Regulatory compliance is no longer a simple afterthought for public companies – it is now a business-critical requirement that extends to the management of corporate networks. 

In fact, according to a recent Gartner study, an estimated 10% to 15% of corporate IT budgets are now being directed to managing Sarbanes-Oxley Act (SOX) compliance needs alone. These percentages are not surprising, given that SARBOX requires ongoing diligence in the areas of data accessibility and network change management, with stipulations that all network changes, authorized or unauthorized, must be tracked and auditable. Furthermore, should a company or individual breach the regulations, fines of up to $25 million and 5 years in prison can be levied against the organization and its executives.

Tracking changes and updates to an enterprise’s IP address space is cumbersome; existing spreadsheets and home grown applications are not linked to DNS and DHCP and keeping these inventories accurate is increasingly difficult. The complexity of managing these networks is driving the need for dedicated IP address management solutions.

IP Address Management (IPAM) enables organizations to improve the availability of network applications (logical services) by eliminating network conflicts and outages.  IPAM systems track critical assets and ensure network security through enhanced end-user visibility.  Most companies have been operating without a formal IPAM solution, and many are now realizing they can no longer afford to go that route.  Effective IPAM is more than spreadsheets or a custom database that is loosely tied to DNS and DHCP.

Beyond compliance with corporate use and access policies, IPAM plays a crucial role by helping organizations to comply with external regulations such as the Sarbanes-Oxley Act (SOX); a policy that is designed to tighten internal controls of financial reporting and enforce accountability through strengthened internal controls over the transfer of sensitive financial data across corporate networks. 

IPAM solutions offer an efficient way for organizations to comply with corporate and security regulations – including SOX, GLBA, CPI, SAS 70 and HIPAA – by providing real-time and historical data about configuration management, network usage, resource availability, and network access control.

The Cost of Service Loss

Enterprises keenly appreciate applications such as the Web, e-mail, VoIP and CRM as critical to maintaining ongoing business operations.  To this same extent, organizations must invest a great deal of time and resources to ensure the network is defended against threats, while taking measures to ensure that it is highly scalable and highly available.