Click on any chapter to jump directly to it.
Once a ‘nice to have’ in business, the cloud is now almost essential. With new market entrants that were born in the cloud disrupting many industries, incumbents must take action to remain competitive, streamline their operations, and unlock agility and flexibility. This includes doing more with their existing data, using powerful, cloud-based tools for AI (Artificial Intelligence) and ML (Machine Learning), as well as improving security and scalability.
You’re probably using the cloud in some form already, whether it’s via Microsoft or Office 365 or another productivity suite. For many, the flexibility of such platforms provides advanced sight of the benefits of using the cloud for archiving and information management.
However, to truly unlock the full value of new cloud capabilities, a full migration of your legacy on-premises or first-generation cloud archives is the answer. A migration that is carried out in a fast, legally defensible manner without the risk of data corruption, inadvertent data deletion, end-user productivity issues, or damaging chain of custody, will help to ensure the success of your long-term digital transformation strategy.
When it comes to migrating to a new cloud platform, there are two primary options available to you. One is adopting the seeming simplicity and one-size-fits-all use model of a SaaS (Software as a Service) archiving solution like Mimecast, Global Relay, or Smarsh. The other, more secure option is to migrate your archives to your own public cloud tenant and choose which archiving or information management solution and security capabilities address your business and IT needs the best.
Software-as-a-Service is just another way of talking about the cloud, right? Wrong. While SaaS offerings like Mimecast do share some similarities with traditional cloud services (they’re both subscription-based and delivered over the internet, for example), SaaS was around long before the cloud. As a result, SaaS services suffer from the same legacy issues that most businesses are trying to step away from.
Whereas hyperscale clouds, like those provided by Amazon, Google, and Microsoft, enable you to run your own datacenter in the same way you would on-premises (but without the associated infrastructure or maintenance costs) SaaS vendors still rely on old school, third party-managed co-located data center technology.
What does that mean in reality? Your data is hosted on someone else’s infrastructure that:
That’s a lot of “can’ts” for a SaaS service that comes at such a cost.
You’re prepared to invest in your move to the cloud in the same way you’ve spent significantly on security. So why would you let one investment undermine the other? That’s just what happens if you use a SaaS vendor archiving solution like Mimecast. Because SaaS is based on a one-size-fits-all model, there’s no room for the unique security footprint you’ve spent time and money on developing to meet the precise needs of your business. In the same way,SaaS doesn’t offer you the control, flexibility, and scalability of the cloud, it restricts your options when it comes to security too.
With Mimecast, you have little or no say over the security model in place, the datacenter used, or the background checks carried out on employees. Even your company’s encryption keys are held by the platform, not your own IT or IT security department – the major issues many CISOs have. You just have to accept that your choices are limited and spend time and effort adapting your policies to match what you’re given.
Of course, moving to the cloud requires you to adapt your policies too, but, if your entire technology footprint will exist in a SaaS third-party cloud, it makes sense. What doesn’t make sense is adding a new provider that can’t align with your policies. Instead, it means creating new lexicons and exceptions for a single third-party solution, creating potential conflicts between IT and security, privacy, and compliance teams, plus wasting stakeholder time with additional meetings, approvals, and signoffs. And, if the worst happens, will you really be able to say you did all you could to protect your data if you didn’t have control of a significant part of your archiving processes?
You understand the importance of these policies when it comes to keeping your business safe, so why would you choose a provider whose core business doesn’t revolve around security and who isn’t equipped to quickly respond to new and emerging threats? Unlike SaaS vendors, major cloud providers like Amazon and Microsoft spend tens of millions every year to stay ahead of the game when it comes to cybersecurity. Their business depends on it, which is why they deploy cutting edge tech to protect their customers (and their customers’ data). Additionally, because of the specialized regulatory requirements placed on each industry, the ability to add additional security protocols to your company’s own cloud tenancy is now a must-have for security professionals.
In a recent survey of global IT executives, including VPs, Directors, and members of the C-suite at major corporations, only 19% of those surveyed believed 75% or more of their SaaS vendors met all their security requirements – a damning statistic, 70% stated they had been forced to make at least one security exception for a SaaS vendor. While many of these organizations are likely using popular SaaS products like Microsoft 365 and Salesforce, where the size and standing of the vendor might make the business more amenable to accepting a perceived lower risk, the clear takeaway is that many SaaS solutions don’t provide the security standards and flexibility modern organizations require.
