In the early 2000s, as the regulatory and legal landscape shifted, email and data archiving tools from ZipLip (as ZL Technologies was then known) were a popular choice for large organizations looking to ensure regulatory compliance. The addition of records management functionality later in the decade further increased its usefulness. With its main offering, ZL Unified Archive, enterprise customers could meet their file management needs and, by 2012, search their archives with its eDiscovery module and analysis tools.
Today, ZL Unified Archive offers archiving and records management hosted on-premises or in the cloud as part of a private, multi-tenant or hybrid model with proprietary tools designed to reduce data sprawl and enable companies to control their enterprise content.
However, organizations looking at digital transformation are increasingly frustrated by ZL Unified Archive. While it offers a comprehensive set of tools and makes life easier by centralizing data into a single repository, users are bound to the tools specific to the platform and a limited on-premises or cloud deployment, as a result, they are unable to make use of additional solutions for analysis as they could with an archive hosted in their own public cloud. Additionally, like many legacy archiving tools, users report concerns with inconsistent search results and question the ability of the product to meet their compliance and litigation support requirements.
If you are one of the increasing numbers of organizations looking to migrate from ZL Unified Archive to a more modern, secure, cloud-based archive, we’ve covered a range of options below to help you evaluate and choose a solution that best suits your business.
Moving on From ZL Unified Archive
Whether you’re currently relying on the ZL Unified Archive as an on-premises solution or in a hybrid or multi-tenant cloud environment, you’re likely looking to migrate your archive to a more modern cloud archive. Now key to modern business operations, the public cloud gives organizations the agility and scalability to compete in a fast-moving business world. As more challengers enter traditional markets operating entirely in the cloud, many incumbent businesses are making use of the cloud’s power to ensure they maintain their status and competitive advantage.
In the public cloud, businesses have many more options, especially when it comes to their data and the security of it. Whether it’s access to best-in-class security features or modern analysis tools using AI (Artificial Intelligence) and ML (Machine Learning), modern public cloud platforms make it possible for organizations to take control and unlock business benefits from previously dormant data. So how does one go about moving their existing archive to the public cloud?
Archiving in the Cloud: The Two Main Options
A quick Google search for ‘cloud archiving’ will deliver a wide range of results. However, to simplify things, you can position most cloud archives into two distinct camps. Those offered via SaaS (Software as a Service) and those based in the public cloud. And there are major differences between the two.
A SaaS archive, hosted in a multi-tenant cloud, is tempting due to its simplicity. SaaS archiving solutions like Global Relay, Mimecast, or Smarsh look like great options, especially for those moving from an on-premises archive, given their hands-off nature. However, SaaS archives have their issues, and it’s wise to evaluate them before opting for the seemingly easy option. For a start, SaaS solutions deprive you of full control over your company’s archived data by not allowing you to apply your own security processes and protocols. They also restrict the tools you can use to access and analyze your data.
Conversely, there’s migrating to your own public Platform as a Service-based (PaaS) cloud tenant. Here, there are none of the compromises associated with SaaS archiving. You simply choose the archiving or information management solution that best meets the needs of your business and determine the security processes and protocols you wish based on your company’s unique needs and risk posture.
Be sure you understand the costs and timelines to migrate your archived data if dissatisfied. Many SaaS providers will structure their cloud archive and convert your data to a proprietary format to make it difficult and costly to move your data later. This practice is known as data ransoming – applying data throttling (slowing the rate of data movement out of the archive) and charging massive sums to reconvert your data back to its original format.
