Click on any chapter to jump directly to it.
From the success of disruptive businesses born in the cloud to the amazing possibilities that come from AI (Artificial Intelligence) and ML (Machine Learning) tools, the cloud is no longer looked on as a nice to have but a business imperative. You’ll likely already appreciate the many benefits a cloud-based archive could bring to your business, handling all of your historical archiving needs while also providing flexibility and scalability as your needs shift and your organization changes. In order to benefit from these opportunities, you must first find a way to move your on-premises GWAVA legacy archives to the cloud in a legally defensible manner without the risk of data corruption, lost data, negatively impacting ongoing operations and end-user productivity, or damaging chain of custody. So, what steps should you take?
Ultimately, there are two choices available to you when it comes to quitting your legacy Gwava Retain Unified Archiving solution. You can opt for the simplicity but lack of control of security and control of a SaaS archiving solution, such as Mimecast or Global Relay, or migrate fully to your own cloud. Let’s take a look at those two choices in detail.
Most SaaS vendors claim to offer the best turn-key cloud archiving platforms. What they’re really doing is limiting control of your data and blocking you from many of the best features of cloud archiving. Most SaaS archiving vendors don’t own their own datacenters. Instead, they rent cloud space and host multiple customers in it. Even those vendors who do own their own datacenters host multiple customers this way, forcing them to take a one-size-fits-all approach that impacts security and flexibility. This is what’s known as a multi-tenant public cloud, and it provides a significant risk for the client – your encryption keys are controlled by the SaaS vendor and could be used across all of their SaaS clients. Because encryption keys could be re-used among many clients, data breaches and the associated regulatory issues are much greater. A prime example is the privilege escalation attack on Capital One/AWS last year. It also means that the SaaS vendor can access your company’s sensitive data at any time or be forced to hand over your data to government agencies without your knowledge.
With SaaS archiving, you’ll be forced to compromise on your security policies, have little or no control over the geographic location of your data or the ability to store it in more than one location (geo-redundancy). Additionally, because many SaaS vendors convert your files in their proprietary format before archiving, your data is stored in what amounts to a data prison, with the possibility of huge “exit” or data re-conversion charges incurred if you ever want to move your data out of the SaaS cloud platform. On top of this data ransoming, you are also unable to make use of cutting-edge solutions, such as powerful data analytics capabilities or AI and ML technology, to provide content-based auto-classification and supervision for accurate information management.
Ultimately, when it comes to content archiving, SaaS solutions create many negatives, especially regarding security and flexibility, and don’t move you any closer to the true promise of digital transformation.
Common issues with SaaS archiving solutions:
In a recent survey of global IT executives, including VPs, directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all of their security requirements. 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft Office 365 and SalesForce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that SaaS solutions don’t provide the security standards modern organizations require.
Elsewhere, on the topic of encryption keys, an astounding 95% of respondents believed it was important to control their own encryption keys, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations regarding data privacy continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would need more security customization in the future, with 63% of them planning to retire SaaS applications that didn’t provide them control over encryption keys.
These statistics paint a clear picture of the business security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for businesses aiming to de-risk their operations. Instead, more secure and customizable solutions, such as those in Platform as a Service (PaaS) public cloud, will be sought.
The only way to ensure complete control over your data and its security, as well as the flexibility to comply with regulations and security policy, is to move to the real hyperscale cloud. A public cloud environment, as provided by Microsoft and Amazon, can provide you with full flexibility, unlimited access to your data, data storage in its native format, and the most advanced and scalable security features and controls.
In a hyperscale cloud-based archive, you can also make use of best of breed cloud-scale AI and ML tools to unlock crucial business insight from your data, as well as focused and accurate supervision, predictive surveillance, and advanced case management and eDiscovery searches. None of this is possible with a SaaS archive, making a clear distinction between an archive hosted in a true hyperscale public cloud that you control, and one hosted in the ‘kinda’ cloud’ offered via SaaS. Ultimately, why would you choose compromise over complete control?
Unlike SaaS or on-premises solutions, the hyperscale cloud provides...
There is a readily available solution to retain complete control over your sensitive archived data while applying your own security standards and protocols. To achieve this, you must migrate your legacy archive data to an archive hosted and managed in your own hyperscale cloud.
By combining the power and infrastructure security of clouds provided by Microsoft or Amazon with a high-quality Platform as a Service-based information management and archiving solution, you will gain complete control over your data. Not only will your data remain in its native format, but you will also benefit from the best possible security and management capabilities, as well as access to cloud-scale AI and Machine Learning to unlock crucial business insight from your data. You will also be able to automate data management and handling for accurate supervision, predictive surveillance, auto-classification, and eDiscovery response.
Such features showcase the significant, future-proof benefits of the hyperscale cloud and highlight the major limitations of SaaS archives.
