If your organization uses EAS (Enterprise Archive Solution) in any of its forms, you’re likely considering the next steps to take in order to modernize your legacy archive.
Having had many owners and iterations, from the original by EDUCOM TS, through Zantaz, Autonomy EAS, HP/Autonomy EAS, and Capax EAS to today’s owner, Unified Global Archiving, it has seen a lot of change over the years.
Whether your goal was to comply with a wide range of regulatory retention requirements, react to eDiscovery in a legally defensible manner, or simply reduce the strain on your on-premises Microsoft Exchange system, back in the day, EAS was a popular solution. But with ever-changing compliance laws and eDiscovery responsibilities, Autonomy EAS is no longer a viable solution.
Regardless of whether you’re using an on-premises or first-generation cloud-based version of EAS, you will definitely have noticed that it has fallen behind in addressing today’s regulatory, legal, and business requirements. In addition, like many EAS customers, you’re no doubt concerned about the cost and potential risk to your business of maintaining this increasingly archaic technology. Thankfully, there is a range of options available to effortlessly move your existing EAS archives to a secure, modern cloud environment. The most important action for you to take right now is to evaluate which option is best for your business.
Moving Away from Autonomy EAS Archives
Where cloud computing was once an interesting option for organizations, it has now become a business imperative. That statement becomes ever more pertinent as more and more businesses, and even entire industries are disrupted by new ‘born in the cloud’ challengers. It’s time for the incumbents to take action against this persistent threat, taking steps to modernize their operations and remain competitive in a fast-moving market. The cloud, of course, is key. By providing businesses with measurably better cost efficiency, enhanced and customizable security, and much-needed agility, organizations can react quickly to changes in their market while unlocking new capabilities, including ways to manipulate and analyze data. By making use of powerful, cloud-based tools including AI (Artificial Intelligence), ML (Machine Learning), and advanced analytics, they can beat disruptive competitors at their own game and, in many cases, take advantage of their amassed historic data to achieve a position of superiority in their industry.
The chances are that your organization already uses the cloud in some form already, whether it’s through tools for productivity, communication, or collaboration. However, to benefit fully from the cloud, a complete data migration is required. By migrating legacy on-premises or first-generation cloud data archives to a modern cloud environment, you can provide your business with the tools it needs to survive and thrive in a quickly evolving, cloud-based world.
The migration must be fast, carried out in a legally defensible manner, and shouldn’t carry the risk of data corruption, inadvertent data deletion, end-user productivity issues, or damage to chain of custody. By checking all of those boxes, you will not only drive your digital transformation strategy forward but begin to see benefits to your business from day one.
Cloud Migration: Your Two Main Options
There are two main cloud platform options available today; Software as a Service (SaaS) and Platform as a Service (PaaS). Of the two cloud migration options available, a SaaS cloud seems like the easiest option. A SaaS archiving solution like Global Relay, Mimecast or Smarsh, might appear to do everything you need; however they bring with them many drawbacks. SaaS solutions come at the cost of losing control over your organization’s sensitive data, from the security measures used to protect it to keeping direct control of the encryption keys that unlock it.
The second option includes none of these caveats. Migrating to your own, managed and secured PaaS-based public cloud tenant enables you to choose the best archiving or information management solution, as well as determine the precise security capabilities that match your organization’s carefully planned risk posture and protocols.
Option 1: Second-Rate SaaS Archiving
SaaS archiving platforms have been around for a while now, with legacy vendors like Mimecast and Smarsh making use of the model to deliver one-size-fits-all archiving solutions. In the early days of SaaS, cloud solutions such as these had some major selling points. They helped businesses to effortlessly do away with ongoing on-premise infrastructure costs in favor of a convenient subscription service that required little input on their part (CapEx vs. OpEx). The problem is, they weren’t designed to be flexible or compatible with the true, hyperscale cloud requirements of today. With agility and flexibility key buzzwords in technology over the last few years, this level of limitation quickly highlighted an obvious problem. As the world rapidly changes, especially in relation to technology and security, SaaS-based archives aren’t designed or equipped to cope with shifting regulations and security threats, or the need for businesses to scale up and down based on business requirements, as the hyperscale cloud is.
