Click on any chapter to jump directly to it.
Whether you’re currently relying on the Zovy Archive as an on-premises solution or in a hosted environment, you’re likely looking to migrate your archive to a more modern cloud archive. With more of the workforce working remotely and organizations looking to reduce costs, the cloud has become an essential part of modern business across every industry. With ‘born in the cloud’ companies disrupting existing industries, cloud-based solutions are imperative for organizations to remain competitive and agile in rapidly changing markets.
When it comes to data security and information management, the cloud also offers businesses many more options, especially when it comes to their data security. From best-in-class protection for their information to cutting edge capabilities like AI (Artificial Intelligence) and ML (Machine Learning), modern cloud platforms open up a world of new opportunities for organizations to secure and do more with their data.
However, just because a vendor uses the word ‘cloud’ doesn’t mean you’ll experience its true benefit. The term has become synonymous with any kind of remote tool or service that operates online and doesn’t require physical infrastructure for storage. You likely use productivity tools from Google or Microsoft that exist in the cloud, some or all of your business systems will likely be ‘cloud-based’, and even the Zovy Archive’s hosted platform operates in a third-party cloud of sorts. But to harness the true power of the cloud, it’s important to understand the pros and cons of different cloud archiving options. Moving your legacy on-premises or hosted archives to a modern, hyperscale public cloud environment provides you with the flexibility, power, and tools required to secure your data, reduce your TCO costs and compete in an increasingly connected, digital business world. Such a shift in your infrastructure will bring about rapid benefits for your business and help to accelerate your company’s digital transformation strategy.
While there are many vendors and services to choose from, cloud archiving falls into two primary camps. Those offered via SaaS (Software as a Service) and those based in the public cloud. And the two differ wildly when it comes to features and functionality.
Many organizations have already looked into information archiving for regulatory compliance, information governance, and litigation preparedness and have considered turn-key SaaS archiving solutions such as Global Relay, Mimecast, or Smarsh. On the surface, they check all the basic boxes for functionality and offer that “out of the box” ease many are looking for. However, SaaS archiving solutions have many drawbacks, including the fact that SaaS solutions rob you of full control over your company’s archived data. Be sure you understand the costs and timelines to migrate your archived data if dissatisfied. Many SaaS providers will structure their cloud archive and convert your data to a proprietary format to make it difficult and costly to move your data later – a practice is known as data ransoming.
On the other side, there’s the option to migrate to your own public cloud tenant where none of these compromises exist. You simply choose the archiving or information management solution that suits your business, set the exact levels of security, and provide and manage your own encryption keys based on your company’s unique needs and risk posture.
Let’s take a look at the two options in more detail…
Vendors like Mimecast and Smarsh have been offering SaaS-based archiving solutions for a long time now and were popular in the early days of cloud computing thanks to their seemingly hassle-free nature and subscription-based model. When the decision was as simple as replacing costly on-premises infrastructure with a hands-off, web-based solution, many jumped at the chance. However, now that the true, hyperscale cloud is more powerful and accessible than ever, it’s obvious the legacy SaaS solutions haven’t kept up with the times. They were designed in an era before the on-demand, multi-format world we live in today and, put simply, were not developed to support the demands of the modern cloud environment. Key to information archiving and management success in the modern era is security, agility, and scalability, enabling organizations to quickly adapt to changes in risk, technology, regulations, or the actions of competitors. But one-size-fits-all SaaS archives aren’t able to keep up in this way. They can’t adapt fast enough to the newest cyber threats, new and emerging regulatory requirements, or scale up and down as needed.
Yes, SaaS platforms were once the best (and only) solution, but in today’s business environment, their limitations far outweigh their benefits. The only true similarity between SaaS archiving and archiving in public clouds from Amazon, Google, and Microsoft is the lack of need for on-premises infrastructure.
A cloud you don’t own
And the SaaS model has another major failing when it comes to data storage – many SaaS vendors don’t own their own datacenters. Because they use what is known as a multi-tenant cloud, they effectively rent space from a cloud provider who is also hosting hundreds or thousands of other tenants. By definition, a SaaS solution offering provides a single application for multiple clients to utilize. Because of this model, the SaaS application does not have the ability to be customized in any meaningful way for each client. Not only are you forced to adhere to the vendor’s one-size-fits-all security policies but, in a multi-tenant cloud, the vendor and not the data owner has control of the encryption keys. This means your company’s data could be inadvertently shared with any or all of the SaaS vendor’s other clients residing in the same cloud. Even worse, it means the vendor can access your data at any time or provide access to government authorities without your knowledge or say so. Setting aside the fact that a lack of encryption key access or management significantly increases the chances of unauthorized access, data corruption, or deletion, this is a major security red flag.