Next, we’ll compare the two options in a little more detail…
Option 1: The Sorry State of SaaS Archiving
Archiving has been offered via the SaaS model for more than a decade now and rose to prominence when cloud computing was in its infancy. Because of the fairly effortless way in which it enabled businesses to do away with their on-premises servers (as well as the associated maintenance costs) and switch to an ongoing subscription fee, SaaS quickly became a popular archiving option. However, now the hyperscale cloud is more accessible than ever before, not to mention powerful, legacy SaaS solutions have a hard time keeping up. Because they were designed for a time before the demands of today’s businesses – from scalability and agility to archiving multiple file formats – SaaS archives were not developed to support the demands of today’s modern cloud environment. SaaS isn’t able to adapt quickly enough to new business requirements nor the frequent changes to regulations. Now, the only true similarity between SaaS archiving and truly flexible archiving in public clouds like those from Amazon, Google, and Microsoft, is the lack of on-premises infrastructure.
You’ll probably hear SaaS vendors claim that they provide ‘the best turn-key cloud archiving platform’ but, in reality, all they’re doing is creating the same problems you’ve experienced with legacy on-premises infrastructure; no way to access powerful analytics through Machine Learning and AI and, as a result of being built on outdated technology, no cost-efficient or simple upgrade route to access the features demanded by today’s customers – if they’re even possible at all.
Too many tenants
SaaS is also lacking when it comes to data storage. Most of the SaaS vendors you will encounter don’t, in fact, own their own datacenters. What they actually do is rent a piece of a public cloud from a cloud provider who is also hosting hundreds or thousands of other tenants. By definition, a SaaS solution offering provides a single application for multiple clients to utilize. Because of this model, the SaaS application does not have the ability to be customized in any meaningful way for each client. This is what’s known as a multi-tenant cloud within a cloud, and it has some major failings when compared to the true hyper-scale public cloud, not least when it comes to security. First, because the SaaS vendor operates from a one-size-fits-all perspective when it comes to cloud services, you have no say over the security policies that protect that cloud application. Second, only the SaaS vendor has control of the encryption keys used to secure your sensitive data. This means that any or all of your company’s data stored within this multi-tenant cloud could be inadvertently shared with any or all of the SaaS vendor’s other clients who also archive their data there. It also means – and this is a big concern – that the vendor can access your data at any time or provide access to government authorities without your knowledge or say so. Without control of your own encryption key, the chances of unauthorized access, data leakage, or deletion are much higher.
Holding your data for ransom
Beyond the security issues SaaS archives bring, it also limits control over the data you archive. As we touched on before, many SaaS vendors will wrap your original archived files in a proprietary format for use in their system, which means only tools that the vendor provides will be able to access them. Everything from eDiscovery searches to analysis has to be performed using tools sanctioned by the vendor, which rules out the chance to analyze your data with newer, more powerful, cloud-based AI or Machine Learning tools that provide content-based auto-classification and supervision for more accurate information management. This also means you could be forced to pay significant ‘exit’ reconversion’ fees should you ever wish to move your data elsewhere. Additionally, some SaaS vendors practice data throttling when clients decide to move to another cloud. Data throttling is the practice of slowing down the extraction speed of data being migrated to another cloud. This strategy hopes to get the client to abandon the move by making the migration take an unreasonable amount of time – months or years. This data ransoming also limits your ability to make meaningful use of your data during the exit due to the SaaS vendor-specific format.
As you dig beneath SaaS archiving’s perceived simplicity, you will find many negatives of this kind. A seemingly simple solution like this can quickly become a roadblock for your business and stall your future digital transformation plans. So, where do you turn? The answer is to bypass all of these restrictions and migrate your data to a cloud that you own and, most importantly, have control over.
Potential SaaS archiving pitfalls:
- No access to encryption keys
- Little to no control over security policies
- Little or no control over your data’s geographic location – data sovereignty
- Proprietary file formats limit your ability to move your data without data ransoming
- Limited search and review options for audio, video and other non-email files
- Data analysis and eDiscovery functionality is limited to “lowest common denominator” vendor-provided tools
The Sad Facts Behind the SaaS Security Stats
In a recent survey of global IT executives, including VPs, Directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all their security requirements. 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft Office 365 and Salesforce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that many SaaS solutions don’t provide the security standards and flexibility modern organizations require.