On the topic of encryption and encryption key storage, an astounding 95% of respondents believed it was important to control their own encryption keys – a requirement not available in most SaaS solutions, and 81% were uncomfortable with their SaaS vendors controlling them. However, 74% of those surveyed said they did not control the encryption keys for the majority of their SaaS solutions. This is a worrying statistic and one that many organizations will have to take steps to reverse as regulations continue to tighten and the threat of cybercrime grows. To that end, 92% of executives said they would require more security customization for their cloud solutions in the future, with 63% of them planning to retire current SaaS applications that don’t provide them control over encryption key creation and management.
These statistics paint a clear picture of the security landscape and the risk that the one-size-fits-all approach of SaaS vendors introduces. As the trend for security customization continues and scrutiny over data access and handling increases, SaaS solutions will become increasingly less palatable for organizations’ risk mitigation efforts. Instead, more secure and customizable solutions will be a major focus.
Tied to security and compliance is the issue of data sovereignty. Where does your data reside and where is it legally allowed to? Whether it’s government-mandated regulation like GDPR that requires customer data to remain in its country of origin, or internal policy regarding access to data by foreign entities, you need to be able to designate where your data is kept at all times.
For a SaaS provider, Mimecast does have quite a few datacenters. However, it can’t begin to match the global scale of cloud vendors such as Microsoft and Amazon. Regardless of how many data centers they have, SaaS solutions will often need you to pick a single region and stick with it, offering you no room for flexibility as regulations shift or your business expands into new territories. And if you do have the option to choose different locations, many SaaS vendors struggle to accommodate, requiring multiple archives and the possibility of restricting your ability to centrally manage your data. For businesses that need to store customer and employee data within specific countries, this could be a deal-breaker.
By choosing Archive360 and your company’s cloud tenancy, you retain the flexibility to choose one or multiple data storage locations offered by your cloud provider and adapt to meet regulations or enable effective disaster recovery. Even if it’s stored in multiple locations, your data can still be searched through a federated capability in its entirety. This level of flexibility is only available in PaaS-based hyperscale clouds, helping maintain control of your data and ensure it’s both protected and compliant. Microsoft has even gone as far as to sue the US government on a number of occasions in order to maintain the privacy of customer data it holds, so you know you’re in secure hands.
You would be forgiven for thinking that data archives simply hold data in its original form so it can be accessed by you, the owner, when you need to. While that’s certainly the case with Archive360, for SaaS vendors, it’s not true at all. Many of them ‘wrap’ each individual file (an email, for example) in a proprietary format wrapper to not only limit the file compatibility but to form the backbone of their data management, indexing, and storage processes. It’s an old-fashioned way of handling data that used to provide possible benefits (in the wild days before privacy and security teams) but now causes many issues and is something you should definitely ask a SaaS provider like Mimecast to explain. However, whether through the use of these proprietary formats or SaaS-specific processes in general, one issue is constant – data can only be accessed via the vendor’s SaaS GUI, with little or no API access, effectively blocking visibility for the teams that need access to the data and limiting your freedom to move to another cloud archive.
Back when storing emails was carried out solely to address storage limitations, simple regulatory requirements, or comply with eDiscovery, basic keyword searches were the norm. Today, next-generation cloud archives are essential for analytics, internal investigations, and audits, helping teams to seek out privacy compliance violations and insider threats, or extract actionable insights. Now, data stored in their native format is required to fully utilize machine learning and AI.
There are many great tools available today to help organizations perform a number of tasks that unlock essential insight but, if they’re using a SaaS archive, they will simply not work.
That’s why you need to be sure that your data is securely accessible and not trapped in a third-party managed, one-size-fits-all legacy SaaS solution. In the same way SaaS vendors can’t keep up with the agility of the hyperscale cloud, their outdated approach to archiving and information management means they’re also not prepared for the many new requirements and opportunities the cloud brings.
The only way to ensure you retain complete control over your sensitive archived data and can apply your own security standards and protocols is to migrate your legacy archive data to an archive hosted and managed in your own secure hyperscale cloud.
