1 White Paper When archiving is best done in the cloud A White Paper by Bloor Research Author : Fran Howarth Publish date : June 2010
2 An archiving service provided in the cloud is a viable alternative for an organisation of any size Fran Howarth
3 Executive summary archiving solutions based in the cloud provide many advantages, among which is the reduced cost of investing in technology services, as opposed to implementing the technology in-house. The use of such services holds much promise for organisations of all sizes, and small and medium organisations in particular. An archiving service based in the cloud must provide a complete service, including guaranteed availability, coverage of all systems, a tamper-proof database, and provision of reports and an audit trail. All traffic should be encrypted in transit and s and their attachments should be held in encrypted form when in storage to prevent unauthorised access. This document discusses what organisations should look for in an archiving service based in the cloud. It is intended to be read by anyone in an organisation of any size who is looking for greater control over mounting problems caused by huge volumes of and the need to properly control those records. It is one of a series of three papers. The accompanying papers discuss the drivers for taking up archiving services and the benefits that organisations will see from the use of such services. Fast facts For disaster recovery purposes, the service should provide full redundancy, with backup services provided in remote geographic locations. Any service should provide support for mobile workers for greater flexibility and should be scalable to cater for growth in the number of users, such as through a merger of two firms. Ease of use is the utmost priority. The bottom line At a time when all budgets are under heavy scrutiny, the use of archiving services based in the cloud is a compelling alternative for organisations of all sizes, and for small and medium enterprises in particular. Such services can be a simple and cost-effective alternative to traditional in-house systems that are costly and time-consuming to maintain, or to managing ad hoc stores comprising bloated mailboxes, servers and local file stores. Organisations looking to subscribe to such services should carefully evaluate the offering to ensure that all their needs are catered for. A Bloor White Paper Bloor Research
4 Challenges and considerations In any organisation, technology investments are generally highly scrutinised. Faced with economic pressures, gone are the days when technology was bought just as a point solution to fix a problem as it occurred. In the same way as many homeowners only purchase an alarm once they have been burgled, many organisations only buy technology to fix a problem, rather like buying insurance against the same thing happening the next time. For larger organisations, finding the budget to invest in a technology solution such as archiving may not be easy given stagnating IT budgets and the wide range of issues that they face, but they are more likely to be able to afford to invest in a solution that will provide significant cost savings than their smaller counterparts. Given that the average firm in Europe employs six people, the vast majority have no dedicated IT resources and little money to spend on technology purchases. Even in larger SMEs, IT departments are likely to be small and highly constrained and budgets will remain tight. The lack of available skilled IT staff, budget constraints and the amount of IT infrastructure that must be purchased and managed to support a technology implementation such as archiving make such an investment beyond their means. Because of this, many organisations rely on using servers as storage systems, leaving s on them and backing up the servers. For many organisations, these backups will be held on tape. The use of tapes for backup purposes is fairly standard practice, but this is not a good solution for an archiving system as tapes are not easy to access, retention policies are hard to enforce owing to lack of visibility as to what is held on the tapes and there is the risk that information stored on tapes can be easily overwritten by other data. The alternative is to put in place technology specifically designed for archiving s. The first systems that were developed for this purpose were standalone systems, generally packaged software or appliances. The systems work by collecting and indexing all inbound and outbound s so that they can be searched in an efficient manner when the need arises. Such systems are installed on customers premises, which requires that organisations purchase software and hardware including application servers and storage to run the software. As an alternative, vendors offer archive appliances, which are servers with archiving software preloaded on to them alongside storage capacity. Such systems, whether software- or appliance-based require that organisations install and manage the systems themselves. Many early systems were developed with specific types of organisation in mind and were mainly focused on large enterprises. Many were narrowly focused on specific verticals, with financial services well catered for in particular. Large enterprises tend to have their own in-house IT departments and can afford to dedicate resources to the administration and management of such technology implementations. For smaller organisations, the choices have been limited. The ability to invest in such systems, let alone dedicate resources to their management, is beyond the means of many cash- and resource-strapped SMEs. Therefore, many smaller organisations will rely on use of the systems themselves for storage, or will allow individual users to collate their own stores; but this can be an expensive option as well. Users have a habit of accidentally losing or deleting s that they need, meaning that, in an organisation with an IT department or help desk, they will likely call for help, or in a smaller organisation will probably have to replicate the information, which is a drain on productivity. Should such an organisation be subjected to litigation or any other dispute, the ability to produce the required s as evidence in a timely manner will often require a manual search of all stores, including the server, backup tapes and individual desktop stores. Not only is this costly in terms of the effort required, but failure to come up with all of the evidence required could leave the organisation facing a fine or other sanctions for non-compliance Bloor Research A Bloor White Paper