Your own hyperscale cloud should give you…
All cloud archives are not created equal. There are major differences between archives deployed in a SaaS model versus a PaaS model that affect the security, accessibility and functionality of your archived data. This Technical Guide explores what you will need to consider in order to make an informed decision about PaaS versus SaaS.
|Features||SaaS Archives||Open Archive|
|Host data in your corporate cloud|
|Protect Data with encryption keys|
|Meet SEC 17a-4 regulations|
|Meet GDPR Regulations||Limited|
|Active user-based pricing|
|Standard eDiscovery with case management|
|Manage any content/data type||Limited|
|Records analysis, classification and management||Limited|
|Policy-driven records classification and transformation|
|Data Loss Prevention and sensitive data analysis alerts|
|Export and produce data for third party consumption|
|Role-based access with Active Directory Integration||Limited|
|Native import and export with O365, SharePoint Online and OneDrive||Limited|
|Accelerated onboarding at 50 TB per day|
|Restore legacy archives back to native format|
|Active user-based pricing|
|Interactive Users - free of charge (restrictions apply)|
Every organization’s data repositories are growing larger, are more wide-ranging, and increasingly complex every day. Today’s regulatory and legal climates are more intense and stringent than ever before, with new, stricter regulatory retention requirements being added every year. Your organization may have to comply with the financial services industry’s very prescriptive SEC 17, FINRA, and MiFID II requirements, have a legal need to ensure ongoing FRCP-based litigation hold requirement of specific custodian data, or want to conduct targeted internal investigations.
The need to capture, immutably store, index/make searchable, audit, and export (with full metadata and chain of custody intact) has radically expanded beyond just email. Your compliance journals must now include content from collaboration platforms like Bloomberg Chat, Slack, Salesforce activity, social media platforms, Microsoft Teams, and many other sources.
Migrating a legacy GWAVA retain journal in a legally defensible manner is not easy and should only be done by those with a long history of success. Some migration vendors will tell you that “exploding” or “splitting” email journals so that they can be inserted into Office 365 is the correct process. Microsoft frowns on this practice and instead suggests that the intact legacy journals be migrated into another third-party cloud archive. Some companies have chosen to migrate their journals into a SaaS cloud infrastructure, but with the issues already highlighted with SaaS clouds, the better/safer/less costly choice is to move them into your own, company-controlled cloud tenancy.
While a number of migration vendors exist, including QuadroTech and Transvault, Archive360 believes that the key is a high performance email migration tool that can not only move your data to the cloud at the highest possible speed but ensure the migration is complete (including stub rehydration), accurate, and that chain of custody is maintained.
Offering both archive migration and native format archiving in the cloud, Archive360 provides you with a single point of contact throughout your journey, ensuring you understand what is being migrated and how it will be done, while limiting the impact on your network bandwidth and end-user productivity.
We can help you analyze your existing data, organize and account for email that has been stubbed, determine whether archiving or journaling (or both) is the right decision going forward, and migrate your existing legacy data to a cloud-based solution like Office 365, all within your own public cloud tenant.
Our combination of experience and cloud-based automation is going to make you look really good.
We interviewed 1,100 customers to learn what they loved and hated about their legacy archive and used that insight to create a completely new kind of archive platform.
With over a thousand successful migrations under our belt, Archive360 understands the concerns organizations have when moving away from a legacy archive. We are often asked questions like...
Archive360 offers the most trusted email archive migration solution available, specifically designed for GWAVA Retain archives. Fully integrated with the solution’s APIs for faster, more accurate extractions, Archive360 extracts messages and attachments, including all metadata, directly from the GWAVA Retain archive and maintains an item-level audit trail for compliance and legal reporting. It also preserves complete, original message fidelity for eDiscovery and regulatory information requests.
Archive360 provides the cloud archive most trusted by enterprises and government agencies worldwide, purpose-built to run in the hyperscale cloud for long-term archiving and management. Installed and run from your organization’s individual public cloud tenancy, you retain all the power, flexibility, and management while maintaining complete control of your data and its security, including encryption keys that only you have access to. Additionally, unlike on-premises and SaaS archiving solutions, you are free to unlock valuable insights via data analytics and carry out powerful searches on your data using the latest cloud-based tools that will benefit multiple teams across your business, from HR to legal and compliance.
Find out why major, regulated organizations around the world trust Archive360’s cloud-based information management and archiving solution with their most valuable data. Get in touch to request a demo today.
Read our product brochure to learn how Archive360 provides end-to-end fully managed solution to upend migration failures.READ MORE
This document explores the differences between the two platforms and what to consider in order to make an informed decision about PaaS vs SaaS.LEARN MORE
Why you should turn on Office 365 archiving for your business (and how to make the most of it if you already have).LEARN MORE
The question of whether moving to the cloud has cost advantages over that of staying on-premises continues to be discussed in industry publications. We'll explore the definitions of the two strategies and then dig deeper into the numbers that layout the true cost of ownership (TCO) of moving to the cloud.LEARN MORE