Archiving101.com

According to eWeek the following 5 businesses are poised to boom during the current financial crisis:

1. Risk management

2. Secure and managed file transfers

3. E-Discovery

4. E-mail archiving

5. Enterprise search

Read the full article at:  http://www.eweek.com/c/a/IT-Infrastructure/5-Technology-Businesses-Poised-to-Boom-in-the-Financial-Crisis/

SANTA CLARA, Calif.–(BUSINESS WIRE)–Mimosa Systems, a leader in live content archiving solutions, today unveiled Mimosa NearPoint™ File System Archiving (FSA), a powerful archiving option that enables users to retain, retrieve and recover critical, free-range files alongside millions of emails, attachments, instant messages, and content from backup tapes stored in an integrated content-aware archive. Built on the award-winning Mimosa NearPoint platform, this new offering provides Mimosa customers with the most advanced content archive that addresses critical requirements for storage optimization, end-user information access, eDiscovery, content monitoring, and recovery in a single solution.

The widespread growth of unmanaged, free-range electronic files, such as Microsoft® Office files, Adobe® PDF files, and others, creates a critical challenge for enterprises trying to control storage costs, maintain content according to their retention and deletion policies, and find and preserve these files in the face of stringent discovery requirements.

Mimosa NearPoint FSA moves files from premium production storage to lower cost archive storage. FSA utilizes advanced stubbing technology that coordinates the use of network and backup processes while preserving the look and feel of the original file that was stored on the production disk. End-users can access the files as they normally would, while administrators see immediate benefits of storage reduction and optimized primary storage performance.

Mimosa FSA allows enterprises to significantly reduce storage costs while improving storage management and the backup efficiency of file servers containing thousands of free-range files. Legal staff can now rapidly search both files and email with a single search query, and preserve these files in place, lowering the cost of collection, and facilitating a quick export to downstream review or analytics applications.

“Mimosa NearPoint FSA promises to deliver advanced information archiving for retention, electronic discovery, auditing and access, further aligning our IT systems with core operational requirements,” said Bruce Lorimer, Information Systems Supervisor for the County of Madera. “With the NearPoint archiving solution in place, we will be able to satisfy legal and operational demands for a more compliant and efficient organization.”

Within organizations, users typically store content on a network file system because it is easy to do. However, this storage strategy makes central management very difficult because file systems are not managed content repositories with check-in services, search indexes, and version control. File system content presents a major challenge to organizations for several reasons:

• Production storage costs can soar out of control as users routinely store multiple copies of the same content.
• Retention and disposition policies are difficult to enforce, negatively impacting the cost and time to comply with an eDiscovery request.
• Locating sensitive information such as customer information, trade secrets and intellectual property that was saved to the file system before the organization had polices directing usage.

“Mimosa’s new file system archive allows organizations to store more information at lower costs while addressing retention and legal preservation concerns,” said Brian Babineau, Senior Analyst, Enterprise Strategy Group. “NearPoint FSA allows employees to access files as they normally would because administrators can leave stubbed files on the file system providing them seamless access to their information. Compliance officers and records managers are ensured that information is properly retained and IT administrators can easily configure and operate the solution with enhanced management capabilities.”

Mimosa NearPoint FSA –The Industry’s Next-Generation File System Archive

With Mimosa NearPoint FSA, administrators can:

• Manage production storage costs with policies that move files to lower cost archive storage devices based on attributes such as type, size, age, and last access date.
• Consistently apply retention and disposition policies across files, emails, attachments, and instant messages from one administrative interface.
• Maintain a seamless end-user experience with advanced placeholders that point to archived content while preserving the look and feel of the original files when browsing with Microsoft Windows Explorer®.
• Lower archive storage costs with advanced de-duplication across multiple copies of files — files that are sent as attachments and files contained on backup tapes.
• Expedite eDiscovery by searching and preserving relevant files alongside email and instant messages using a single search, and cull-down user interface.
• Lower risk by creating alerts for content at rest on the file system that was created before a policy for sensitive information was implemented.
• Enable faster, more granular file system recovery, and reduce the need to restore individual items from backup tapes.
• Avoid backup issues typically associated with first-generation file system archiving products by coordinating with the backup process to optionally protect content behind the end-user stub.

