mode provides advanced security capabilities while retaining superuser root access and full administrative control. In most situations, Enterprise mode offers security capabilities that are more than adequate for most users.
You can designate any empty directory under the OneFS file system as a SmartLock directory. Starting in OneFS 8.0, a directory does not have to be empty before you designate it as an Enterprise SmartLock directory through the DomainMark job. You can perform this process using the command line only. For example, you can designate a nonempty directory as an Enterprise SmartLock directory with the following command:
# isi job jobs start DomainMark --root <path> --dm-type Worm
Also, you can delete the WORM domain using the following command, and remove the SmartLock directory using the rm command.
# isi job start DomainMark --delete --root /ifs/syncdir/wormdir --dm-type Worm
You can mix SmartLock and normal directories on the same cluster. Once a directory is designated as a SmartLock directory, it is ready to protect files that are placed there. SmartLock protects any subdirectories in a SmartLock directory automatically, and they inherit all settings of the parent directory.
Note: In OneFS 8.0, a directory must be empty if it will be designated as a Compliance SmartLock directory.