Locked down data
On top of the serious security issues SaaS archiving introduces, there is another issue with SaaS applications, the lack of control and client-specific management capabilities over the data. Because most SaaS vendors use a proprietary format to store your files, only tools provided by the vendor can access and utilize them. This means you could be forced to pay significant ‘reconversion’ fees should you ever wish to move your data elsewhere. Additionally, some SaaS vendors practice data throttling when clients decide to move to another cloud. Data throttling is the practice of slowing down the exit speed of data being migrated to another cloud. This strategy hopes to get the client to abandon the move by making the migration take an unreasonable amount of time – months or years. This data ransoming also limits your ability to make use of your data during the exit due to the SaaS vendor-specific proprietary format.
There are many negatives to SaaS archiving, likely more than you would have expected. What seems like a simple solution can quickly become a roadblock to your business and its future digital plans. So why not avoid these limitations by migrating to a cloud you own and, most importantly, you control?
In a recent survey of global IT executives, including VPs, Directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all their security requirements. 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft Office 365 and Salesforce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that many SaaS solutions don’t provide the security standards and flexibility modern organizations require.
On the topic of encryption keys, an astounding 95% of respondents believed it was important to control their own encryption keys, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would require more security customization in the future, with 63% of them planning to retire current SaaS applications that don’t provide them control over encryption key creation and management.
These statistics paint a clear picture of the security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for organizations’ risk mitigation efforts. Instead, more secure and customizable solutions will be a major focus.
Moving to the hyperscale cloud will involve some change, especially when it comes to security best practices. There will be different security elements to consider in comparison to an on-premises archive or one in a legacy SaaS cloud. What you gain, however, is complete flexibility. In the hyperscale cloud you can create your security environment to match the specific needs of your business. You can follow the same processes and comply with the same regulations as you always did with the added benefit that your data will be even more secure. Major cloud providers like Microsoft and Amazon can’t afford to let their security standards slip. Breaches would be bad for their business, and they’re already prime targets for some of the most powerful hackers in the world. For this reason, they invest millions of dollars and countless resources into protecting their platforms. So much so that they have become the authorities on cloud cybersecurity, interacting with governments and others to help eliminate threats and spot emerging dangers. Wouldn’t it be great to be protected by next-generation, always evolving security capabilities provided by the best cloud providers in the business? Well, that’s what you get in the hyperscale cloud. SaaS vendors can’t begin to match this level of investment and experience in data security.
There is a readily available solution to retain complete control over your sensitive archived data while applying your own security standards and protocols. To achieve this, you must migrate your legacy archive data to an archive hosted and managed in your own hyperscale cloud.
By combining the power and infrastructure security of clouds provided by Microsoft or Amazon with a high-quality Platform as a Service-based information management and archiving solution, you will gain complete control over your data. Not only will your data remain in its native format, but you will also benefit from the best possible security and management capabilities, as well as access to cloud-scale AI and Machine Learning to unlock crucial business insight from your data. You will also be able to automate data management and handling for accurate supervision, predictive surveillance, auto-classification, and eDiscovery response.
Such features showcase the significant, future-proof benefits of the hyperscale cloud and highlight the major limitations of SaaS archives.
Your own hyperscale cloud should give you…
All cloud archives are not created equal. There are major differences between archives deployed in a SaaS model versus a PaaS model that affect the security, accessibility and functionality of your archived data. This Technical Guide explores what you will need to consider in order to make an informed decision about PaaS versus SaaS.
|Features||SaaS Archives||Open Archive|
|Host data in your corporate cloud|
|Protect Data with encryption keys|
|Meet SEC 17a-4 regulations|
|Meet GDPR Regulations||Limited|
|Active user-based pricing|
|Standard eDiscovery with case management|
|Manage any content/data type||Limited|
|Records analysis, classification and management||Limited|
|Policy-driven records classification and transformation|
|Data Loss Prevention and sensitive data analysis alerts|
|Export and produce data for third party consumption|
|Role-based access with Active Directory Integration||Limited|
|Native import and export with O365, SharePoint Online and OneDrive||Limited|
|Accelerated onboarding at 50 TB per day|
|Restore legacy archives back to native format|
|Active user-based pricing|
|Interactive Users - free of charge (restrictions apply)|
If your aim is to move away from the Zovy Archive to a more modern and capable archiving solution, the first decision you need to make is what to do with the terabytes or even petabytes of data that are currently stored in your legacy Zovy Archive. Here, you’ll need a partner to help you migrate your data quickly and in a legally defensible manner without interruption to your ongoing business activities.
