Neuralytix wp microsoft office365 customers-reveal archiving limitations

Office 365 Compliance and Discovery: Microsoft Customers Reveal the Limitations

COPYRIGHT © 2016 NEURALYTIX, INC. ALL RIGHTS RESERVED WWW.NEURALYTIX.COM 2

CONTENTS

EXECUTIVE SUMMARY ...................................................................................................3

ENTERPRISE ARCHIVING AND EDISCOVERY REQUIREMENTS ................................3

OUR STUDY METHOD .....................................................................................................3

INTERVIEWS WITH CUSTOMERS ............................................................................3

OUR SURVEY RESULTS ...........................................................................................4

ANALYSIS .........................................................................................................................5

ENTERPRISE VAULT.CLOUD JOURNALING ............................................................5

THE PROBLEM WITH AN IN-PLACE ARCHIVE ........................................................5

WHY A JOURNALED ARCHIVE? ...............................................................................5

SEARCH PERFORMANCE ........................................................................................5

ABILITY TO GIVE ACCESS TO OUTSIDE COUNSEL ..............................................6

GUIDANCE ........................................................................................................................6


ENTERPRISE ARCHIVING AND EDISCOVERY REQUIREMENTS

Organizations need to archive email and other unstructured data for many reasons. Some of these reasons include:

• Regulatory Compliance• Long term preservation and availability for

internal needs

• Better eDiscovery preparedness

In particular, looking at eDiscovery, organizations require eDiscovery for reasons related to internal investigations, regulatory inquiries, and litigation.

Archiving provides for organizational data protection and storageneeds,whileeDiscoverysatisfiesthesearch,datacollection, analysis and review needs for the organization.

eDiscovery is one of those areas that lies passive most of the time, but when an eDiscovery request is made, it needs to be satisfiedassoonaspossible.

For this reason, it is important the eDiscovery system has an automatedworkflowthatmakespreservingtheinformationthatis needed for a request or subpoena, quickly available.

Apart from automation, integration with email is another critical requirement for both preservation and discovery, particularly with Microsoft email platforms. With more and more organizations moving their email to cloud based offerings such asOffice365,efficientandaccuraterecalloftheclouddataisdependent on the ability to have access, while keeping it simple for end-users.

For some regulatory environments it is necessary to supervise employee email activity and to archive content from complementary technologies such as instant messaging, cloud basedfilesyncandshareandotherdatarepositories.

Finally, on the operations side of things, once data is placed into legal hold, or archived, the system needs to be smart enough such that the user cannot delete the data in the archive, since the data is now part of the legal discovery, and as such untouchable for the duration of the investigation or litigation.

OUR STUDY METHOD

ThisInsightwilllookspecificallyatthearchivingandeDiscoveryapproachofMicrosoftOffice365relativetopreviouslydiscussed requirements.

Office365hasasetof“built-in”archivingandeDiscoverytoolsplus a number of advanced options in some of their service plans. Depending on the plan selected the may include:

• In-place archiving

• In-place compliance (legal hold)

• In-place Discovery

• Basic eDiscovery

• Advanced eDiscovery

We wanted to understand why customers would invest in a 3rd party archiving and /or eDiscovery system in light of what Microsoft offers.

Our research centered on phone interviews with larger customers, those having more than 25,000 active Enterprise Vault.cloud users. We also polled 148 existing customers of Veritas Enterprise Vault.cloud of all sizes and asked them a series of questions to try and understand why they chose the Veritas Enterprise Vault.cloud solution over the built-in capabilitiesofOffice365.

INTERVIEWS WITH CUSTOMERS

Neuralytix conducted one-on-one interviews with a select number of customers in both the public and private sectors.

Each interviewee was asked to share their experiences comparing Veritas Enterprise Vault.cloud the Microsoft archiving, legal hold, email supervision and eDiscovery capabilitiesthatareinOffice365.

All of the interviewees wanted a simple solution that had a complete end-to-end set of tools in one package. At the time of theinterview,emailwastheirprimaryuseofOffice365.

Most of the interviewees expressed frustration at Microsoft

EXECUTIVE SUMMARY

InthisInsight,Neuralytixexamineswhycustomerswillchoose3rdpartyofferings-inthiscaseEnterpriseVault.cloud-overOffice365’s built-in archiving, legal hold, and eDiscovery tools.

Our study, which involved one-on-one interviews with customers of Veritas Enterprise Vault.cloud, as well as a survey of nearly 150 respondents, showed that Veritas customers found journaling and search performance overwhelmingly the capabilities that tipped thescalesfortheminchoosingEnterpriseVault.cloudoverOffice365.


Office365’sbuiltinlegalholdandarchivingfunctions(availableonly for users with Enterprise E3 or above).

