Dell EMC SourceOne Archiving Alternatives & Migration Software

There are many good reasons to archive in the cloud, and cost will be a significant one for most. When you have on-premises servers, you’re forced to make a guess as to the assets you’ll need going forward. If you don’t get that calculation right, you’ll either end up with too few storage resources or underused resources that tie up money that could have helped other areas of your organization. Solutions like SourceOne pile more cost on top of that challenge, as you can see in the charts below. When you add up the cost of labor, software support, hardware support, floorspace, and the amount of power consumed, owning an on-premises SourceOne deployment really makes the cloud seem like the promised land. Studies have shown that, while perfectly capable tools, legacy archiving solutions like SourceOne simply aren’t cost-effective in the cloud era. 

Research suggests that email archiving solutions like EMC SourceOne are…

• Capable on-premises platforms for archiving various types of content, including email, SharePoint data, file shares, etc. 
• Relatively expensive compared to many alternatives, particularly those in the cloud. 
• More costly when considering the replacement cost of on-premises infrastructure.
• Lacking the security and insights provided by AI and ML in the cloud.

Figure 1 - Monthly, per-user cost of on-premises archiving for 1,000 to 5,000 users

 Figure 2 - Average cost of ownership for on-premises archiving for 2,500 users

 Figure 3 - Average distribution costs for on-premises archiving for 1,000 to 5,000 users 

Before you decide on a new platform to which to migrate your legacy EMC SourceOne email archive, it’s important to understand the definition of ‘cloud’ when talking about archiving solutions. The term is applied to a wide range of services and solutions that may well offer some of the benefits of cloud archiving but don’t offer cloud computing in its truest sense. Moving your legacy on-premises or hosted archives to a modern, hyperscale public cloud environment provides you with the flexibility, power, and tools required to secure your data, reduce your TCO and compete in an increasingly connected, digital business world. Such a shift in your infrastructure will bring about rapid benefits for your business and help to accelerate your company’s digital transformation strategy. However, there are other solutions that claim to offer ‘cloud archiving’ but can’t deliver such scale or flexibility. We will cover both solution types below so you can make an informed decision.

To make things simple, there are two main cloud archiving options: those offered via SaaS (Software as a Service) and those based in the client’s own public cloud tenancy. The two options differ wildly in the features and functionality they provide.

When it comes to information archiving for regulatory compliance, information governance, and litigation preparedness, many will have considered replacing their legacy EMC SourceOne email archive with turn-key legacy SaaS archiving solutions such as Global Relay, Mimecast, or Smarsh.

They check all the boxes in terms of basic functionality, but they do have some significant drawbacks. They rob you of full control over your company’s archived data and can even make it very difficult to move to a different platform because some of them convert your data into a proprietary format that can’t be used elsewhere. This is a practice known as data conversion which later enables data ransoming.

Alternatively, you could migrate your archived data to your own public cloud tenant, where you’ll encounter none of these issues. All you need to do is choose the archiving or information management solution you want to use, choose the precise levels of security you desire, and provide and manage your own encryption keys based on your company’s unique needs and risk posture.

Let’s take a look at both in more detail…

The idea of SaaS archiving once appealed to many using on-premises solutions due to the ease with which it could be set up and left to run for a recurring cost. This remains true, however now that the hyperscale cloud is more powerful and accessible than ever, legacy SaaS solutions haven’t kept up with the times. They simply aren’t cut out for an on-demand, dynamic, multi-format world and aren’t able to keep up with the demands of the modern cloud environment.

The main issue with SaaS archives is that they operate on a one-size-fits-all basis. This means they don’t allow clients to specify the control that enables them to adapt to changes in risk, technology, regulations, or the actions of competitors. They can’t adapt fast enough to the newest cyber threats, new and emerging regulatory requirements, or scale up and down as needed based on client needs. In today’s business environment, the only real feature SaaS archiving shares with archiving in public clouds from Amazon, Google, and Microsoft is moving away from on-premises infrastructure.

A cloud you don’t control

Another key fact regarding SaaS cloud archives is that most SaaS vendors don’t own their own datacenters. They use a ‘multi-tenant’ cloud, renting space from a major cloud provider that hosts hundreds or even thousands of other tenants. Or, if they do own their datacenters, they provided limited options in terms of location and functionality. The one-size-fits-all issue impacts users here too. Because a SaaS solution is designed to be used by multiple customers, there’s no way to tailor its features to meet the requirements of your organization. You’re stuck with the vendor’s chosen security policies, and they also create, control, and store the encryption keys for your data.

That means your company’s data could be shared with any or all of the other clients residing in the SaaS vendor’s cloud either accidentally or through malicious activity. The vendor can also access your data if they wish to, opening up the possibility that they could share it with government authorities without you ever knowing. Not only does this limit your control over data security, but it means your data is far more susceptible to unauthorized access in addition to corruption or deletion.

Data Prisons

SaaS archive vendors are keen for you to never leave their platform. Many use a proprietary format that means you can only view, access, and manipulate your data using the tools they provide. This also makes it tricky to move away from their platform, with many charging hefty ‘reconversion’ fees to return your data to its native format so that it can be used with another solution. Some SaaS vendors also throttle the exit speed of your data when you move to another solution, meaning it could take months or even years to get your data out.

