In the early 2000s, as the regulatory and legal landscape shifted, email and data archiving tools from ZipLip (as ZL Technologies was then known) were a popular choice for large organizations looking to ensure regulatory compliance. The addition of records management functionality later in the decade further increased its usefulness. With its main offering, ZL Unified Archive, enterprise customers could meet their file management needs and, by 2012, search their archives with its eDiscovery module and analysis tools.
Today, ZL Unified Archive offers archiving and records management hosted on-premises or in the cloud as part of a private, multi-tenant or hybrid model with proprietary tools designed to reduce data sprawl and enable companies to control their enterprise content.
However, organizations looking at digital transformation are increasingly frustrated by ZL Unified Archive. While it offers a comprehensive set of tools and makes life easier by centralizing data into a single repository, users are bound to the tools specific to the platform and a limited on-premises or cloud deployment, as a result, they are unable to make use of additional solutions for analysis as they could with an archive hosted in their own public cloud. Additionally, like many legacy archiving tools, users report concerns with inconsistent search results and question the ability of the product to meet their compliance and litigation support requirements.
If you are one of the increasing numbers of organizations looking to migrate from ZL Unified Archive to a more modern, secure, cloud-based archive, we’ve covered a range of options below to help you evaluate and choose a solution that best suits your business.
Moving on From ZL Unified Archive
Whether you’re currently relying on the ZL Unified Archive as an on-premises solution or in a hybrid or multi-tenant cloud environment, you’re likely looking to migrate your archive to a more modern cloud archive. Now key to modern business operations, the public cloud gives organizations the agility and scalability to compete in a fast-moving business world. As more challengers enter traditional markets operating entirely in the cloud, many incumbent businesses are making use of the cloud’s power to ensure they maintain their status and competitive advantage.
In the public cloud, businesses have many more options, especially when it comes to their data and the security of it. Whether it’s access to best-in-class security features or modern analysis tools using AI (Artificial Intelligence) and ML (Machine Learning), modern public cloud platforms make it possible for organizations to take control and unlock business benefits from previously dormant data. So how does one go about moving their existing archive to the public cloud?
Archiving in the Cloud: The Two Main Options
A quick Google search for ‘cloud archiving’ will deliver a wide range of results. However, to simplify things, you can position most cloud archives into two distinct camps. Those offered via SaaS (Software as a Service) and those based in the public cloud. And there are major differences between the two.
A SaaS archive, hosted in a multi-tenant cloud, is tempting due to its simplicity. SaaS archiving solutions like Global Relay, Mimecast, or Smarsh look like great options, especially for those moving from an on-premises archive, given their hands-off nature. However, SaaS archives have their issues, and it’s wise to evaluate them before opting for the seemingly easy option. For a start, SaaS solutions deprive you of full control over your company’s archived data by not allowing you to apply your own security processes and protocols. They also restrict the tools you can use to access and analyze your data.
Conversely, there’s migrating to your own public Platform as a Service-based (PaaS) cloud tenant. Here, there are none of the compromises associated with SaaS archiving. You simply choose the archiving or information management solution that best meets the needs of your business and determine the security processes and protocols you wish based on your company’s unique needs and risk posture.
Be sure you understand the costs and timelines to migrate your archived data if dissatisfied. Many SaaS providers will structure their cloud archive and convert your data to a proprietary format to make it difficult and costly to move your data later. This practice is known as data ransoming – applying data throttling (slowing the rate of data movement out of the archive) and charging massive sums to reconvert your data back to its original format.
Next, we’ll compare the two options in a little more detail…
Option 1: The Sorry State of SaaS Archiving
Archiving has been offered via the SaaS model for more than a decade now and rose to prominence when cloud computing was in its infancy. Because of the fairly effortless way in which it enabled businesses to do away with their on-premises servers (as well as the associated maintenance costs) and switch to an ongoing subscription fee, SaaS quickly became a popular archiving option. However, now the hyperscale cloud is more accessible than ever before, not to mention powerful, legacy SaaS solutions have a hard time keeping up. Because they were designed for a time before the demands of today’s businesses – from scalability and agility to archiving multiple file formats – SaaS archives were not developed to support the demands of today’s modern cloud environment. SaaS isn’t able to adapt quickly enough to new business requirements nor the frequent changes to regulations. Now, the only true similarity between SaaS archiving and truly flexible archiving in public clouds like those from Amazon, Google, and Microsoft, is the lack of on-premises infrastructure.
