Click on any chapter to jump directly to it.
Where cloud computing was once an interesting option for organizations, it has now become a business imperative. That statement becomes ever more pertinent as more and more businesses, and even entire industries are disrupted by new ‘born in the cloud’ challengers. It’s time for the incumbents to take action against this persistent threat, taking steps to modernize their operations and remain competitive in a fast-moving market. The cloud, of course, is key. By providing businesses with measurably better cost efficiency, enhanced and customizable security, and much-needed agility, organizations can react quickly to changes in their market while unlocking new capabilities, including ways to manipulate and analyze data. By making use of powerful, cloud-based tools including AI (Artificial Intelligence), ML (Machine Learning), and advanced analytics, they can beat disruptive competitors at their own game and, in many cases, take advantage of their amassed historic data to achieve a position of superiority in their industry.
The chances are that your organization already uses the cloud in some form already, whether it’s through tools for productivity, communication, or collaboration. However, to benefit fully from the cloud, a complete data migration is required. By migrating legacy on-premises or first-generation cloud data archives to a modern cloud environment, you can provide your business with the tools it needs to survive and thrive in a quickly evolving, cloud-based world.
The migration must be fast, carried out in a legally defensible manner, and shouldn’t carry the risk of data corruption, inadvertent data deletion, end-user productivity issues, or damage to chain of custody. By checking all of those boxes, you will not only drive your digital transformation strategy forward but begin to see benefits to your business from day one.
There are two main cloud platform options available today; Software as a Service (SaaS) and Platform as a Service (PaaS). Of the two cloud migration options available, a SaaS cloud seems like the easiest option. A SaaS archiving solution like Global Relay, Mimecast or Smarsh, might appear to do everything you need; however they bring with them many drawbacks. SaaS solutions come at the cost of losing control over your organization’s sensitive data, from the security measures used to protect it to keeping direct control of the encryption keys that unlock it.
The second option includes none of these caveats. Migrating to your own, managed and secured PaaS-based public cloud tenant enables you to choose the best archiving or information management solution, as well as determine the precise security capabilities that match your organization’s carefully planned risk posture and protocols.
SaaS archiving platforms have been around for a while now, with legacy vendors like Mimecast and Smarsh making use of the model to deliver one-size-fits-all archiving solutions. In the early days of SaaS, cloud solutions such as these had some major selling points. They helped businesses to effortlessly do away with ongoing on-premise infrastructure costs in favor of a convenient subscription service that required little input on their part (CapEx vs. OpEx). The problem is, they weren’t designed to be flexible or compatible with the true, hyperscale cloud requirements of today. With agility and flexibility key buzzwords in technology over the last few years, this level of limitation quickly highlighted an obvious problem. As the world rapidly changes, especially in relation to technology and security, SaaS-based archives aren’t designed or equipped to cope with shifting regulations and security threats, or the need for businesses to scale up and down based on business requirements, as the hyperscale cloud is.
While SaaS solutions might once have been the easiest way to go, their static feature sets and on-size-fits-all design restrictions now limit security, access, accountability, and control over your data. Most SaaS-based archiving vendors will tell you they offer the best turn-key cloud archiving platform, but, in reality, they only introduce the same issues you experience with legacy on-premises infrastructure, such as the lack of an easy way to harness analytics, Machine Learning, and AI. Even worse, because they’re built around outdated and static architectures, SaaS archives are almost impossible to upgrade to provide the features customers today demand.
Sharing your cloud with others
Many SaaS issues stem from a basic drawback of the model – the fact that most SaaS-based archiving vendors don’t own their own datacenters. Instead, they rent space in what’s called a multi-tenant cloud. In reality, the SaaS vendor is subletting their cloud space to you.
Not only does this situation block the addition of new much-needed capabilities, but raises major security concerns, because you, the customer, do not have control of the encryption keys used to secure your data. This, coupled with a lack of control over the security measures in place, means your company’s data could be shared with all of the SaaS vendor’s other clients sharing the same multi-tenant cloud. That significantly increases the chances of unauthorized access, data corruption, or deletion, and also means the SaaS vendor can access your company’s sensitive data at any time or provide access to government authorities – without you ever knowing.
Vendor data ransom
While security is a major issue for any organization, subscription costs and total cost of ownership is always a close second in importance. Most SaaS vendors will store your files in their own proprietary format that only their tools can access, creating what amounts to a data prison. When you want to move your data somewhere else, the vendor will charge you huge “reconversion fees” to move your data away from their service. On top of this data ransoming, the proprietary format also means you can’t use your data with AI or Machine Learning technology to provide content-based auto-classification and supervision for more accurate information management.
It’s clear when looking at all of these negatives above that SaaS solutions are more of a burden than a blessing when it comes to archiving, securing, and managing your data. At first glance, they appear to offer simplicity, but they don’t offer many advantages over that of an on-premises solution and can seriously hamper your options in the future. So, why wouldn’t you just cut out the middleman and migrate your data to a cloud you own and, most importantly, can control?
In a recent survey of global IT executives, including VPs, Directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all their security requirements. 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft Office 365 and Salesforce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that many SaaS solutions don’t provide the security standards and flexibility modern organizations require.
On the topic of encryption keys, an astounding 95% of respondents believed it was important to control their own encryption keys, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would require more security customization in the future, with 63% of them planning to retire current SaaS applications that don’t provide them control over encryption key creation and management.
These statistics paint a clear picture of the security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for organizations’ risk mitigation efforts. Instead, more secure and customizable solutions will be a major focus.
There is a way to retain complete control over your sensitive archived data while applying your own security standards and protocols. To achieve this, you must migrate your legacy archive data to an archive hosted and managed in your own hyperscale cloud.
