Share This Article:

Let’s face it, regulatory compliance is the bane of business today. Government regulations and industry standards are difficult to comprehend and expensive to meet expectations, especially on an ongoing basis. Siloed business structures make compliance a fleeting exercise. And, clouding all this is the fact that every vendor with a piece of code or black box has “the solution” to compliance woes. It’s time to look at compliance through a comprehensive lens.

Before we get into what the comprehensive lens should look like, let’s examine the last problem: every IT company approaching the market with a solution. Yes, there are numerous security, storage, backup and recordkeeping – on-premise or in the cloud – solutions that contribute to compliance. These are neither the problem nor the solution. The underlying problem is structure and understanding.

Government regulations are designed to prevent data breaches or prescribe actions in the event of privacy compromises. The challenge that many businesses have is they don’t know what data they have and where it resides, which hinders their ability to prescribe policies and procedures for accounting for data integrity, handling and access.

Even if businesses had a handle on their data, understanding the myriad regulations ranging from federal laws like HIPAA to state laws like the Massachusetts data protection act to the industry-driven Payment Card Industry Data Security Standard (PCI-DSS) is difficult to comprehend and apply to every facet of operations. Larger businesses have compartmentalized operations, which distribute data and managerial controls over different departments and people. Smaller companies have more centralized data controls, but not a firm understanding of their compliance needs.

eGastalt is taking a new approach to this thorny issue by providing self-assessment tools that guide businesses through the compliance labyrinth. The company draws its name from the German word “Gastalt,” which means “whole form.” It provides the self-assessment tool to systems integrators, consultancies, solution providers and managed service providers to sell to their customers to gain a better understanding of their compliance requirements, posture and needs. From there, it tracks the necessary steps toward achieving a better state of compliance.

There are plenty of resources that give solution providers and customers guidance with regulatory compliance, but few that combine the detailed information about laws and regulations with the ability to self-assess and track progress toward compliance in the way that eGastalt does. In a sense, the eGastalt platform is a self-discovery tool as well as a compliance dashboard.

For solution providers, eGastalt is a complement to established compliance and security practices, and the foundation for compliance practices built around product and solution sales. Few businesses want to spend money on more product, and many vendors cloud the GRC issue by promising compliance in a box. Solution providers can sell eGastalt as a compliance-enabling tool, and then use the results as a lead-generation and deal-building tool.

Compliance is the big stick many IT vendors and solution providers use to push deals to reluctant businesses. eGastalt is providing a tool that vividly demonstrates the need for compliance as well as the return on compliance investment.

* * *

Lawrence M. Walsh is CEO and president of The 2112 Group, a technology business advisory service that specializes in optimizing indirect channels and partner relationships. He’s also the executive director of the Channel Vanguard Council. He is the former publisher of Channel Insider and editor of VARBusiness Magazine. You can reach him at lmwalsh@the2112group.com.