“NearPoint File System Archiving gives enterprises a powerful archive to take control of distributed file stores to reduce storage costs and retain, retrieve, and recover critical information to meet stringent compliance and eDiscovery requirements,” said T.M. Ravi, CEO, Mimosa Systems. “With the introduction of this solution, Mimosa provides companies with the most comprehensive and advanced content archiving platform for email, files, and instant messages stored in a unified repository.”

The many talks that I had over the past few weeks with people keeps pointing at the fact that the days of iFilters might be numbered.  Vendors who leverage Microsoft iFilters for their search technology (like Quest Archive Manager) might have to look for other solutions now that Microsoft will acquire Fast Technologies.

My personal expectations are that FAST will be embedded in MOSS and replace the current technology.  Instead of maintaining different codebases, this might also mean the end of the road for iFilters.  There has never been a extremely wide adoption of iFilters and with its limited fan base the amount of different content types that can be indexed are extremely limited compared to the archiving industry standard.

The fact that it took nearly a year AFTER the release of Office 2007 for iFilters to become available so that search engines could index these new file types is a very concerning matter.

I spend some time yesterday moderating a webinar with Mark Diamond from Contoural and there was an interesting statement that really hits home for organizations who haven’t implemented a proper retention and disposition policy in their environment. End users are very predictable when it comes to email .. they all are packrats … big ones. Organizations who in the past enforced strict mailbox limits started to see people leverage PST files to store their data, something that for a while was actually encouraged to do.

Now that we are years later these organizations realize that they have a few TB worth of PST files out there that is a legal time bomb waiting to explode. Without knowing what is in there it is a nightmare scenario.

The other case scenario is still in use today and reasonably popular; enforce a strict deletion policy on Exchange (i.e. delete everything after 90 days). What users tend to do in that case often is for instance leverage gmail as their private archive. They would set up a mailbox rule to forward all of their emails to an outside account, either gmail or maybe their private email account.

Basically both these options have resulted in underground archives that could be targeted in case of a litigation even though the data might be in a private mailbox. Forcing data archiving ‘underground’ is very dangerous as all of a sudden the organization has no longer control over this data and they don’t know what kind of data is out there. It isn’t that simple either as now the data could be stored in many different locations; from PCs to iPods and more.

A proper data retention policy comes with a way to store and dispose of the data and not force it underground. In my opinion an archiving solution is going to help you with this as you allow the data to go somewhere under your rules.

Autonomy/Zantaz has now replaced Altavista with IDOL (Autonomy’s search technology), however apperantly they support now both Altavista and IDOL (see this thread).

I’m glad to see that another vendor now has moved on.

For a nice 1.2 Billion USD.  

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9056285&intsrc=hm_list

January 08, 2008 (Computerworld) — Microsoft Corp. says that buying Fast Search & Transfer ASA, in a $1.2 billion deal announced today, will make it the only vendor that can offer a unified enterprise search platform capable of scaling to billions of documents.

But at least one analyst thinks that customers will face some risks as Microsoft tries to integrate its SharePoint content management software with the search technology offered by Oslo-based Fast Search & Transfer, which is known as FAST.

Tying together the two product lines “will be a challenge,” independent search analyst Stephen Arnold wrote today in a blog posting in which he also predicted more consolidation among the 50 or so companies now competing in the enterprise search market.

Arnold said he thinks that the engineers at Microsoft and FAST are up to the integration challenge. But, he added, “the question will be, ‘How long will the meshing take?’ If speedy, Microsoft can expand its service offering and put another hurdle in the path of companies like Google eager to win more of the Microsoft market. If slow, the delay will allow further incursions into Microsoft territory by Google as well as IBM, Oracle and SAP, among others.”

During a conference call after Microsoft announced its intentions to acquire FAST, Jeff Raikes, president of Microsoft’s business division, declined to comment in detail about the company’s product integration plans.

But Raikes contended that the combination of the two vendors will give Microsoft a leg up on its enterprise search rivals. “Most customers are recognizing that they don’t want their search to be fragmented across their organization,” he said. “They want to choose a search strategy and products from one vendor.”

