Matthew Ravden

The Road to Office 365 – It’s Not ‘If’ but ‘When’ and ‘How’

If there’s one thing we can be sure about it’s that, at some point in the future, almost nobody will manage mailboxes on premises.  The dominant players look like being Microsoft with Office 365 and Google with Google Apps, though of course others may emerge.

Not surprisingly, then, pretty much every CIO in the world has taken a look at these platforms and adopted a stance.  The stance may involve proactive planning now with a rapid migration in mind, or it might be a case of keeping things as they are until the technology matures further.  Or there might be any number of interim steps that will make a migration easier at some point in the future.  I would wager that there is no CIO that hasn’t started thinking about migrating email, in its entirety, to the cloud.

The Road to Office 365 – It’s Not ‘If’ but ‘When’ and ‘How’

The Road to Office 365 – It’s Not ‘If’ but ‘When’ and ‘How’

For the last few years Mimecast has positioned itself as a companion technology to Microsoft Exchange, optimizing our cloud services to deliver maximum value to on premises or hosted Exchange customers.  And now, of course, we’re also providing services for Office 365 customers, in both cloud-only and hybrid environments.  Of our 9,000 or so customers, almost all of whom are on some form of Exchange, we are seeing a growing number using Mimecast and Office 365 together.  With Office 365, we support very clear use cases that address specific customer needs that can’t be met by Office 365 on its own.  It could be a particular compliance or eDiscovery need, or a desire for a ‘cloud-on-cloud’ High Availability solution to protect against downtime.

Office 365 may be the eventual destination for most businesses, but that doesn’t mean there is a crazy rush to migrate there or indeed that it’s the only short to mid-term option.  For example, we’re seeing the Managed Service Provider (MSP) market booming, as smaller businesses offload their Exchange infrastructures and move to hosted Exchange suppliers.  At the other end of the scale, Exchange 13 is an attractive option for companies who want to keep their mailboxes on-site.  And we’re seeing a fair amount of hybrid deployment, with IT moving a subset of users to the cloud, with an independent archive like Mimecast’s giving them the flexibility to toggle mailboxes back and forth between on premises and cloud as they see fit.

But let’s not kid ourselves.  These are all interim measures, albeit interim measures that will be very profitable for those organizations operating in the space for some years to come.

The point, I guess, is that we’re all preparing for an Office 365 world.  At Mimecast, we are building out and optimizing our Office 365-specific portfolio so the use cases are crystal clear.  It’s not simply a question of offering alternative tools to those that Microsoft includes with its Office 365 SKUs, but showing how we offer additional layers of functionality that support specific customer needs.  That way, over time, we actually see ourselves becoming an accelerator, or enabler for Office 365 adoption, since we effectively remove short-term barriers to adoption.

Naturally, Microsoft is working hard to add functionality of its own and make Office 365 as robust and feature rich as possible.  Many of the ‘gaps’ that Michael Osterman calls out in his paper, Office 365 for the Enterprise: How to Strengthen Security, Compliance and Control, will be filled by Microsoft over the coming years.  So does that mean third parties will find it hard to build businesses within this ecosystem?  No.  In fact, as the platform matures, more use cases will emerge just as happened with Exchange many years ago.

Microsoft will certainly want to make sure that the common elements of customer need are properly served by Office 365 off the shelf, but this is a company, unlike Google, that has always been committed to its partners, and to the creation of a vibrant community of ISVs around its core platforms. Office 365 will be no different, and there will be plenty of room for third parties who can help customers not only see over the short term hurdles, but enjoy a first class, zero compromise cloud experience in the longer term.


From Good to Great – Why Office 365 Needs Mimecast

[Tweet "Office 365 is now the real deal and with Mimecast it goes from good to great"]

From the moment BPOS was first released about five years ago, we’ve consistently said on this blog that we welcome Microsoft’s move to the cloud, that it’ll be a great solution for some businesses, but that mature cloud services like Mimecast’s will play a major role as adoption begins to gain momentum. Well, if BPOS was Microsoft’s trial run, Office 365 is the real deal and it does now seem to be gaining serious traction in the market. But our position remains the same, and in fact the business case for Mimecast’s solutions to enhance Office 365 looks stronger than ever.

Office 365 is positioned by Microsoft as a one-stop-shop, and on the surface looks like something of a panacea for a business looking to outsource email and stop managing an on-premises Exchange server. For many businesses, particularly in the SMB space, it is.

But for larger companies, or those for whom email is a mission critical application, Office 365 may not be quite so alluring. In general, Mimecast customers fall into that category – they want to use best practice cloud services to protect email from threats, and store the data in a secure, highly available archive. And amongst our customer base we’ve seen a preference for keeping Exchange on-site – there’s strong interest in Exchange 13 – or moving to a hybrid model with some mailboxes on-site and others in the cloud.