You’ll probably hear SaaS vendors claim that they provide ‘the best turn-key cloud archiving platform’ but, in reality, all they’re doing is creating the same problems you’ve experienced with legacy on-premises infrastructure; no way to access powerful analytics through Machine Learning and AI and, as a result of being built on outdated technology, no cost-efficient or simple upgrade route to access the features demanded by today’s customers – if they’re even possible at all.
Too many tenants
SaaS is also lacking when it comes to data storage. Most of the SaaS vendors you will encounter don’t, in fact, own their own datacenters. What they actually do is rent a piece of a public cloud from a cloud provider who is also hosting hundreds or thousands of other tenants. By definition, a SaaS solution offering provides a single application for multiple clients to utilize. Because of this model, the SaaS application does not have the ability to be customized in any meaningful way for each client. This is what’s known as a multi-tenant cloud within a cloud, and it has some major failings when compared to the true hyper-scale public cloud, not least when it comes to security. First, because the SaaS vendor operates from a one-size-fits-all perspective when it comes to cloud services, you have no say over the security policies that protect that cloud application. Second, only the SaaS vendor has control of the encryption keys used to secure your sensitive data. This means that any or all of your company’s data stored within this multi-tenant cloud could be inadvertently shared with any or all of the SaaS vendor’s other clients who also archive their data there. It also means – and this is a big concern – that the vendor can access your data at any time or provide access to government authorities without your knowledge or say so. Without control of your own encryption key, the chances of unauthorized access, data leakage, or deletion are much higher.
Holding your data for ransom
Beyond the security issues SaaS archives bring, it also limits control over the data you archive. As we touched on before, many SaaS vendors will wrap your original archived files in a proprietary format for use in their system, which means only tools that the vendor provides will be able to access them. Everything from eDiscovery searches to analysis has to be performed using tools sanctioned by the vendor, which rules out the chance to analyze your data with newer, more powerful, cloud-based AI or Machine Learning tools that provide content-based auto-classification and supervision for more accurate information management. This also means you could be forced to pay significant ‘exit’ reconversion’ fees should you ever wish to move your data elsewhere. Additionally, some SaaS vendors practice data throttling when clients decide to move to another cloud. Data throttling is the practice of slowing down the extraction speed of data being migrated to another cloud. This strategy hopes to get the client to abandon the move by making the migration take an unreasonable amount of time – months or years. This data ransoming also limits your ability to make meaningful use of your data during the exit due to the SaaS vendor-specific format.
As you dig beneath SaaS archiving’s perceived simplicity, you will find many negatives of this kind. A seemingly simple solution like this can quickly become a roadblock for your business and stall your future digital transformation plans. So, where do you turn? The answer is to bypass all of these restrictions and migrate your data to a cloud that you own and, most importantly, have control over.
Potential SaaS archiving pitfalls:
- No access to encryption keys
- Little to no control over security policies
- Little or no control over your data’s geographic location – data sovereignty
- Proprietary file formats limit your ability to move your data without data ransoming
- Limited search and review options for audio, video and other non-email files
- Data analysis and eDiscovery functionality is limited to “lowest common denominator” vendor-provided tools
The Sad Facts Behind the SaaS Security Stats
In a recent survey of global IT executives, including VPs, Directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all their security requirements. 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft Office 365 and Salesforce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that many SaaS solutions don’t provide the security standards and flexibility modern organizations require.
On the topic of encryption keys, an astounding 95% of respondents believed it was important to control their own encryption keys, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would require more security customization in the future, with 63% of them planning to retire current SaaS applications that don’t provide them control over encryption key creation and management.
These statistics paint a clear picture of the security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for organizations’ risk mitigation efforts. Instead, more secure and customizable solutions will be a major focus.
Strangled Security: A SaaS-Based Archive Doesn’t Let You Control…
- Encryption key management and storage
- Audit of encryption key use
- Custom compliance reporting
- Cloud-native directories
- Granular access controls
- Identity management
- Threat detection
Of course, it’s unfair to say that a move to your own public cloud won’t introduce its own set of best practices when it comes to security. You will, however, be in complete control of the outcomes. Moving to the cloud will require you to think differently about security by comparison to an on-premises archive or a static SaaS cloud. However, as always, the benefits outweigh the small amount of additional effort required. In the hyperscale cloud, you can match your security environment to your organization’s unique requirements, follow the same processes, and comply with the changing regulations. However, you will also benefit from less risk and far greater protection than you ever did on-premises.