While SaaS solutions might once have been the easiest way to go, their static feature sets and on-size-fits-all design restrictions now limit security, access, accountability, and control over your data. Most SaaS-based archiving vendors will tell you they offer the best turn-key cloud archiving platform, but, in reality, they only introduce the same issues you experience with legacy on-premises infrastructure, such as the lack of an easy way to harness analytics, Machine Learning, and AI. Even worse, because they’re built around outdated and static architectures, SaaS archives are almost impossible to upgrade to provide the features customers today demand.
Sharing Your Cloud with Others
Many SaaS issues stem from a basic drawback of the model – the fact that most SaaS-based archiving vendors don’t own their own datacenters. Instead, they rent space in what’s called a multi-tenant cloud. In reality, the SaaS vendor is subletting their cloud space to you.
Not only does this situation block the addition of new much-needed capabilities, but raises major security concerns, because you, the customer, do not have control of the encryption keys used to secure your data. This, coupled with a lack of control over the security measures in place, means your company’s data could be shared with all of the SaaS vendor’s other clients sharing the same multi-tenant cloud. That significantly increases the chances of unauthorized access, data corruption, or deletion, and also means the SaaS vendor can access your company’s sensitive data at any time or provide access to government authorities – without you ever knowing.
Vendor Data Ransom
While security is a major issue for any organization, subscription costs and total cost of ownership is always a close second in importance. Most SaaS vendors will store your files in their own proprietary format that only their tools can access, creating what amounts to a data prison. When you want to move your data somewhere else, the vendor will charge you huge “reconversion fees” to move your data away from their service. On top of this data ransoming, the proprietary format also means you can’t use your data with AI or Machine Learning technology to provide content-based auto-classification and supervision for more accurate information management.
It’s clear when looking at all of these negatives above that SaaS solutions are more of a burden than a blessing when it comes to archiving, securing, and managing your data. At first glance, they appear to offer simplicity, but they don’t offer many advantages over that of an on-premises solution and can seriously hamper your options in the future. So, why wouldn’t you just cut out the middleman and migrate your data to a cloud you own and, most importantly, can control?
SaaS Archiving Issues:
- Little or no control over your data’s geographic location – data sovereignty
- Data analysis and eDiscovery functionality is limited to “lowest common denominator” vendor-provided tools
- Proprietary file formats limit your ability to move your data without data ransoming
- Limited search and review options for audio, video and other non-email files
- Little to no control over security policies
- No access to encryption keys
The Sad Truth of SaaS Security Stats
In a recent survey of global IT executives, including VPs, Directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all their security requirements. 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft Office 365 and Salesforce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that many SaaS solutions don’t provide the security standards and flexibility modern organizations require.
On the topic of encryption keys, an astounding 95% of respondents believed it was important to control their own encryption keys, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would require more security customization in the future, with 63% of them planning to retire current SaaS applications that don’t provide them control over encryption key creation and management.
These statistics paint a clear picture of the security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for organizations’ risk mitigation efforts. Instead, more secure and customizable solutions will be a major focus.
Stunted Security: SaaS vendors don’t let you control…
- Physical data center security
- Encryption keys
- Custom compliance reporting
- Cloud-native directories
- Firewall and firewall rules
- Application security analysis
- Identity management/Access controls
- Threat detection
Option 2: The Trusted Cloud that You Control
There is a way to retain complete control over your sensitive archived data while applying your own security standards and protocols. To achieve this, you must migrate your legacy EAS archive data to an archive hosted and managed in your own hyperscale cloud.
The big names in this space are, of course, Microsoft and Amazon. Coupling the power of their hyperscale clouds with the right information management and archiving solution will provide you with complete control over your data, with files in their native format, and best-in-class security and management features included. Not only that, but you are also free to harness cloud-scale AI and Machine Learning to unlock crucial business insight from your data, plus automate data management and handling for accurate supervision, predictive surveillance, auto-classification, and eDiscovery response. This is the modern cloud in all its glory, offering a set of essential, future-proof features that SaaS archives simply can’t match.
