November 21, 2014
Given the dynamic world of malicious, targeted attacks and daily incidents of data breach, you may have missed the most recent release of the Gartner Magic Quadrant for Enterprise Information Archiving. (In case you did, it can be downloaded here: http://www.proofpoint.com/id/gartner-email-archiving-enterprise-information-archiving-magic-quadrant/index.php)
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from [insert client name or reprint URL].
No doubt, you are asking yourself “why archive when we have our email in Office365 (or gmail + Vault)?” or “what does archiving have to do with data protection?”, or “cloud is nice, but my day job is to keep our 100TB(+?) in EV alive”, or “only small companies archive data in the cloud”. All good questions, which I will address in the Top 5 Take-Aways from the Gartner Enterprise Information Archiving report. Here goes:
1. Why do I need an archive? Not a new question for some, but as noted in the report, organizations are increasingly viewing archiving investments as “active” or “near-line” sources of data that will continue to create greater separation from the simple, infrequent access of historical data on back-up data storage. That frequent, time-sensitive access requires features that will satisfy legal and compliance users as well as safeguards to ensure that data can be preserved in real-time. As regulatory complexity and unique data privacy mandates continue to grow these features will continue to evolve beyond the basic “good enough” capabilities provided natively by Microsoft and Google.
2. It’s about information value: the need for this frequent access is quickly extending beyond the realm of email due to rapid expansion of sanctioned employee communication channels as well as the broadened regulatory purview (e.g. FINRA, FFIEC, FDA guidance on social media). As is being now being stated too frequently: the goal is manage information according to its value – regardless of its location. This goal extends beyond email, to files, collaboration applications, IM, social media and Web page content given the sensitivity and value of content increasingly delivered through those channels.
3. Scattered Clouds: It is no surprise that cloud-based archiving continues to shift spending from outdated on-premise legacy technologies to those are proving to deliver lower TCO and removal of IT hassle . In fact, the report notes that “Gartner sees 60% to 70% of new or replacement email archiving implementations as being cloud-based (1)”, which is up from small percentages only a few years ago. However, what is clear from this year’s report is that cloud offerings are not homogenous. Commentary provided on each vendor shows greater stratification of capabilities, where some are noted to provide solutions appropriate for small firms primarily to outsource the management of email, versus those designed to meet complex regulatory compliance, eDiscovery, and information governance demands. I’d expect that this stratification to accelerate as due diligence processes mature and non-IT stakeholders (e.g. legal, compliance, IT security) increasingly shape cloud requirements.
4. Migration friction falling: the time, cost, and disruption of moving off over-grown, poorly performing on-premise legacy systems has represented the largest – and most uncertain – variable in the 1-3 year archive planning cycles for many organizations. Consequently, some have stayed with outdated systems even when those products had reached end-of-life, end-of-support, or had been sold off to small consulting outfits (e.g. http://capaxdiscovery.com/pdfs/Capax%20HP%20EAS,%20Nearpoint,%20and%20CAMM%20announcement%2019%20Sept%202014%20v2.pdf). But, that switching cost is falling as more migration options are available, migration tools improve, and firms with eDiscovery pedigrees (e.g. DTI) become more active in the migration market.
5. Convergence is coming: As witnessed daily, data security and privacy are becoming top C-level priorities for more and more organizations. This is also impacting the information archiving market, as CISOs become more active in buying cycles and firms look at how potential risks of cyber-attack or data breach can be mitigated across their information management investments. As one tangible example, Gartner, for the first time, publishing an accompanying piece titled “Financial Services Context”, where they called out capabilities uniquely suited to complex regulatory compliance. This need for integrated security and compliance will drive a greater shared view of information value and risk, and will lead more firms to create cross-functional forums in attempt to reconcile priorities in areas such as policy management and data classification.
1 Source: Magic Quadrant for Enterprise Information Archiving by Alan Dayley, Garth Landers, Anthony Kros, and Jie Zhang, Gartner, Inc., November 10, 2014
How Proofpoint Can Help
Proofpoint Enterprise Archive is a next generation archiving solution that addresses three key challenges—legal discovery, regulatory compliance, and end user email access—without the headaches of managing archiving in-house. Built with an architecture explicitly designed to leverage the cloud, Proofpoint Enterprise Archive is up-and-running in days, delivering low, predictable lifetime cost, and scales to handle the largest global organizations. All data stored in the archive is secured via Proofpoint’s patented DoubleBlindTM Key Architecture ensuring only customers have keys to access unencrypted information. Backed by a search performance guarantee, Proofpoint Enterprise Archive searches are sustainably fast and reliable across email, documents, instant messages and social media content. This functionality scales even as archived data volume reaches to hundreds of terabytes in size.
To further extend visibility and security, many organizations complement Proofpoint Enterprise Archive with Proofpoint Enterprise Governance. This full information governance suite allows organizations to proactively monitor and control critical information—wherever it resides. With Proofpoint, organizations can efficiently track, classify, monitor and apply policies to unstructured information across the enterprise. Most recently, Proofpoint further enhanced its social media compliance and security offerings with the acquisition of Nexgate. This addition allows Proofpoint customers to harness social media opportunities, mitigate information risks and satisfy evolving regulatory mandates.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Robert Cruz is Senior Director of eDiscovery and Information Governance, bringing 20+ years of Silicon Valley based subject matter expertise in the areas of eDiscovery and regulatory compliance. He works with Proofpoint customers via workshops, seminars, and industry conferences to share best practices and review changes in regulatory environments. He previously held similar posts within the ECM and eDiscovery markets, and holds an MBA from Stanford University.