Currently, corporate users have to “choose between a high-end-focused search [platform] or a broader infrastructure technology,” Raikes continued. He said that by marrying FAST’s products with SharePoint, “we are clearly the leader in end-to-end search in the corporation.”

FAST has about 2,000 customers, according to Arnold’s blog posting. The Norwegian company reported $162 million in revenue during 2006, but its revenue and stock price collapsed last year, forcing it to lay off one-fifth of its employees and slash unsuccessful product lines in order to regain profitability.

John Lervik, FAST’s CEO, said the restructuring refocused the company “on its search platform, which fits very well with Microsoft’s strategy.” FAST’s board of directors unanimously recommended that shareholders accept the buyout deal, which is expected to be completed in this year’s second quarter.

Raikes was undaunted by FAST’s financial struggles, saying that corporations are drowning in information overload and clamoring for search technologies such as the ones offered by FAST.

“I find it fascinating that you can get last night’s football scores in five seconds, yet it can take five hours to track down last year’s business plan,” he said. “We believe enterprise search will be for workers tomorrow what Internet search is for consumers today.”

Microsoft already offers several search products, including SharePoint, which the company says has about 85 million licensed end users.

“SharePoint can deal with tens of millions of documents,” Raikes said. In comparison, the latest beta releases of FAST’s search software can handle 1 billion records per server, Lervik noted.

In addition to the corporate plans, Lervik said that there have already been talks between the two companies about how to integrate FAST’s technology into Microsoft’s Windows Live search engine for home users.

FAST competes with specialized search vendors such as Autonomy PLC and Isys Search Software Pty., as well as with the likes of Google Inc. Sydney, Australia-based Isys was quick to raise questions about the planned acquisition by Microsoft, claiming in a statement that the combination of SharePoint and FAST’s software will create “the potential for real integration headaches” for customers.

(For more analysis of the Microsoft-FAST deal, see this blog posting on Computerworld’s Web site.)

While I have to admit that the Stellent Outside In technology isn’t the fastest way, products using it can capture the content of roughly 400 different filetypes.  Products that rely on iFilters (notably Quest Software, Sunbelt and H&S soft) for instance can only capture the content 0f about 60 different filetypes, and to achieve some of these filetypes customers will actually have to purchase extra filters on top of their coslty deployment.  I’m not a fan of iFilters in the archiving industry .. I can see it being valuable in other deployments like SharePoint.

 In case of search and eDiscovery .. this is a huge difference and should be something that customers are aware about.   If you can’t index it .. you can’t find it.

Source: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1284613,00.html

Trend Micro plans to integrate Provilla’s data loss prevention (DLP) technology throughout its security portfolio starting with its OfficeScan endpoint security software in the second half of next year, while continuing to sell standalone DLP products.
 
Trend outlined its general plans as it announced the rebranded Trend Micro Leakproof 3.0, the first upgrade since it acquired Provilla in October. The release features highly customizable user alerts to flag noncompliant behavior and enforce policy. Companies will be able to deliver policy-specific dialog boxes at the point of violation and direct users to company links to review correct policy.

Many companies and analysts have identified user awareness as a key value of DLP technology, preventing well-intentioned employees from inadvertently leaking sensitive information and putting malicious insiders on notice that “someone is watching.”

“We’ve taken user alerts to another level,” said Glenn Koska, Trend’s director of DLP marketing. “We talked to customers and looked at the research. The majority of breaches are unintentional, and companies say part of their data proteciotn strategy is to raise awareness.”
 
Koska says Trend will eventually extend Provilla’s agent-based endpoint DLP technology to the gateway, integrating it into Web and email security products, but still has to work out how and when that will happen. Independent DLP vendors generally offered either endpoint or gateway products, but have been moving to provide both capabilities as it became clear that comprehensive data security requires protection at both egress points and at the point of creation.

Incorporating DLP enables Trend to compete with its chief rivals, Symantec, which recently announced it’s buying Vontu, one of the market leaders, and McAfee, which bought British DLP vendor Onigma in 2006 and offers both host- and gateway based DLP products.

“The endpoint security guys are beefing up their clients; everyone is looking at DLP as a thing to add to endpoint security,” said Jon Oltsik, senior security analyst at Milford, Mass.-based Enterprise Strategy Group. “The trend is to look for pieces of tech to do that; they’re opportunistic to get into DLP that way.”