5 Leveraging the cloud as a cost-effective alternative To cater to the needs of a wider range of organisations than just large enterprises that can afford in-house implementations, technology vendors have come up with a third alternative fully managed web-based archiving services based in the cloud. Such services are generally provided on a subscription basis paid for on a monthly basis, with licences paid according to how many users or mailboxes are served in that particular time period. This provides them with many benefits, including not having to purchase software licences or hardware to run the system, not having to install, administer and manage the system themselves, and the ability to provide users with a simple-to-use service that automatically captures all of their without the need for any action to be taken on their part. For SMEs in particular, a managed web-based archiving service is a simple and cost-effective alternative to traditional in-house systems that are a drain on their resources or the challenge of managing bloated mailboxes, servers and local file stores. Thus, the prime motivator for many SMEs in subscribing to a cloud-based service is lowered cost and improved productivity as mundane, yet important, tasks are handed off to a service provider. Although the market for archiving services is young, it is experiencing high rates of growth. The Enterprise Storage Group estimates that SaaS-based archiving solutions have grown by 350% over the past three years and Osterman Research predicts that 84.9% compound annual growth will be experienced from 2007 to The Radicati Group stated recently that it expects that 70% of mailboxes will be supported by archiving technology by as early as A Bloor White Paper Bloor Research
6 What a cloud-based service must provide A cloud-based archiving service must provide a full offsite service that can cater for all the archiving needs of an organisation. Whilst very small organisations may just need to archive s from one system and one office location, larger organisations may have more complex needs. Therefore, the service should be capable of archiving s across multiple platforms and bring together the needs of geographically dispersed locations, such as branch offices and multiple data centres. Plus, with mobile working becoming increasingly commonplace, the system should provide support for s sent to and from mobile phones to cater to the needs and habits of all workers in the organisation. Providing a full offsite service also means that the service needs to be always available and the data must be fully protected and secured. To ensure that the service is reliable, with no outages that would render the service unusable, the service provider must provide guarantees over uptime, generally offering 99.99% availability. In order to be able to ensure that this is achieved, the service provider must have multiple layers of physical redundancy to ensure data integrity and availability. This requires that the data centre is backed up with fully redundant systems in further offsite locations so that archives can be replicated across geographically dispersed data centres. By providing such a secure, available service, SMEs can offload responsibility for disaster recovery to the service provider, so that they can ensure that their archives are secure and fully backed up. To ensure security, the service provider must enforce high standards of protection for the archive and related services. Organisations should ensure that all messages and attachments are encrypted, both when in transit to and from the service provider s data centres using TLS or SSL cryptographic protocols, as well as when at rest in storage. Guarantees should also be provided that the database where the s are archived is tamperproof, with access to the information it contains strictly controlled according to the role of the user and the privileges assigned to them. To prove that the integrity of the data has not been compromised, cryptographic hashing can be used to prove that the data has not been modified and metadata records can be used to prove that the chain of custody is intact. In order to prove to the end-user organisation that high levels of security are being maintained, the service provider should offer reporting and sampling tools to deliver reports and audit samples as required, along with a full audit trail of every event recorded for each message in the archive system. Figure 1: archiving service based in the cloud Bloor Research A Bloor White Paper
7 Ease of use is the utmost priority Given the importance of both to the organisation as a whole and to individual users in order to keep them productive, it is essential that an archiving service is simple and intuitive to use, without users having to become familiar with and use another user interface or application. Every inbound and outbound must be automatically captured by the service to ensure that users don t continue to use their own personal stores on their hard disks, or delete s that may be required. For them to feel comfortable using the system, users must be able to easily search the archive, including even old or accidentally deleted records, through a secure web-based interface. For many SMEs looking to subscribe to a hosted archiving solution, ease of implementation and use are major considerations. For the best user experience and for ensuring productivity levels do not suffer, an important capability to look for is self-service, allowing end users to search for and recover their own archived s easily from any device that they are using. For example, they should be able to reach the archives through a web browser interface, an client such as Outlook, or a mobile device such as a BlackBerry to cater for a scenario such as a user needing to pull up an archived that is relevant to a proposal being discussed during an onsite meeting with a client. As organisations become comfortable with use of the system, perhaps with