Veritas / Symantec Enterprise Vault Alternatives & Migration [MVP Guide]

With cloud-based Platform as a Service (PaaS) solutions, organizations use and pay for exactly what they need, not paying for future estimated requirements, providing obvious savings. But, with Enterprise Vault, your archives are stuck languishing on servers that you pay support costs to maintain and run. No doubt you would jump at the chance to only pay for what you use, which is what makes the cloud such an attractive prospect. Better still, those organizations that adopt a “pay as you go” (Operational Expenses - OpEx) model are able to engage the resources and expertise of cloud hosting experts to take advantage of new capabilities faster without the needed investments, and realize cost benefits throughout the year.

It seems like a no-brainer. You’re aware you should move away from aging solutions like Enterprise Vault and you know the cloud is the place to be. But what are your options?

Essentially, there are three possible strategies:

1. Stick with what you have and continue to be limited by an on-premises solution like Enterprise Vault.
   As you continue on with your cloud transition strategy, while maintaining your on-premise EV infrastructure, you’ll quickly realize the competitive disadvantage you are in.
2. Move your Veritas Enterprise Vault email archives to a Software-as-a-Service (SaaS) archiving solution in the “kinda’ cloud”
   Because they’re offered as the easiest possible cloud solution, SaaS solutions have become very popular over the years. Additionally, they are popular because they were the ONLY cloud solution available. But taking the easy option doesn’t offer you the increased control or flexibility needed in today’s changing regulatory, legal, or business environments. Due to the fact that they aren’t true hyperscale clouds, like those of Amazon or Microsoft, SaaS archiving products are extremely restrictive and cannot be customized for real-world situations (otherwise known as “One-size-fits-all). The limitations you’ll encounter include a lack of control over security, narrow eDiscovery options, and costly options to move your archive out if dissatisfied with the SaaS provider. In essence, migrating your Enterprise Vault archives to a SaaS solution only puts you in a marginally better place than you were in with on-premises solutions.
3. Embrace the true power of PaaS
   To truly benefit from a move away from the on-premise Enterprise Vault archive you need access to a next-generation cloud platform that gives you complete control. While SaaS vendors talk a lot about your data benefiting from being in their cloud, the truth is they’re not (and can’t) providing the cloud’s full value. Nor are they giving you much control over the security of your archived data. On the other hand, cloud archiving using native file formats, providing complete control over security protocols and process, on-demand scalability, the ability to designate specific geographic locations for data and access, and automatic updates offering latest and greatest technology developments (with on-premise platforms, you must wait for the vendors update cycle to realize the new technologies. Those are the benefits of true cloud-based PaaS solutions offers.

With that in mind, we can safely say that the first strategy doesn’t make sense for most companies. So, let’s take a look at the two remaining possible strategies open to you: the halfway house versus the flexible, future-proof solution.

The halfway house – Why migrating from Enterprise Vault to Enterprise Vault.cloud isn’t the ideal solution

SaaS archiving platforms have been around for a while now, with legacy vendors like Veritas (as well as others like Smarsh, Mimecast and GlobalRelay) making use of the SaaS model to deliver one-size-fits-all archiving solutions. In the early days of SaaS, cloud solutions such as these had some major selling points and they were the only cloud solutions available. They helped businesses to do away with ongoing on-premises infrastructure costs in favor of a convenient subscription service that required little input on their part. The problem is, they weren’t designed to be flexible or compatible with the true, hyperscale cloud requirements of today.

With “agility” and “flexibility” key buzzwords in technology over the last few years, this obvious limitation quickly highlighted the apparent problem. As the world rapidly changes, especially in relation to technology and data security, SaaS-based archives aren’t designed or equipped to cope with shifting regulations and constantly emerging security threats, or the need for businesses to scale up and down based on business requirements, as the hyperscale cloud is.

While SaaS solutions might once have been the easiest or only way to go, their static feature sets and one-size-fits-all design restrictions now limit security, access, accountability, and direct control over your data.

Most SaaS-based archiving vendors will tell you they offer the best turn-key cloud archiving platform but, in reality, they only introduce the same issues you experience with legacy on-premises infrastructure, such as the lack of an easy way to harness analytics, Machine Learning, and AI. In other words, the SaaS “lowest-common-denominator” design and architecture cannot meet today's needs.

Sharing your cloud with others

Many SaaS issues stem from a basic drawback of the model – the fact that most SaaS-based archiving vendors don’t own their own datacenters. Instead, they rent space in what’s called a multi-tenant cloud. In reality, the SaaS vendor is subletting their cloud tenancy to you and offer a single application hundreds of other companies.