Leakproof 3.0 adds a scan-only version of its agent to discover data on desktops and servers. This helps companies identify risk points and understand how data is used, which will help both security and operations groups. Data discovery and classification enables corporations to determine the most cost-effective storage and backup procedures, in addition to helping secure sensitive data. EMC, which has become a major security player with its acquisition of RSA and several smaller companies, offers data classification and entered the DLP market, buying Tablus earlier this year.

“Over the next few years, data leak prevention will become part of endpoint solutions and part of gateway solutions,” said Oltsik. “What may be standalone is classification. Enforcement belongs with some of the security vendors” while classification will belong more to file system and collaboration like SharePoint, Documentum, file systems, tagging, search engines, etc. What I’d call information intelligence technology.”

Yes indeed it is.  I really understand that eDiscovery is an important part of this industry and many organizations (for instance insurance has legal eDiscovery be part of their business model), but in sense eDiscovery happens because something went wrong somewhere however in my opinion it is better to prevent then to cure.

Data Leak Prevention is basically one of the next stages in the lifecycle or grow up of archiving products within the enterprise.  Organizations actually face a daunting challenge: Protecting the organization’s most valuable asset, its information, amidst widespread investment in new, more efficient communication technologies. As organizations invest in new business systems and processes to exchange critical information to, from and about customers, partners, and employees in real time, more opportunity exists for information leaks. Data breaches are rapidly becoming the forerunner of IT security concerns, in part because of the increase in both the frequency and severity of such breaches. For security professionals, the pressure to provide data security is influenced by three factors: 1) regulatory compliance, 2) protecting confidential data, and 3) mitigating the risk and associated cost of a breach.

Government and industry regulations are arguably the biggest influencers to organizational directives to provide data security. Federal regulations include Sarbanes-Oxley for publicly traded organizations, the Gramm-Leach-Bliley Act (GLBA) for the financial sector, and the Health Insurance Portability and Accountability Act (HIPAA) for health care organizations, mandate the security of private or confidential information. More than 25 states have passed data privacy and/or breach notification laws that require organizations to notify consumers when their information may have been exposed. The most high profile of these state laws is California’s SB1386, which set the precedent for breach notification regulations. In addition to the federal and state regulations, specific industries such as the credit card industry have enacted data protection regulations such as the PCI (Payment Card Industry) Data Security Standards.

Information leaks are not solely relegated to organizations with customer data or regulatory requirements; many non-regulated companies share a need to secure sensitive data. Intellectual Property (IP), M&A plans, and other critical assets are strategic to many organizations’ success and competitive advantage. These organizations are as concerned about leaks (both external and internal) as regulated companies because of the strategic nature of the information they manage and the frequency with which they fall victim to leaks.

Over the years, organizations have spent a tremendous amount of resources in hopes of protecting their information. However, their efforts have been focused on preventing outsiders from hacking into the organization, educating employees, and securing data at rest. According to analyst firms, the majority of all leaks are the result of unintentional information loss from employees and partners, both external and internal leaks. The average information leak costs organizations approximately $182 per record (according to the Ponemon Institute), averaging roughly $4,800,000 per breach in total. The high cost of a breach can have a profound effect on organizations P&L, market presence, and competitive advantage as a result of damage to brand and reputation, and loss of customers and IP. As organizations invest millions in business systems increasing the availability of information to build or maintain a competitive edge, there remain a slew of security-related considerations, including:

• Where is the organization’s confidential & sensitive data?
• How, where, and when is the data transmitted and by whom?
• How can the data be controlled and protected?
• What is my organization’s financial risk (from a leak)?

Vendors like Vontu, Proofpoint, Orchestria and McAfee all offer products that could help with this problem while also Microsoft introduced some basic functionality with their transport rules in Exchange 2007.

Its nearly 12 months after the release of Office 2007 and the Office 2007 iFilters are still not available for download individually from Microsoft. A thread about this can be found on MSDN. These files have been announced for quite some time, but an exact ETA is still not available.  Oddly enough you can get the ‘iFilter’ by installing MOSS 2007 or Office 2007 on the server you wish to search these filetypes on if you use search technology that relies on iFilter technology, but obviously this could raise some major objections in certain situations.