Your own hyperscale cloud should give you…
- Immediate access to your data in its native format
- Full control of where data is stored for data sovereignty
- Complete, customizable control over security, compliance, and privacy
- Flexibility and on-demand scalability – use only what you need
- Reduced upfront investment and predictable ongoing costs – CapEx versus OpEx
- The ability to move your data out of the archive without paying ransom fees
- Faster, scalable eDiscovery searches and case management, as well as customizable retention/disposition policy controls for regulatory compliance
- Access to the latest AI and ML technology for auto-data classification, data mining, and analysis
- The ability to granularly search and review content within audio, video and social media files
Multi-Tenant SaaS vs Dedicated SaaS: what you need to know
All cloud archives are not created equal. There are major differences between archives deployed in a dedicated SaaS model versus a multi-tenant model that affect the security, accessibility and functionality of your archived data. This Technical Guide explores what you will need to consider in order to make an informed decision.
Archive360 Open Archive vs SaaS Archives
Discover all the benefits of Archive360's Archive2Azure
|Features||SaaS Archives||Open Archive|
|Host data in your corporate cloud|
|Protect Data with encryption keys|
|Meet SEC 17a-4 regulations|
|Meet GDPR Regulations||Limited|
|Active user-based pricing|
|Standard eDiscovery with case management|
|Manage any content/data type||Limited|
|Records analysis, classification and management||Limited|
|Policy-driven records classification and transformation|
|Data Loss Prevention and sensitive data analysis alerts|
|Export and produce data for third party consumption|
|Role-based access with Active Directory Integration||Limited|
|Native import and export with O365, SharePoint Online and OneDrive||Limited|
|Accelerated onboarding at 50 TB per day|
|Restore legacy archives back to native format|
|Active user-based pricing|
|Interactive Users - free of charge (restrictions apply)|
Migrating Your Data Out of Autonomy EAS Archive
If you’ve made up your mind to move to a new, more capable cloud platform, one of your first considerations will be what to do with the terabytes or even petabytes of data stored in your legacy archives. The answer is to find a partner to help you migrate that data quickly, seamlessly, in a legally defensible manner, and painlessly to the new cloud without the risk of leaving any of it behind, losing it en route, or interrupting the day-to-day operations of your business. There are many companies offering such a service, including QuadroTech and Transvault, but the key is to find the right high performance and secure email migration tool for your needs. A tool that is capable of not only moving your data to the cloud at the highest possible speed but one that ensures the migration is complete, accurate, and legally defensible, which includes protecting the chain of custody.
As you make a decision on your migration partner, you should also think about whether you want to archive or journal in your new cloud, plus whether you wish to move your existing archived data to Office 365, another email archive, or to an archive hosted in your company’s own hyper-scale cloud tenancy.
Our combination of experience and cloud-based automation is going to make you look really good.
- Complete chain-of-custody and exception reporting down to the item level
- Advanced features for managing your stubs to ensure your end-users experience zero disruption
- Unique approach to handling journal archives your legal and compliance teams will appreciate
- Many destination options including Office 365 and dozens of other cloud-based and on-premises archives
We interviewed 1,100 customers to learn what they loved and hated about their legacy archive and used that insight to create a completely new kind of archive platform.
- More secure: If you don't control your encryption keys, you don't control your data. With our archive, only you have access to your encryption keys.
- More private: Privacy laws require you to retain data in the region it was created. SaaS archives don't do that. Our archive automatically stores employee and customer data in the country of origin.
- More insight: Your archive holds incredible insight that until now has been trapped in a black box. Our archive empowers you to extract intelligence from your emails, files and videos for the first time.
Considering Journals and Journal Migration
Data repositories are growing larger, more complex, and more wide-ranging by the day for every organization. This is coupled with an increasingly stringent regulatory and legal climate, with new, stricter regulatory retention requirements being added every year.
The chances are your organization must either comply with the financial services industry’s very prescriptive SEC 17, FINRA, and MiFID II requirements, have a legal need to ensure ongoing litigation hold requirement of specific custodian data, or want to conduct targeted internal investigations.