Not only does this situation block the addition of new much-needed capabilities, but it also raises major security concerns. For instance, that fact that as a customer, you don’t have control of the encryption keys used to secure your data. This, coupled with a lack of control over the security processes and measures in place, means your company’s data could be inadvertently shared with all of the SaaS vendor’s other clients in the same multi-tenant cloud. That significantly increases the chances of unauthorized access i.e. viruses and ransomware, data corruption, or deletion. It also means the SaaS vendor can access your company’s sensitive data at any time or provide access to government agencies via secret subpoenas – without you ever knowing.

Vendor Data Ransom

While security is a major issue for all organizations, subscription costs and total cost of ownership is always a close second in importance. Most SaaS vendors will convert and store your company’s files in their own proprietary format that only their tools can access, essentially creating what amounts to a data prison. When you want to eventually move your data somewhere else, the vendor can charge you huge “reconversion fees” to move your data away from their service. On top of this data ransoming, the proprietary format also means you can’t use your data with AI or Machine Learning technology to provide content-based auto-classification and supervision for more accurate information management.

Before you consider a migration to Enterprise Vault.cloud, we suggest you check with the vendor:

1. Do you have to pay a reconversion fee to extract your data out of your Enterprise Vault.cloud archive?
2. What is the cost per GB for the extraction?
3. Are there limitations on the amount of data I can search and extract per day?

Possible SaaS archiving issues:

• Limited or no control over your data’s geographic location – data sovereignty
• Little to no control over security capabilities
• Proprietary file formats that limit your ability to move your data without paying exorbitant fees - data ransoming
• Limited search and review options for audio, video and other non-email files
• Data analysis and eDiscovery functionality is limited to “lowest common denominator” vendor-provided tools
• No access to encryption keys used to encrypt your data

In a recent survey of global IT executives, including VPs, Directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all their security requirements. 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft Office 365 and Salesforce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that many SaaS solutions don’t provide the security standards and flexibility modern organizations require.

On the topic of encryption keys, an astounding 95% of respondents believed it was important to control their own encryption keys, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would require more security customization in the future, with 63% of them planning to retire current SaaS applications that don’t provide them control over encryption key creation and management.

These statistics paint a clear picture of the security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for organizations’ risk mitigation efforts. Instead, more secure and customizable solutions will be a major focus.

Stunted security: SaaS vendors don’t let you control…

1. Physical data center security
2. Encryption keys
3. Custom compliance reporting
4. Cloud-native directories
5. Firewall and firewall rules
6. Application security analysis
7. Identity management/Access controls
8. Threat detection

There is a way to retain complete control over your sensitive archived data while applying your own security standards and protocols. To achieve this, you must migrate your legacy archive data (whether it’s current on-premises or in the cloud) to an archive hosted and managed in your own hyperscale cloud tenancy.

The best known names in this space are, of course, Microsoft and Amazon. Coupling the power of their hyperscale clouds with the right PaaS-based information management and archiving solution will provide you with complete control over your data, with files stored in their native format, and best-in-class security and data management features included. Not only that, but you are also free to harness cloud-scale AI and Machine Learning to unlock crucial business insight from your data, plus automate data management and handling for accurate supervision, predictive surveillance, auto-classification, and eDiscovery response. This is the modern cloud in all its glory, offering a wide-ranging set of essential, future-proof features that SaaS archives simply can’t match.

Your own hyperscale cloud should give you…

1. Immediate access to your data in its native format
2. Full control of where data is stored for data sovereignty
3. Complete, customizable control over security, compliance, and privacy
4. Flexibility and on-demand scalability – use only what you need
5. Reduced upfront investment and predictable ongoing costs – CapEx versus OpEx
6. The ability to move your data out of the archive without paying extraction fees – (aka ransom fees)
7. Faster, scalable eDiscovery searches and case management, as well as customizable retention/disposition (defensible disposition) policy controls for regulatory compliance
8. Access to the latest AI and ML technology for auto-data classification, data mining, and analysis
9. The ability to granularly search and review content within audio, video and social media files

Archive360 Open Archive vs SaaS Archives

If you’ve made up your mind to move to a new, more capable cloud platform, one of your first considerations will be what to do with the terabytes or even petabytes of data stored in your legacy EV archive. The answer is to find a partner to help you migrate that data quickly, seamlessly, in a legally defensible manner, and painlessly to the new cloud without the risk of leaving any of it behind, losing it in route, or interrupting the day-to-day operations of your business.