The big names in this space are, of course, Microsoft and Amazon. Coupling the power of their hyperscale clouds with the right information management and archiving solution will provide you with complete control over your data, with files in their native format, and best-in-class security and management features included. Not only that, but you are also free to harness cloud-scale AI and Machine Learning to unlock crucial business insight from your data, plus automate data management and handling for accurate supervision, predictive surveillance, auto-classification, and eDiscovery response. This is the modern cloud in all its glory, offering a set of essential, future-proof features that SaaS archives simply can’t match.
Your own hyperscale cloud should give you…
All cloud archives are not created equal. There are major differences between archives deployed in a SaaS model versus a PaaS model that affect the security, accessibility and functionality of your archived data. This Technical Guide explores what you will need to consider in order to make an informed decision about PaaS versus SaaS.
|Features||SaaS Archives||Open Archive|
|Host data in your corporate cloud|
|Protect Data with encryption keys|
|Meet SEC 17a-4 regulations|
|Meet GDPR Regulations||Limited|
|Active user-based pricing|
|Standard eDiscovery with case management|
|Manage any content/data type||Limited|
|Records analysis, classification and management||Limited|
|Policy-driven records classification and transformation|
|Data Loss Prevention and sensitive data analysis alerts|
|Export and produce data for third party consumption|
|Role-based access with Active Directory Integration||Limited|
|Native import and export with O365, SharePoint Online and OneDrive||Limited|
|Accelerated onboarding at 50 TB per day|
|Restore legacy archives back to native format|
|Active user-based pricing|
|Interactive Users - free of charge (restrictions apply)|
If you’ve made up your mind to move to a new, more capable cloud platform, one of your first considerations will be what to do with the terabytes or even petabytes of data stored in your legacy archives. The answer is to find a partner to help you migrate that data quickly, seamlessly, in a legally defensible manner, and painlessly to the new cloud without the risk of leaving any of it behind, losing it en route, or interrupting the day-to-day operations of your business. There are many companies offering such a service, including QuadroTech and Transvault, but the key is to find the right high performance and secure email migration tool for your needs. A tool that is capable of not only moving your data to the cloud at the highest possible speed but one that ensures the migration is complete, accurate, and legally defensible, which includes protecting the chain of custody.
As you make a decision on your migration partner, you should also think about whether you want to archive or journal in your new cloud, plus whether you wish to move your existing archived data to Office 365, another email archive, or to an archive hosted in your company’s own hyper-scale cloud tenancy.
Our combination of experience and cloud-based automation is going to make you look really good.
We interviewed 1,100 customers to learn what they loved and hated about their legacy archive and used that insight to create a completely new kind of archive platform.
Data repositories are growing larger, more complex, and more wide-ranging by the day for every organization. This is coupled with an increasingly stringent regulatory and legal climate, with new, stricter regulatory retention requirements being added every year.
The chances are your organization must either comply with the financial services industry’s very prescriptive SEC 17, FINRA, and MiFID II requirements, have a legal need to ensure ongoing litigation hold requirement of specific custodian data, or want to conduct targeted internal investigations.
The need to capture, immutably store, index/make searchable, audit, and export (with all metadata intact) has radically expanded beyond everyday email. Your compliance journals must now include content from collaboration platforms like Bloomberg Chat, Slack, Salesforce, social media platforms, Microsoft Teams, and many other sources.
Migrating a legacy EAS journal in a legally defensible manner is not easy and should only be done by those with a long history of experience and success. Some migration vendors will tell you that “exploding” or “splitting” journals so that they can be inserted into Office 365 is the best process. Microsoft frowns on this practice and instead suggests that the intact legacy journals be migrated into another third-party cloud archive. Some companies have chosen to migrate their journals into a SaaS cloud infrastructure, but with the issues already highlighted with SaaS clouds, the better choice is to move them into your own, company-controlled cloud tenancy.
Archive360 understands how big a decision it is to move to the hyperscale cloud and appreciates the many concerns you might have. Having carried out over a thousand successful legacy archive migrations, we’re well aware of the questions you need answers too and are able to dispel your fears in our initial discussions. The conversations we have at the start of a migration normally include answering questions like…
Archive360 offers the most trusted email archive migration solution available - specifically designed for the Autonomy EAS archive. Fully integrated with the solution’s APIs for faster, more accurate data extractions, Archive360 extracts messages and attachments, including all metadata, directly from the archive, and maintains an item-level audit trail for compliance and legal reporting. It also preserves complete, original message fidelity for eDiscovery and regulatory information requests.
Archive360 provides the cloud archive trusted most by enterprises and government agencies worldwide, purpose-built to run in the hyperscale cloud. Installed and run from your organization’s individual public cloud tenancy, you retain all the power, flexibility, and management while maintaining complete control of your data and its security, including encryption keys that only you have access to. Additionally, unlike on-premises and SaaS archiving solutions, you are free to unlock valuable insights via data analytics and carry out powerful searches on your data using the latest cloud-based tools that will benefit multiple teams across your business, from HR to legal and compliance.
Find out why major, regulated organizations around the world trust Archive360 with their most sensitive data. Get in touch to request a demo today.
Read our product brochure to learn how Archive360 provides end-to-end fully managed solution to upend migration failures.READ MORE
This document explores the differences between the two platforms and what to consider in order to make an informed decision about PaaS vs SaaS.LEARN MORE
Why you should turn on Office 365 archiving for your business (and how to make the most of it if you already have).LEARN MORE
The question of whether moving to the cloud has cost advantages over that of staying on premise continues to be discussed in industry publications. Some industry analysts suggest that all things being equal, OpEx strategies should cost more than CapEx… but does it? Lets first briefly explore the definitions of the two strategies and then dig deeper into the numbers that layout the true cost of ownership (TCO) of moving to the cloud.LEARN MORE