On the topic of encryption keys, an astounding 95% of respondents believed it was important to control their own encryption keys, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would require more security customization in the future, with 63% of them planning to retire current SaaS applications that don’t provide them control over encryption key creation and management.
These statistics paint a clear picture of the security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for organizations’ risk mitigation efforts. Instead, more secure and customizable solutions will be a major focus.
Strangled Security: A SaaS-Based Archive Doesn’t Let You Control…
- Encryption key management and storage
- Audit of encryption key use
- Custom compliance reporting
- Cloud-native directories
- Granular access controls
- Identity management
- Threat detection
Of course, it’s unfair to say that a move to your own public cloud won’t introduce its own set of best practices when it comes to security. You will, however, be in complete control of the outcomes. Moving to the cloud will require you to think differently about security by comparison to an on-premises archive or a static SaaS cloud. However, as always, the benefits outweigh the small amount of additional effort required. In the hyperscale cloud, you can match your security environment to your organization’s unique requirements, follow the same processes, and comply with the changing regulations. However, you will also benefit from less risk and far greater protection than you ever did on-premises.
The big hyper-cloud providers like Microsoft and Amazon don’t mess around when it comes to security. It’s crucial to their businesses that their security standards are always state of the art. That’s why they invest millions of dollars and countless resources into constantly upgrading and protecting their platforms from some of the world’s most dangerous hackers, ransomware, malware, and new and emerging threats. They’re so focused on security, they have effectively become the internet’s de facto police, interacting with governments and major security bodies to help eliminate threats and prevent damage to their customers’ data. As an owner of a cloud tenant from such providers, your data is protected by security of the highest standard. A standard that even the biggest SaaS vendors don’t have the investment or experience to match.
Download Now
Multi-Tenant SaaS vs Dedicated SaaS: what you need to know
All cloud archives are not created equal. There are major differences between archives deployed in a dedicated SaaS model versus a multi-tenant model that affect the security, accessibility and functionality of your archived data. This Technical Guide explores what you will need to consider in order to make an informed decision.
A Word About Journals and Journal Migration
For most organizations, data repositories are getting bigger, more costly, and becoming more complex and wide-ranging by the day. On top of this, the regulatory and legal climate is growing increasingly more complex and stringent, with new, stricter regulatory retention requirements added every year.
The chances are your organization must comply with the financial services industry’s very prescriptive SEC 17, FINRA, and MiFID II requirements, have a legal need to ensure ongoing litigation hold requirements of specific custodian data, or want to conduct targeted internal investigations.
The need to capture, store, protect, index/make searchable, audit, and export (with full metadata intact) has radically expanded beyond everyday email. Your compliance journals must now include content from collaboration platforms like Bloomberg Chat, Slack, Salesforce activity, social media platforms, Microsoft Teams, and many other sources.
Migrating a legacy journal in a legally defensible manner is not easy and should only be done by those with a long history of success. Some migration vendors will tell you that “exploding” or “splitting” journals so that they can be inserted into Office 365 is the best process. Be aware that Microsoft frowns on this practice and instead suggests that the intact legacy journals be migrated into another third-party cloud archive. Some companies have chosen to migrate their journals into a SaaS cloud infrastructure, but with the issues already highlighted with SaaS clouds, the better choice is to move them into your own, company-controlled cloud tenancy. This will keep the compliance journal completely intact, reducing your risk of non-compliance.
Learn More
Archive360 Email Migration Software Product Highlights
Archive360 offers the most trusted email archive migration solution available - specifically designed for the ZL Unified Archive. Fully integrated with the solution’s APIs for faster, more accurate data extractions, Archive360 extracts messages and attachments, including all metadata, directly from the archive, and maintains an item-level audit trail for compliance and legal reporting. It also preserves complete, original message fidelity for eDiscovery and regulatory information requests.
