Remote offices: The Achilles' heel of regulatory compliance

Computerworld - Companies spend millions of dollars each year to ensure that they comply with internal and external data retention and recovery regulations.
Whether it's the U.S. Securities and Exchange Commission, the Health Insurance Portability and Accountability Act, the Food and Drug Administration or corporate policy, employees are trained, processes are put into place, and solutions are deployed. All for what? Many customers claim that less than 50% of data stored outside the data center can be recovered in a timely manner when needed. The reasons range from technical glitches in the backup, bad tapes, lost or misplaced tapes, poor training or improperly followed procedures. With a greater emphasis placed on corporate compliance recently, this is unacceptable. While huge inroads are being made in ensuring that the data center is compliant, backing up data reliably in remote offices remains the Achilles' heel of enterprisewide compliance strategies.
Many IT architects would prefer to centralize their backup so that their data is housed in a secure data center where it's much more likely to be recovered. However, if companies try to do backup from their remote offices over the wide-area network, low bandwidth and high latency all too often conspire to prevent the backup cycle from being completed within the available window. The result is most companies don't consider this a realistic option.
The decentralized workplace
The corporate workplace gets more decentralized every year. Globalization has induced companies to deploy people all over the world, and as a result, their IT networks span the globe. To support a distributed workforce, data centers are connected over a WAN to dozens, hundreds and, in some cases, thousands of remote sites around the world.
According to In-Stat/MDR, 58% of U.S. employees work in locations outside their corporate headquarters (in almost 2 million remote offices). This shift toward decentralized facilities has drawn a significant amount of IT infrastructure out of data centers and into remote branch offices, engineering offices and other sites. Since these smaller offices often don't have dedicated IT staffs, management of the backup process is often done remotely, or more often, by a non-IT employee. Backing up and protecting remote office data has proved to be a nightmare for IT managers and continues to haunt the executives who are ultimately responsible for their companies' compliance strategy.
Data compliance in remote offices
Besides their own internal compliance policies, the Sarbanes-Oxley Act of 2002 is an example of federal regulations that most companies are concerned with. The act, regulated by the SEC, requires companies to securely store