Oneintervieweedescribedtheuserexperienceasa“verymanualprocess”andthat“Microsoftstruggleswithmassivelegalholdandmanagingit.”

AnotherintervieweesaidofMicrosoft’sarchivefunctionthat“itisnot an archive – an archive should mean someone cannot delete [emails from the archive], but Microsoft allows [users] to delete [fromthearchive].”Neuralytixagreeswiththisinterviewee.Inorder to maintain proper chain of custody, users should not be allowed to add, change, or delete records from their archives, when it is placed under legal hold.

Finally, one interviewee went as far as saying that Microsoft’s solutionhad“noclearpicture[oftheneedsofarchiving],”andthattherewere“alotofmovingparts”tomaneuvertoachieveasimilar result compared to Veritas Enterprise Vault.cloud.

The interviewees also expressed that the cost of Microsoft’s archiving solution compared with Veritas Enterprise Vault.cloud was very competitive. However, in the end, each interviewee chose Veritas Enterprise Vault.cloud because it provided significantlymorefunctionality.

In essence, Neuralytix interprets this response from the interviewees to mean that they can save time and get more from their archive and legal hold with Veritas Enterprise Vault.cloud than with Microsoft’s archiving/legalholdsolutions.Thisissignificant,especiallyforthoseorganizations that have large numbers of users.

Neuralytix research shows that Microsoft’s approach to archiving involvesasignificantnumberofsteps,andisalsoakintomanaging thousands of individual archives, rather than a holistic and complete view of the organization.

For those in regulated industries, Neuralytix notes that Microsoft Office365doesnotprovideanemailsupervisioncapabilityasrequired for roles such as traders, in regulations such as FINRA and Dodd-Frank. This function is available in Enterprise Vault.cloudandisnecessarytoservefinancialservicesorganizations.

The interviewees consistently listed the journaling feature, search performance, and access to outside counsel as what ultimately led them to choosing Veritas Enterprise Vault.cloud.

An unsaid, but underlying reason for choosing Enterprise Vault.cloud is that it was so much easier to manage the large user base. Instead of (essentially) managing 25,000 individual archives, the administrator can now collectively manage, with a veryhighdegreeofconfidenceinthechainofcustodyofeachdata object, the entire organization’s archives.

OUR SURVEY RESULTS

Of the respondents to our on-line user survey, over 78% actively used Veritas Enterprise Vault.cloud for legal hold or eDiscovery (See Figure 1).

Most of the survey respondents (76%) had less than 5,000 mailboxes (See Figure 2).

The survey showed that only 23% of respondents described Office365’scapabilitiesas“Good”or“Excellent”.YeteventheserespondentsstillchoseVeritasoverOffice365.

Figure 1: Q1: Do you actively use Enterprise Vault.cloud for legal hold or

eDiscovery (Neurlaytix 2016)

Figure 2: Q2: How many users do you have using Enterprise Vault.cloud

(Neurlaytix 2016)

Figure 3: Q3: How would you rate Office 365 as a complete solution for

archiving, compliance and eDiscovery? (Neurlaytix 2016)

Ultimately, the survey also asked respondents to specify all the reasons why they chose Veritas Enterprise Vault.cloud, by enumerating the capabilities they needed or preferred, which led to their decision.


Figure 4: Q5: Why did you choose Enterprise Vault.cloud in the end?

[Respondents could select multiple answers] (Neurlaytix 2016)

Overwhelmingly, the journaling and search performance features stood out as the key reasons why respondents preferred Veritas EnterpriseVault.cloudoverOffice365.

ANALYSIS

As Figure 3 shows, the top reason for customers choosing Veritas Enterprise Vault.cloud is its journaling feature, followed by search performance, and the ability to give access to outside counsel.

ENTERPRISE VAULT.CLOUD JOURNALING

Email Journaling is a critical feature for any compliance or eDiscovery related archiving scenario – especially those needing legal hold.

In Veritas Enterprise Vault.cloud, individual users have the option to have their mailboxes archived, independent of the global archive. However, unique to Veritas Enterprise.cloud, is its global journaling feature. The journaled archive created is not just an in-place archive, where a duplicate mailbox is created of individual email messages. Instead, Enterprise Vault.cloud creates a separate journal, out of the control of users, which keeps all the metadata associated with each email. This record of the metadata is key to maintaining an audit trail of all users included in an email thread. Enterprise Vault.cloud also enforces proper chain of custody requirements, necessary for customers operating in regulated industries.

Veritas Enterprise Vault.cloud can provide these enhanced archivingfeaturestoallversionsofOffice365.However,surprisingly, Microsoft only provides legal hold and archiving to those customers who subscribe to the more expensive Enterprise plans that are E3 and above, leaving smaller businesses unable to take advantage of these important features unless they spend up to 60% more per user. In Neuralytix’s opinion, this is a glaring oversight on the part of Microsoft.