The big hyper-cloud providers like Microsoft and Amazon don’t mess around when it comes to security. It’s crucial to their businesses that their security standards are always state of the art. That’s why they invest millions of dollars and countless resources into constantly upgrading and protecting their platforms from some of the world’s most dangerous hackers, ransomware, malware, and new and emerging threats. They’re so focused on security, they have effectively become the internet’s de facto police, interacting with governments and major security bodies to help eliminate threats and prevent damage to their customers’ data. As an owner of a cloud tenant from such providers, your data is protected by security of the highest standard. A standard that even the biggest SaaS vendors don’t have the investment or experience to match.
Option 2: Your Own Cloud Under Your Control
For complete control over your archived data while remaining true to your compliance and regulatory requirements, migrating your legacy archive to your own public cloud is the only option. By bringing together the power and infrastructure security of a hyper-scale public cloud from Microsoft or Amazon with a quality Platform as a Service information management and archiving solution, you can create the best possible solution for your business.
Your data remains in its native format, best-in-class security is assured, and cloud-scale AI and Machine Learning tools become a realistic option. Not only that, but you can also automate data management and handling for accurate supervision, predictive surveillance, auto-classification, and eDiscovery response.
When it comes to information management, records management, and archiving, it doesn’t get any better than that. These significant, future-proof features highlight just why a SaaS cloud solution should be avoided and the hyper-scale public cloud should become your archiving platform of choice.
By archiving in your own hyper-scale public cloud, you gain…
- Immediate access to your data in its native format
- Full control of where data is stored for data sovereignty
- Complete, customizable control over security, compliance, and privacy including complete control of your company’s encryption keys
- Flexibility and on-demand scalability – use only what you need
- Reduced upfront investment (over on-premises solutions) and predictable ongoing costs – CapEx versus OpEx
- The ability to remove the archive solution from your cloud tenancy without need to move it and pay ransom fees
- Faster, scalable eDiscovery searches, case management, litigation hold placement, as well as customizable retention/disposition policy controls for regulatory compliance
- Access to the latest AI and ML technology for auto-data classification, data mining, and analysis
- The ability to capture, index and granularly search and review content within audio, video and social media files
Multi-Tenant SaaS vs Dedicated SaaS: what you need to know
All cloud archives are not created equal. There are major differences between archives deployed in a dedicated SaaS model versus a multi-tenant model that affect the security, accessibility and functionality of your archived data. This Technical Guide explores what you will need to consider in order to make an informed decision.
Archive360 Open Archive vs SaaS Archives
Discover all the benefits of Archive360's Archive2Azure
|Features||SaaS Archives||Open Archive|
|Host data in your corporate cloud|
|Protect Data with encryption keys|
|Meet SEC 17a-4 regulations|
|Meet GDPR Regulations||Limited|
|Active user-based pricing|
|Standard eDiscovery with case management|
|Manage any content/data type||Limited|
|Records analysis, classification and management||Limited|
|Policy-driven records classification and transformation|
|Data Loss Prevention and sensitive data analysis alerts|
|Export and produce data for third party consumption|
|Role-based access with Active Directory Integration||Limited|
|Native import and export with O365, SharePoint Online and OneDrive||Limited|
|Accelerated onboarding at 50 TB per day|
|Restore legacy archives back to native format|
|Active user-based pricing|
|Interactive Users - free of charge (restrictions apply)|
Getting Your Data Out of ZL Unified Archive
By now, you’re probably starting to think about moving away from the ZL Unified Archive to a more modern, secure and capable information management and archiving solution. If so, your first consideration should be what to do with the terabytes, if not petabytes of data currently stored in your legacy ZL archives. This is where you’ll need an experienced partner to help you migrate your data quickly and in a legally defensible manner, without interruption to your ongoing business activities.
There are a number of companies, including QuadroTech and Transvault, that offer migration services. Instead, you should ensure that you choose a high-performance migration tool that suits your specific business, compliance and legal needs. It should be a tool that’s able to move your data to the cloud at high speed while also making sure that the migration is complete, accurate, and ensures chain of custody.
At this stage, you should also decide whether you want to archive or journal in your new cloud and whether you should move your existing archived data to Office 365, another cloud email archive (SaaS), or your company’s own hyperscale cloud tenancy.
Our combination of experience and cloud-based automation is going to make you look really good.
- Complete chain-of-custody and exception reporting down to the item level
- Advanced features for managing your stubs to ensure your end-users experience zero disruption
- Unique approach to handling journal archives your legal and compliance teams will appreciate
- Many destination options including Office 365 and dozens of other cloud-based and on-premises archives
We interviewed 1,100 customers to learn what they loved and hated about their legacy archive and used that insight to create a completely new kind of archive platform.