The clear leaders in this space are Microsoft and Amazon and, with the right information management and archiving solution, they can provide you with complete control over your data. Using your own hyperscale cloud tenant, you can store files in their native format, enjoy best-in-class security and management features, and bypass the hassles and costs of exporting your data out when required. You can also make use of AI and Machine Learning to unlock crucial business insight from your data, as well as automate data management and handling for accurate and time-saving supervision, predictive surveillance, auto-classification, litigation preparedness, and eDiscovery response. These crucial, future-proof features simply aren’t possible with a SaaS archive and highlight the limitations of their compromised, aging cloud platforms.
You probably already know how tough data and application migration can be. It’s time-consuming, requires dedicated experts, and, in the wrong hands, has many pitfalls. Working with more than one vendor, especially one that must subcontract out the actual migration, normally only exacerbates these issues. However, more often than not, that’s what you get with a SaaS solution. They’re good at what they know, but they normally require third parties to help with the actual migration. Archive360 developed and owns its own migration IP and has successfully migrated more than 2000 customers and over 50 petabytes of data. Can your potential SaaS vendor say the same? It’s our proficiency in both migration and cloud archiving that gives you a seamless, accountable service, providing a single point of contact for your entire migration and access to unrivaled cloud expertise.
And then there are the problems with the process of actually migrating to a SaaS platform. Unlike Archive 360, SaaS vendors approach migration through the software API layer of your on-premises archive. They grab the data they find in your database using an aging vendor API – the index used to search metadata within emails such as sender, subject, date, and time – and shift it to their platform. It might sound all well and good, but, by using the software layer, SaaS vendors also rely on your on-premises database to be one hundred percent healthy in order for the migration to be successful.
Think of your database as a giant library and each file within it as a book. If you lose the index card from a book, it’s lost in the library with no way to find it. The only solution is to go shelf by shelf. Even the smallest amount of database corruption could mean files get lost in your archive, which means API-driven migration will leave them behind. That’s a massive problem for IT, for compliance, and for legal teams whose stock and trade is precision. Almost every database develops some corruption over time, and many have high levels of it, which is where most API migrations go wrong. A migration report from IT might show that a million items will be migrated, but only 825,000 are actually moved. Elsewhere, data can be changed by the API, leading to missing or corrupted metadata and, as a result, a lack of accuracy.
Archive 360 doesn’t rely on potentially damaged databases at the API layer. Instead, it goes straight to the legacy archive and extracts exactly what is there to make sure nothing is missed during migration. Not only does this ensure accuracy, but it also saves time, speeding up the migration without the API as a bottleneck or roadblock. Where API migration tools can generally transfer up to hundreds of gigabytes per day, Archive360 can typically extract 3-10 terabytes (or more) of data every 24 hours, such is the superior extraction and ingestion capability of the migration solution. This also means that Archive360 doesn’t sit behind your on-premises firewall for the duration of your migration, requiring infrastructure, security and networking team buy-in. With Archive360, your data is transferred in the shortest possible time and processed where it’s meant to be – in the cloud.
Archive360 understands the significance of an organization’s move to a hyperscale cloud and the concerns that go with such a decision. With more than a two thousand legacy archive migrations completed successfully, we know the types of questions you need answers to and can help dispel any fears you might have in our initial discussions. The questions we hear most often include…
Archive360 offers the most trusted email archive migration solution available - specifically designed for on-premises and Mimecast archives. Archive360 extracts messages and attachments, including all metadata, directly from the archive and maintains an item-level audit trail for compliance and legal reporting. It also preserves complete, original message fidelity for eDiscovery and regulatory information requests.
Archive360 provides the cloud archive most trusted by enterprises and government agencies worldwide, purpose-built to run in the hyperscale cloud. Installed and run from your organization’s Archive360 provides the cloud archive most trusted by enterprises and government agencies worldwide, purpose-built to run in the hyperscale cloud. Installed and run from your organization’s individual public cloud, you retain all the power, flexibility, and management while maintaining complete control of your data and its security, including local encryption key management that only you have access to.
Additionally, unlike on-premises and SaaS archiving solutions, you are free to unlock valuable insights via data analytics and carry out powerful searches on your data using the latest cloud-based tools that will benefit multiple teams across your business, from HR to legal and compliance. Individual public cloud, you retain all the power, flexibility, and management while maintaining complete control of your data and its security, including local encryption key management that only you have access to.