THE PROBLEM WITH AN IN-PLACE ARCHIVE

Mostemailproviders,suchasMicrosoftOffice365providesbasicarchiving.Thistypeofarchiving,called“in-place”archiving,makes a new mailbox in which copies of emails are copied.

However, the in-place archive suffers from all the features and limitationsofanormalmailbox.Datacanbemoved,modified,and in the worst case scenario, deleted. This puts in question whether chain of custody of the archived data was preserved. Forexample,InMicrosoftOffice365,giventhatindividualuserscan drag-and-drop messages from their primary mailbox to their in-place archive, it puts serious questions over whether the data was, or was not tampered with.

In the case of Legal Hold, Microsoft attempts to archive or provide legal hold, simply by making (or holding) a copy of auser’smailbox.ButthisleavessignificantgapswhentheeDiscovery requires context with other users, or when multiple users are involved in the discovery request. For example, what is actually required is that all information related to a discovery topic is held across all users mailboxes, and it’s not practical to put all user mailboxes on hold.

WHY A JOURNALED ARCHIVE?

For customers whose business or charter is regulated, it is generally a compliance requirement to capture all email across all of the organization’s users. They are then required to ensure proper controls are in place to prohibit the journaled archive frombeingmodifiedbyunauthorizedusers(andalsologwhatprivileged users do in the archive).

Veritas Enterprise Vault.cloud provides a journaled archive. It is this journaling feature that respondents in the survey as well as interviewed customers saw as a most critical and unique feature.

In a journaled archive, as each message enters the archive, it is time stamped, serialized, and given a unique signature to ensure its authenticity when proof is required in a court of Law. Journaling helps ensure full message capture for compliance and eDiscovery purposes. Without journaling, and associated datacontrols,itmaybedifficulttoprovethatthedatawasnottampered with or that items were not omitted or deleted.

SEARCH PERFORMANCE

The Courts are aware of the capabilities of technology today. Theyreflectthatintheexpectationstheyhaveforlitigantstoprovide discovery in a timely fashion.

InsomeCourts,significantfinesareleviedorpresumptionof


having something to hide is made when litigants are unable to produce discovery in a timely manner.

Therefore, the ability to search across hundreds of thousands, or even hundreds of millions of emails is critical.

The search capability in the Veritas Enterprise Vault.cloud is integrated with it’s eDiscovery application so it allows customers to create and save search instances, manage legal matters, manage items for legal hold, review results, and grant access to outsidelegalcounselinaunifiedworkflow.MicrosoftOffice365lacks this integration across applications.

ABILITY TO GIVE ACCESS TO OUTSIDE COUNSEL

Many companies rely on outside counsel for litigation. The ability to give access to outside counsel to run its own searches was the responders 3rd most important decision critieria.

By allowing outside legal service providers to look at results, and to extract only the relevant information that counsel needs, this collaborative capability is critical in saving an organization time, money, and effort.

No longer do the IT admins have to run the search based on email exchanges with outside counsel, often without the proper contexts. Outside counsel can now perform the searches it needs, the way it needs it, download the results, and complete discovery in much less time, and much lower cost to the company.

GUIDANCE

We live in a highly litigious world. We live in a highly regulated world. We also live in a world where corporate, regulatory, and legislative controls rule all parts of an organization.

Whether it is the need to preserve and document a terminated employee, or to discover data to help mitigate potential litigation, the ability to discover information from emails is critical.

Neuralytix believes that Veritas Enterprise Vault.cloud exhibits extensive differentiation compared to its competitors such as MicrosoftOffice365.

Veritas Enterprise Vault.cloud’s journaling architecture, super-fast search algorithms and access controls that allow third parties to participate in the litigation support or discovery process makes it a stand-out product.

WeadviseorganizationsusingMicrosoftOffice365asitsemailprovider to couple that with Veritas Enterprise Vault.cloud – especially those organizations subject to any form of corporate or governmental compliance and regulation.

Finally, we also recommend Veritas Enterprise Vault.cloud on the basis of its ability to keep chain-of-custody. This feature is critical in proving that information or evidence was not altered.

FOR SPECIFIC COUNTRY OFFICES AND CONTACT NUMBERS, PLEASE VISIT OUR WEBSITE. WWW.NEURALYTIX.COM

NEURALYTIX, INC.755 SANSOME ST #360, SAN FRANCISCO, CA 94111 USA+1 (415) 949-1188© 2016 NEURALYTIX, INC. ALL RIGHTS RESERVED.

Technology

Neuralytix wp microsoft office365 customers-reveal archiving limitations