Many companies, including QuadroTech and Transvault, offer migration services, but instead, you should ensure that you choose a high-performance email migration tool that suits your specific business, compliance, and legal needs. Such a tool should be able to move your data to the cloud at high speed while also ensuring that the migration is complete, accurate, and ensures chain of custody.
At this stage, it’s also worth deciding whether if you want to archive or journal in your new cloud and whether you should move your existing archived data to Office 365, another email archive, or your company’s own hyperscale cloud tenancy.
Our combination of experience and cloud-based automation is going to make you look really good.
We interviewed 1,100 customers to learn what they loved and hated about their legacy archive and used that insight to create a completely new kind of archive platform.
For most organizations, data repositories are getting bigger, more costly, and becoming more complex and wide-ranging by the day. On top of this, the regulatory and legal climate is growing increasingly more stringent, with new, stricter regulatory retention requirements added every year.
The chances are your organization must comply with the financial services industry’s very prescriptive SEC 17, FINRA, and MiFID II requirements, or have a legal need to ensure ongoing litigation hold requirement of specific custodian data or want to conduct targeted internal investigations.
The need to capture, store, protect, index/make searchable, audit, and export (with full metadata intact) has radically expanded beyond everyday email. Your compliance journals must now include content from collaboration platforms like Bloomberg Chat, Slack, Salesforce activity, social media platforms, Microsoft Teams, and many other sources.
Migrating a legacy journal in a legally defensible manner is not easy and should only be done by those with a long history of success. Some migration vendors will tell you that “exploding” or “splitting” journals so that they can be inserted into Office 365 is the best process. However, Microsoft frowns on this practice and instead suggests that the intact legacy journals be migrated into another third-party cloud archive. Some companies have chosen to migrate their journals into a SaaS cloud infrastructure, but with the issues already highlighted with SaaS clouds, the better choice is to move them into your own, company-controlled cloud tenancy.
Archive360 is well aware of how significant the decision to move away from legacy archives to the hyperscale cloud is. We also understand the concerns you may have when taking on such a major project. Over the years, we’ve carried out more than a thousand successful legacy archive migrations, which means we have the experience and know the types of questions you need answers to. Our initial discussions will help to dispel any fears as we answer your questions that will most likely include the following…
Archive360 offers the most trusted email archive migration solution available - specifically designed for the Zovy Archive. Fully integrated with the solution’s APIs for faster, more accurate data extractions, Archive360 extracts messages and attachments, including all metadata, directly from the archive, and maintains an item-level audit trail for compliance and legal reporting. It also preserves complete, original message fidelity for eDiscovery and regulatory information requests.
Archive360 provides the cloud archive trusted by enterprises and government agencies worldwide, Archive2Azure, purpose-built to run in the hyperscale cloud. Installed and run from your organization’s individual public cloud tenancy, you retain all the power, flexibility, and management while maintaining complete control of your data and its security, including encryption keys that only you have access to. Additionally, unlike on-premises and SaaS archiving solutions, you are free to unlock valuable insights via data analytics and carry out powerful searches on your data using the latest cloud-based tools that will benefit multiple teams across your business, from HR to legal and compliance.
Find out why major, regulated organizations around the world trust Archive360 with their most sensitive data. Get in touch to request a demo today.
Read our product brochure to learn how Archive360 provides end-to-end fully managed solution to upend migration failures.READ MORE
This document explores the differences between the two platforms and what to consider in order to make an informed decision about PaaS vs SaaS.LEARN MORE
Why you should turn on Office 365 archiving for your business (and how to make the most of it if you already have).LEARN MORE
The question of whether moving to the cloud has cost advantages over that of staying on-premises continues to be discussed in industry publications. We'll explore the definitions of the two strategies and then dig deeper into the numbers that layout the true cost of ownership (TCO) of moving to the cloud.LEARN MORE