experience gained through a trial, they will wish to extend its use throughout their network to ensure all communications are captured. The service must be able to handle rapidly growing volumes of , so must be scalable to meet anticipated or unexpected needs, such as two companies merging, as well as being able to meet new regulatory requirements as new legislation is passed, or legal interpretations or policy requirements change. To be effective, the quality of the indexing engine and search capabilities are of vital importance to the success of any archiving initiative. It must be flexible enough to allow employees, administrators and even legal counsel to search for specific or conversation threads by subject, sender, recipient or attachment name, or for s within a particular date range. Therefore, the indexing engine should do a thorough job of indexing every inbound and outbound message, including the message headers, text and any attachments. When indexing s, they should also be classified according to whether or not a particular needs to be stored, where it should be stored and for how long. This exercise should take into account any regulations to which the organisation is subject to ensure that it is in compliance with any data retention periods specified by those regulations. These requirements should be written into the organisation s data retention policy, which needs to be reviewed regularly to keep it up to date and effective so that new requirements can be added to it, such as when new regulations come into force. Therefore, it is essential that the service provider provides flexibility as to how the policy is applied, being able to adjust it as needed when circumstances change. Another policy that should be put in place is an acceptable use policy so that users are aware of the behaviour expected of them and do not lay the organisation open to charges such as copyright infringement, harassment or libel. This policy should include the privacy expectations of users, such as where their may be subject to monitoring or retrieval, and penalties for misuse of the system. Here it is useful to look for a service provider that provides native integration with complementary services such as and web security. A Bloor White Paper Bloor Research
8 Summary An archiving service provided in the cloud is a viable alternative for an organisation of any size looking for a cost-effective, efficient alternative to managing record repositories in-house, whether through use of a dedicated system or ad hoc stores. In evaluating services, organisations should look for a complete, web-based offering, with fully redundant, geographically remote backup capabilities and guarantees over security, privacy and availability. A prime consideration for any organisation looking to invest in such services is that they should be easy to use as the desire to improve productivity is among the most important drivers behind such investments. Further Information Further information about this subject is available from Bloor Research A Bloor White Paper
9 Bloor Research overview Bloor Research is one of Europe s leading IT research, analysis and consultancy organisations. We explain how to bring greater Agility to corporate IT systems through the effective governance, management and leverage of Information. We have built a reputation for telling the right story with independent, intelligent, well-articulated communications content and publications on all aspects of the ICT industry. We believe the objective of telling the right story is to: Describe the technology in context to its business value and the other systems and processes it interacts with. Understand how new and innovative technologies fit in with existing ICT investments. Look at the whole market and explain all the solutions available and how they can be more effectively evaluated. About the author Fran Howarth Senior Analyst - Security Fran Howarth specialises in the field of security, primarily information security, but with a keen interest in physical security and how the two are converging. Fran s other main areas of interest are new delivery models, such as cloud computing, information governance, web, network and application security, identity and access management, and encryption. Fran focuses on the business needs for security technologies, looking at the benefits they gain from their use and how organisations can defend themselves against the threats that they face in an ever-changing landscape. For more than 20 years, Fran has worked in an advisory capacity as an analyst, consultant and writer. She writes regularly for a number of publications, including Silicon, Computer Weekly, Computer Reseller News, IT-Analysis and Computing Magazine. Fran is also a regular contributor to Security Management Practices of the Faulkner Information Services division of InfoToday. Filter noise and make it easier to find the additional information or news that supports both investment and implementation. Ensure all our content is available through the most appropriate channel. Founded in 1989, we have spent over two decades distributing research and analysis to IT user and vendor organisations throughout the world via online subscriptions, tailored research services, events and consultancy projects. We are committed to turning our knowledge into business value for you.
10 Copyright & disclaimer This document is copyright 2010 Bloor Research. No part of this publication may be reproduced by any method whatsoever without the prior consent of Bloor Research. Due to the nature of this material, numerous hardware and software products have been mentioned by name. In the majority, if not all, of the cases, these product names are claimed as trademarks by the companies that manufacture the products. It is not Bloor Research s intent to claim these names or trademarks as our own. Likewise, company logos, graphics or screen shots have been reproduced with the consent of the owner and are subject to that owner s copyright. Whilst every care has been taken in the preparation of this document to ensure that the information is correct, the publishers cannot accept responsibility for any errors or omissions.
11 2nd Floor, St John Street LONDON, EC1V 4PY, United Kingdom Tel: +44 (0) Fax: +44 (0) Web: