“We will just use Office365 for our search requests from now on.” As more and more companies move from hosted Exchange to Office365, this has become an increasingly common phrase. While O365 is a useful tool and has an attractive value proposition, it is recommended that organizations check their true requirements before using it as a legitimate archiving solution.
Generally, the whole point of the archive capability is to provide a search and data retrieval functionality that is immutable, trustworthy, and certifiable – in most cases – in court. As adoption rates of Office 365 continue to strengthen, specifically for archiving capabilities, IT Security & Compliance teams must consider key associated risks.
Office365 does not allow for journaling to itself
While this might not seem like something of utmost importance, O365 lacks the basic functionality for journaling to itself. Why? The destination must be off premises from the tenant ID and must be a destination that is immutable and external from the Tenant itself. Even
Microsoft doesn’t trust its own repository to be immutable – it can’t be – since administrators and other power users can delete, purge and otherwise manipulate messages – this doesn’t pass audit requirements.
Office365’s eDiscovery features are incredibly limited and doesn’t search on- premises datasets
When search requests are executed, they are only done based on existing mailboxes, which of course would not uncover any emails previously deleted or purged, or what the spam filters deleted. In many litigation cases, organizations will need to see years’ worth of emails upfront. Unfortunately, O365 limits your search results to default amounts set by Microsoft – and this is not sufficient for most large-scale litigation. Journaling upline from these factors ensures that all data is captured and is legitimately available as an organization needs it.
Microsoft will make recommendations to continue running Exchange to continue to journal to – if you don’t have an archiving appliance or service
Organizations seeking active cloud migration from on- premise will face challenges around keeping old archives. Many teams have metadata and other content that must be kept and integrated – and Office 365 does not provide this integrated capability. It is important to consider from a budgetary perspective, as third-party solutions will be required.
Office365’s “Golden Copy” Is Not Compliance Friendly
The journaling process captures an email message as soon as it is sent or received, ensuring it has not been deleted or edited. This method creates a “copy of record” or “golden copy” which can be used in the eDiscovery process. In the case of O365, users have access to delete and purge mail which poses a risk throughout the journaling process, allowing for potential gaps in data consistency, handling or chain of custody.
Search & Discovery is Slow
Slow and steady doesn’t always win the race. Organizations need their data now and they need it fast. Many undergoing audits will need access to all records in real-time and having to wait for prolonged periods will inevitably cause delays, longer audit cycles and potential increased budgetary consequences. Sometimes an eDiscovery request within the Microsoft portal can take days.
The streamlined Issues of O365 Apply to Other Collaboration Platforms
Teams, OneDrive, and Sharepoint, namely. All data sets are subject generally to the same
discovery and retention rules. Global retention policies cannot be set across all data sets in Azure, data sets cannot be deduplicated, and organizations cannot classify, move and otherwise apply compliance actions against these same datasets in Azure.
Office365 should not be the end all/be all for an organization’s email archiving solutions, and third- party archiving solutions, like Data443’s business- ready Data Archive Manager, are a necessary addition to Office365 capabilities.
Data Archive Manager, unlike Office365, provides superior indexing technology, allowing users to perform simple or highly detailed Boolean searches using full-text keywords or key phrases. In addition to eDiscovery and audit capabilities, Data Archive Manger de-duplicates all email messages, attachments, file systems, SharePoint, and social media, then compresses the data prior to storing it to an on-premise appliance, SAN, NAS, or cloud-based hosted storage solution.
Contact us to learn more today.