Suffering with SaaS archiving means:

• Little or no control over your data’s geographic location – data sovereignty
• Data analysis and eDiscovery functionality is limited to “lowest common denominator” vendor-provided tools
• Little to no control over security policies 
• No access to encryption keys
• Proprietary file formats limit your ability to move your data without data ransoming
• Limited (or no) ability to compliantly archive, search and review non-email files such as audio, video, or structured data 

SaaS security stats uncovered

In a recent survey of global IT executives, including VPs, Directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all their security requirements. 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft Office 365 and Salesforce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that many SaaS solutions don’t provide the security standards and flexibility modern organizations require.

On the topic of encryption keys, an astounding 95% of respondents believed it was important to control their own encryption keys, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would require more security customization in the future, with 63% of them planning to retire current SaaS applications that don’t provide them control over encryption key creation and management.

These statistics paint a clear picture of the security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for organizations’ risk mitigation efforts. Instead, more secure and customizable solutions will be a major focus. 

Sacrificing security: SaaS-based archiving vendors don’t let you control…

1. Encryption keys management or storage
2. Custom compliance reporting
3. Cloud-native directories
4. Granular access controls
5. Identity management
6. Threat detection

Moving to the hyperscale cloud will involve changes to some of your security practices. There will be different elements to consider in comparison to an on-premises archive or one in a legacy SaaS cloud. What you gain, however, is complete flexibility and total control. In the hyperscale cloud, you can create your security environment to match the specific needs of your business. You can follow the same processes and comply with the same regulations as you always did, with the added benefit that your data will be even more secure. Cloud providers like Microsoft and Amazon can’t afford to let their security standards slip. A significant breach would be a major negative for their business, and they’re already prime targets for some of the most powerful hackers in the world. For this reason, they invest millions of dollars and countless resources into protecting their platforms. So much so that they have become the authorities on cloud infrastructure cybersecurity, interacting with governments and others to help eliminate threats and spot emerging dangers. It’s this level of next-generation, always evolving security capability that you get in the hyperscale cloud. SaaS vendors can’t begin to match this level of investment and experience in data security.

For most organizations, data repositories are getting bigger, costing more, and becoming more complex and wide-ranging as time goes on. To make matters worse, the regulatory and legal climate is growing increasingly more stringent, with new, stricter regulatory retention and privacy requirements added every year.

The chances are your organization must comply with the financial services (FinServ) industry’s very prescriptive SEC 17, FINRA, and MiFID II requirements, or if not a FinServ, have a legal need to ensure ongoing litigation hold requirement of specific custodian data or want to conduct targeted internal investigations.

The need to capture, store, protect, index/make searchable, audit, and export (with full metadata intact) emails and attachments into a journal has not changed.

Migrating a legacy email journal in a legally defensible manner is not easy and should only be done by those with a long history of success. Some migration vendors will tell you that “exploding” or “splitting” journals so that they can be inserted into Office 365 is the best process. However, Microsoft frowns on this practice and instead suggests that the intact legacy journals be migrated into another third-party cloud archive. Some companies have chosen to migrate their journals into a separate SaaS cloud vendor, but with the issues already highlighted with SaaS clouds, the better choice is to move your legacy journal into your own, company-controlled cloud tenancy.

Moving from on-premises archiving to the cloud is no small undertaking. Archive360 understands this and can answer any questions you might have. Having carried out more than two thousand successful legacy archive migrations, we have the experience required to ensure a successful outcome. Our initial discussions will provide peace of mind and help with any queries, such as…

• How much data do I actually have in my archive, and what kind of data is it?
• Is there a cost to move my data out of my legacy archive? If so, what is it?
• Does the archived data need to be reconverted back to its original format?
• How much “dark data” do I have (such as archived messages from inactive users and leavers)?
• Do I need to migrate the entire archive and/or the journal archive?
• Does my archive include email stub links that I need to migrate into the live email system?
• I have ongoing or pending litigation; can I still migrate my archived mail?
• How long will the migration take?
• How do I manage archived email that is under legal hold? What special handling is needed to maintain chain of custody?
• Will I be able to account for 100% of my archived mail?

Archive360 offers the most trusted email archive migration solution available - specifically designed for Dell EMC SourceOne. Fully integrated with the solution’s APIs for faster, more accurate data extractions, Archive360 extracts messages, attachments, or complete journals including all metadata, directly from the archive and maintains an item-level audit trail for compliance and legal reporting. It also preserves complete, original message fidelity for eDiscovery and regulatory information requests.

Archive360 EMC SourceOne migration detail:

• Utilizes a multi-threaded, multi-server architecture
  Provides the highest performance and accuracy of all migration solutions
• Uses native EMC web APIs
  Enables search and filtering of emails by custodian, date range, and other criteria
• Message level chain of custody reporting
  Legally defensible reporting reduces eDiscovery risk
• Intuitive and powerful graphical user interface
  Less time needed for training – faster time to migration
• Does not require indexing or data gathering before extraction
  Begin message extraction within minutes of installation, unlike other solutions that take days or weeks to index before project start