The need to capture, immutably store, index/make searchable, audit, and export (with all metadata intact) has radically expanded beyond everyday email. Your compliance journals must now include content from collaboration platforms like Bloomberg Chat, Slack, Salesforce, social media platforms, Microsoft Teams, and many other sources.
Migrating a legacy EAS journal in a legally defensible manner is not easy and should only be done by those with a long history of experience and success. Some migration vendors will tell you that “exploding” or “splitting” journals so that they can be inserted into Office 365 is the best process. Microsoft frowns on this practice and instead suggests that the intact legacy journals be migrated into another third-party cloud archive. Some companies have chosen to migrate their journals into a SaaS cloud infrastructure, but with the issues already highlighted with SaaS clouds, the better choice is to move them into your own, company-controlled cloud tenancy.
Your Migration Questions Answered
Archive360 understands how big a decision it is to move to the hyperscale cloud and appreciates the many concerns you might have. Having carried out over a thousand successful legacy archive migrations, we’re well aware of the questions you need answers too and are able to dispel your fears in our initial discussions. The conversations we have at the start of a migration normally include answering questions like…
- How much data do I actually have in my archive and what kind of data is it (formats)?
- Is there a cost to move my data out of my legacy archive? If so, what is it?
- Does the archived data need to be reconverted back to its original format?
- How much “dark data” do I have (such as archived messages from inactive users and leavers)?
- I have ongoing or pending litigation; can I still migrate my archived mail?
- How do I manage EAS archived email that is under legal hold? What special handling is needed to maintain chain of custody?
- Will I be able to account for 100% of my archived mail?
- How long will the migration take?
- Do I need to migrate the entire archive and/or the journal archive?
- Will the migration affect my end-users productivity?
Archive360 Email Migration Software Product Highlights
Archive360 offers the most trusted email archive migration solution available - specifically designed for the Autonomy EAS archive. Fully integrated with the solution’s APIs for faster, more accurate data extractions, Archive360 extracts messages and attachments, including all metadata, directly from the archive, and maintains an item-level audit trail for compliance and legal reporting. It also preserves complete, original message fidelity for eDiscovery and regulatory information requests.
Archive360 EAS Migration Detail:
- Utilizes a multi-threaded, multi-server architecture
Provides the highest performance and accuracy of all migration solutions
- Uses native Autonomy EAS web APIs
Enables search and filtering of EAS email archive by custodian, date range and other criteria
- Does not require indexing or data gathering before extraction
Begin message extraction within minutes of installation unlike other solutions that take days or weeks to index before project start
- Message level chain of custody reporting
Legally defensible reporting reduces eDiscovery risk
- Intuitive and powerful graphical user interface
Less time needed for training – faster time to migration
The Cloud Archive Organizations Trust
Archive360 provides the cloud archive trusted most by enterprises and government agencies worldwide, purpose-built to run in the hyperscale cloud. Installed and run from your organization’s individual public cloud tenancy, you retain all the power, flexibility, and management while maintaining complete control of your data and its security, including encryption keys that only you have access to. Additionally, unlike on-premises and SaaS archiving solutions, you are free to unlock valuable insights via data analytics and carry out powerful searches on your data using the latest cloud-based tools that will benefit multiple teams across your business, from HR to legal and compliance.
Find out why major, regulated organizations around the world trust Archive360 with their most sensitive data. Get in touch to request a demo today.
Archive Migration Connectors
Archive360 has successfully helped more than 2,000 customers extract data from 20+ enterprise archives, legacy applications, and file system repositories, including the following:
(click on the link for more information)
CapEx vrs. OpEx - On Premise versus the Cloud, Which Saves More Money?
The question of whether moving to the cloud has cost advantages over that of staying on premise continues to be discussed in industry publications. Some industry analysts suggest that all things being equal, OpEx strategies should cost more than CapEx… but does it? Lets first briefly explore the definitions of the two strategies and then dig deeper into the numbers that layout the true cost of ownership (TCO) of moving to the cloud.