- More secure: If you don't control your encryption keys, you don't control your data. With our archive, only you have access to your encryption keys.
- More private: Privacy laws require you to retain data in the region it was created. SaaS archives don't do that. Our archive automatically stores employee and customer data in the country of origin.
- More insight: Your archive holds incredible insight that until now has been trapped in a black box. Our archive empowers you to extract intelligence from your emails, files and videos for the first time.
A Word About Journals and Journal Migration
For most organizations, data repositories are getting bigger, more costly, and becoming more complex and wide-ranging by the day. On top of this, the regulatory and legal climate is growing increasingly more complex and stringent, with new, stricter regulatory retention requirements added every year.
The chances are your organization must comply with the financial services industry’s very prescriptive SEC 17, FINRA, and MiFID II requirements, have a legal need to ensure ongoing litigation hold requirements of specific custodian data, or want to conduct targeted internal investigations.
The need to capture, store, protect, index/make searchable, audit, and export (with full metadata intact) has radically expanded beyond everyday email. Your compliance journals must now include content from collaboration platforms like Bloomberg Chat, Slack, Salesforce activity, social media platforms, Microsoft Teams, and many other sources.
Migrating a legacy journal in a legally defensible manner is not easy and should only be done by those with a long history of success. Some migration vendors will tell you that “exploding” or “splitting” journals so that they can be inserted into Office 365 is the best process. Be aware that Microsoft frowns on this practice and instead suggests that the intact legacy journals be migrated into another third-party cloud archive. Some companies have chosen to migrate their journals into a SaaS cloud infrastructure, but with the issues already highlighted with SaaS clouds, the better choice is to move them into your own, company-controlled cloud tenancy. This will keep the compliance journal completely intact, reducing your risk of non-compliance.
Let Us Answer Your Migration Questions
We know how big a decision to move away from your current archiving tool to a different product in the hyperscale cloud is. We also know from experience that you have concerns when taking on such a major project. Having carried out more than a thousand successful legacy archive and journal migrations, Archive360 understands the challenges and has the experience to deal with any queries you might have. As part of our initial discussions, we’ll help to dispel any fears, answering questions that will likely include some of the following…
- How much data do I actually have in my archive and what kind of data is it?
- Is there a cost to move my data out of my legacy archive? If so, what is it?
- Does the archived data need to be reconverted back to its original format?
- How much “dark data” do I have (such as archived messages from inactive users and leavers)?
- Do I need to migrate the entire archive and/or the journal archive?
- I have ongoing or pending litigation; can I still migrate my archived mail?
- How do I manage archived email that is under legal hold? What special handling is needed to maintain chain of custody?
- Will I be able to account for 100% of my archived mail?
- How long will the migration take?
Archive360 Email Migration Software Product Highlights
Archive360 offers the most trusted email archive migration solution available - specifically designed for the ZL Unified Archive. Fully integrated with the solution’s APIs for faster, more accurate data extractions, Archive360 extracts messages and attachments, including all metadata, directly from the archive, and maintains an item-level audit trail for compliance and legal reporting. It also preserves complete, original message fidelity for eDiscovery and regulatory information requests.
Archive360 ZL Unified Archive migration detail:
- Utilizes a multi-threaded, multi-server architecture
Provides the highest performance and accuracy of all migration solutions
- Uses native ZL Unified Archive web APIs
Enables search and filtering of emails by custodian, date range and other criteria
- Does not require indexing or data gathering before extraction
Begin message extraction within minutes of installation unlike other solutions that take days or weeks to index before project start
- Message level chain of custody reporting
Legally defensible reporting reduces eDiscovery risk
- Intuitive and powerful graphical user interface
Less time needed for training – faster time to migration
The Cloud Archive Organizations Trust
Archive360 provides the cloud archive trusted by enterprises and government agencies worldwide. Archive2Azure is purpose-built to run in the hyperscale cloud. Installed and run from your organization’s individual public cloud tenancy, you retain all the power, flexibility, and management while maintaining complete control of your data and its security, including encryption keys that only you have access to. Additionally, unlike on-premises and SaaS archiving solutions, you are free to unlock valuable insights via data analytics and carry out powerful searches on your data using the latest cloud-based tools that will benefit multiple teams across your business, from HR to legal and compliance.
Find out why major, regulated organizations around the world trust Archive360 with their most sensitive data. Get in touch to request a demo today.
Archive Migration Connectors
Archive360 has successfully helped more than 2,000 customers extract data from 20+ enterprise archives, legacy applications, and file system repositories, including the following:
(click on the link for more information)