There a many companies offering such a service, including QuadroTech and Transvault, but the key is to find the best high performance and secure email migration tool for your needs. A tool that is capable of not only moving your data to the cloud at the highest possible speed, but one that ensures the migration is complete, accurate, and legally defensible - which includes protecting the chain of custody.

As you make a decision on your migration partner, you should also think about whether you want to archive or journal in your new cloud. Whether you wish to move your existing archived data to Office 365, another email archive, or to an archive hosted in your company’s own hyper-scale cloud tenancy, Archive360 can help.

Archive Migration

Our combination of experience and cloud-based automation is going to make you look really good.

• Complete chain-of-custody and exception reporting down to the item level
• Advanced features for managing your stubs to ensure your end-users experience zero disruption
• Unique approach to handling journal archives your legal and compliance teams will appreciate
• Many destination options including Office 365 and dozens of other cloud-based and on-premises archives

Open Archiving

We interviewed 1,100 customers to learn what they loved and hated about their legacy archive and used that insight to create a completely new kind of archive platform.

• More secure: If you don't control your encryption keys, you don't control your data. With our archive, only you have access to your encryption keys.
• More private: Privacy laws require you to retain data in the region it was created. SaaS archives don't do that. Our archive automatically stores employee and customer data in the country of origin.
• More insight: Your archive holds incredible insight that until now has been trapped in a black box. Our archive empowers you to extract intelligence from your emails, files and videos for the first time.

Data repositories are growing larger, more complex, and more wide-ranging by the day for every organization. This is coupled with an increasingly stringent regulatory and legal climate, with new, stricter regulatory retention requirements being added every year.

The chances are your organization must either comply with the financial services industry’s very prescriptive SEC 17, FINRA, and MiFID II requirements, have a legal need to ensure ongoing litigation hold requirement of specific custodian data, or want to conduct targeted internal investigations.

The need to capture, immutably store, index/make searchable, audit, and export (with all metadata intact) has radically expanded beyond everyday email. Your compliance journals may need to include content from collaboration platforms like Bloomberg Chat, Slack, Salesforce , social media platforms, Microsoft Teams, and many other sources.

Migrating a legacy Enterprise Vault journal in a legally defensible manner is not easy and should only be done by those with a long history of experience and success. Some migration vendors will tell you that “exploding” or “splitting” journals so that they can be inserted into Office 365 is the best process. Microsoft frowns on this practice and instead suggests that the legacy journals and ongoing journal streams from Office 365 be migrated into another third-party cloud archive. Some companies have chosen to migrate their journals into a SaaS cloud infrastructure but with the issues already highlighted with SaaS clouds, the better choice is to move them into your own, company-controlled cloud tenancy.

Archive360 understands how big a decision it is to move to the hyperscale cloud and appreciates the many concerns you might have. Having carried out over a thousand successful legacy archive migrations, we’re well aware of the questions you need answers to and are able to dispel your fears in our initial discussions. The conversations we have at the start of a migration normally include answering questions like…

• How much data do I actually have in my archive and what kind of data is it (formats)?
• Is there a cost to move my data out of my legacy archive? If so, what is it?
• Does the archived data need to be reconverted back to its original format?
• How much “dark data” do I have (such as archived messages from inactive users and leavers)?
• Do I need to migrate the entire archive and/or just the journal archive?
• I have ongoing or pending litigation; can I still migrate my archived mail?
• How do I manage archived email that is under legal hold? What special handling is needed to maintain chain of custody?
• Will I be able to account for 100% of my archived mail?
• How long will the migration take?
• Will the migration affect my end-users productivity?
• Does the legacy EV archive include stubs or pointers to email in the live email system? If not handled correctly, incorrectly migrated stubs can serious legal and regulatory issues.

Archive360 Enterprise Vault migration detail:

• Utilizes a multi-threaded, multi-server architecture
  Provides the highest performance and accuracy of all migration solutions
• Uses native Enterprise Vault web APIs
  Enables search and filtering of emails by custodian, date range and other criteria
• Does not require indexing or data gathering before extraction
  Begin message extraction within minutes of installation unlike other solutions that take days or weeks to index before project start
• Message level chain of custody reporting
  Legally defensible reporting reduces eDiscovery risk
• Intuitive and powerful graphical user interface
  Less time needed for training – faster time to migration