- April 7, 2021
Why In-Place Information Management Is Not A Complete Solution
- Bill Tolson|
- Legal/eDiscovery|
- Data Privacy|
- Records Management|
- Information Management|
- Information Security|
- Information Technology|
- Ransomware
Many organizations have already begun their move to the cloud, otherwise known as digital transformation. According to ComputerWeekly.com, approximately 50% of all corporate data is already stored in a cloud, with all signs showing continued growth in both the corporate and federal/state/local government sectors. But some experts point to several potential issues which could cause CIOs to hold back from fully committing to a 100% cloud strategy. With that in mind, let's take a look at the main potential issues that have been mentioned.
The first challenge mentioned is cloud network latency issues - taking longer for a user action to elicit a response from the cloud network. Realistically, even with higher latency due to the geographic distance of the cloud data center, system response time could be stretched from 10-15 milliseconds to 50 milliseconds, a difference most employees would never notice.
Granted, latency could become an issue for very few data-centric applications. Most applications such as archives, records management applications, CRM applications (Salesforce) have absolutely no problems running in a cloud architecture. Those few data-centric applications that pose issues with cloud operation are, no doubt, being redesigned for cloud operation in the near future. For a substantial majority of organizations, cloud computing and storage will pose zero-latency challenges.
Some industry compliance requirements demand storage of electric documents for very long periods – 10, 20, 30, or more years. CIOs were advised to archive long-term documents on DLT (digital linear tape) libraries in the past.
However, the two biggest challenges with long term archiving on DLT devices is:
The newer cloud platforms, such as Microsoft Azure and Amazon AWS, offer three tiers of storage that customers can choose from to ensure the lowest possible price per GB to performance capability. For example, both Azure and AWS offer the following storage tiers – hot (spinning disk), cool (spinning disk), and cold/archival (tape). Each storage tier provides a specific SLA reflected in the price per GB per month, ranging from several cents per GB per month to less than 0.5 cents per GB per month. As a side note, the cold/archive storage tier utilizes tape technology that does not require a data refresh and can be geographically replicated for disaster recovery purposes.
Industry pundits have raised the issue of data ransoming. CIOs also fear that their organization's data could be held hostage in extenuating circumstances or by the cloud vendor themselves.
In this case, extenuating circumstances include the cloud vendor suddenly going out of business, causing the data owner to start the process of trying to recover their data through court action - which could take months or years. This possibility is extremely low and can be avoided altogether by choosing the best available cloud platform. Ask yourself this; will Microsoft or Amazon suddenly go out of business overnight, trapping your data in a legal no man's land? In fact, based on evolving regulatory requirements, federal agencies have begun to look for multi-cloud capable archiving and information management platforms that will automatically failover to a completely separate cloud platform vendor when needed.
Analysts and CIOs are also wary of vendor data ransoming. They point to a small number of cloud vendors that have been known to hold client data hostage. This includes data ransoming, i.e., demanding very high transfer costs to allow the client data to be migrated out of the platform. These vendors justify this questionable practice by converting the data into their custom format as its being moved into the vendor's cloud. Their excuse is that the conversion enables more "effective storage." But in reality, it allows them to charge for re-conversion back into the native format so the client can actually use it after transfer. These substantial re-conversion charges are, in fact, a way to stop the client from moving their data to another vendor.
(Scroll down to continue...)
There's a compelling business case for attorney’s utilizing cloud storage including cost, ease of access, and security, but can lawyers ethically use it?
Read this blog to learn more >>
Cloud archiving has been around for many years, mainly to store email, email journals, day to day employee work files, and business records. This practice allowed IT departments to better utilize their expensive on-premises storage resources for their most important and sensitive data – data that their CIOs did not want to be stored outside of their firewall.
The main reason for this hesitancy was the security of their sensitive data in a third-party cloud. CIOs just didn't trust the security and privacy capabilities of the earlier cloud storage offerings. But several years ago, CIOs were forced to rethink their objections to cloud storage due to the massive year-over-year increases in created and consumed corporate data.
In 2020, IDC predicted that the amount of electronic data created and consumed in just 2020 alone would reach 59ZB. Obviously, not all of this data is kept and stored – a large percentage of it was transitory - consumed and then quickly deleted. However, another reason much of the 59ZB was not stored is the lack of corporate storage resources. This is because the velocity and volume of new data being created and received by organizations is far exceeding the ability for IT storage administrators to keep up with the ballooning new data storage requirements.
In fact, the same IDC report estimated that the total storage capacity installed based in 2020 – both on-premises and cloud - was only 6.7ZB. In today's corporate information environment with eDiscovery, regulatory compliance/privacy responsibilities, along with the need to utilize legacy data for ongoing analytics, storing large amounts of data for long periods using on-premises storage resources would cost companies significant amounts of money - continually buying, managing, and backing-up on-premises storage resources.
But as I have already mentioned, data security is the most significant factor for CIO's full adoption of the cloud. Public cloud platforms, such as Azure and AWS, have made enormous strides in infrastructure/network and data security. Nowadays, CIOs in the most data-sensitive industries – Healthcare, Financial Services, and Government, have already adopted the cloud, although with specific security/privacy requirements. These requirements include strong file encryption, field-level encryption, secure multi-party computation (SMPC), and the ability to create and store the encryption keys on-premises– away from the cloud tenancy to ensure the keys are not resident. CIOs want to protect their data in the cloud in case the cloud is hacked or the third-party cloud vendor is served with a secrecy warrant asking for your data to be decrypted and turned over – without telling you of the governmental action.
Sensitive data security is the biggest issue CIOs have raised with full cloud adoption. Cloud infrastructure security has progressed well beyond the capabilities that on-premises applications can offer. Additionally, data security/privacy has become the biggest positive draw for CIO cloud adoption. Cloud cost per GB, File encryption, field-level encryption, and on-premises encryption key management and storage have earned CIO approval.
The new cloud archiving and information management platforms have enabled CIOs to move forward with their full cloud adoption plans. Additionally, many plan to proceed with on-premises application retirement and migrate those large legacy application data sets to the cloud for regulatory compliance and eDiscovery requirements.
Archive360 offers the most trusted, capable, and secure cloud archiving and information management platform that enables companies to onboard, store, manage, and protect the most sensitive content.
The Archive360 cloud archive and information management platform is installed in your own cloud tenancy, not a third-party's SaaS cloud tenancy leased from a public cloud platform. This ensures ongoing ownership of your data without the need to worry about your data being held hostage by a third-party cloud vendor.
Archive360 is the leader in cloud archiving security and privacy with on-premises data encryption before movement to the cloud (homomorphic encryption), encryption key storage on-premises, field-level encryption - which ensures PII is protected from both internal and external threats, and secure multi-party computation.
For more information on the Archive360 Cloud Archive or to speak to a subject matter expert, please contact us.
Bill is the Vice President of Global Compliance for Archive360. Bill brings more than 29 years of experience with multinational corporations and technology start-ups, including 19-plus years in the archiving, information governance, and eDiscovery markets. Bill is a frequent speaker at legal and information governance industry events and has authored numerous eBooks, articles and blogs.
© Archive360. All Rights Reserved | Terms & Conditions