The blockers to Office 365 adoption seem to fall into three categories.

  • Archiving doesn’t offer sufficient levels of compliance and eDiscovery capabilities
  • Uptime is a concern
  • Exchange Online Protection may not represent best practice email security

We also think a further need will emerge, for a single archive of multiple types of unstructured data, fully searchable both for eDiscovery purposes and for day to day use by end users from their laptops, smart-phones and tablets. An Enterprise Information Archive for Office 365, to use Gartner terminology.

For Mimecast, then, nothing much changes from how we position around on-premise Exchange, where we offer enterprise grade cloud services that remove complexity and cost. With Office 365, it’s less about cost and complexity, and more about the ‘enterprise grade’ piece. As Office 365 adoption gains traction, the ‘pain points’ will also crystallize, and the ecosystem of ‘supporting’ or ‘enhancing’ services will emerge.  It already is emerging.

Is this a bad thing for Microsoft or Office 365?  On the contrary. Businesses who want to go down this path will be reassured that there’s a third party ecosystem of mature cloud services that can enhance the ‘off-the-shelf’ capabilities of the various SKUs of Microsoft’s new cloud solution. We expect to find businesses buying Office 365 plus Mimecast for any one of the three issues above, or potentially buying our entire UEM suite if that’s what best meets their needs. And we also expect companies who’ve already moved to Office 365 to subsequently purchase add-on services to shore up functionality in those key areas, be they compliance or security related, or based on concerns about downtime.

So, to conclude, Office 365 comes in a variety of different shapes and sizes at different price points, ostensibly for businesses with different messaging requirements. It covers a lot of ground, and for many businesses the barrier to purchase is that one or other area of critical functionality doesn’t quite meet requirements. With Mimecast, which works seamlessly within an Office 365 / Exchange context, these perceived short-falls can be fixed, and the barriers to purchase removed. With Mimecast, Office 365 goes from good to great.


Information Fragmentation and the Consumer File Sharing Services – The Enterprise Fights Back

[Tweet "It may not be feasible to outlaw Dropbox…IT doesn’t have off the peg alternatives"]

The research we just published from Freeform Dynamics did a great job of framing the Information Fragmentation ‘pain’ that businesses are feeling.  For me, the main thing the research does is make it crystal clear that the vast majority of IT CIOs recognize the problem, but very few have really worked out what to do about it. Law firms, as you’d expect, are quicker than most to start figuring out how to regain control of corporate information, since they live in a world of compliance and regulatory requirements.

Whilst the Freeform Dynamic research identified a group of ‘Elites’ who appear to be making all the right moves, after talking to customers and prospects from the legal community at this week’s Strategic Technology Forum 2013, there are still huge differences of opinion on what constitutes best practice.  Nathan Hayes, IT Director at Osborne Clarke, and I, hosted a round table discussion around the data fragmentation issue earlier today, and it became clear that views are polarized.

Dropbox, and the other popular ‘consumer cloud’ services, are not the only source of information fragmentation, but they frame a nice emotive subject with which to start a good conversation. Everyone agrees that the use of these tools in the enterprise is a threat to IT’s ability to manage sensitive information.  But opinions are split on the solution to the problem.  On the one hand, there’s a view that we can’t outlaw the likes of Dropbox, and instead we need to accommodate it – and similar tools like Evernote or – via a variety of different strategies.  On the other, there’re those who feel that consumer clouds should simply not be allowed in the enterprise.

Information Fragmentation

Mimecast will provide a folder where users can drop important work documents from Box/Dropbox, etc. Those documents are in the archive, subject to DLP policies, fully compliant and discoverable

Both Gartner and Forrester have started to define a nascent market for what they call ‘File Sync and Share’ services, but from what I’ve read, both are advocating very different solutions.  Interestingly, Gartner calls this category Enterprise File Sync & Share (EFSS), by definition ruling out anything that’s not ‘enterprise-grade’.  And in line with that piece of context setting, Gartner (1) states in a recent report, “implementing an EFSS service can be a significant challenge, as IT organizations race to shepherd their rogue employees away from consumer-oriented services into a controlled environment suitable for enterprise data sharing. Although creating an easy-to-use EFSS solution can be an urgent and a high priority, enterprise IT should be keen to embrace solutions that also provide robust features, such as enhanced security, identity management, unified dashboards and content management.”  Users of consumer cloud services are considered ‘rogue’.  Forrester Research, Inc. (2), in complete contrast, says that any attempt to block personal cloud services and implement enterprise-grade alternatives will fail.  To quote from the report, “we predict that IT will create application programming interface (API)-style connections with employees’ personal cloud services in a fashion similar to business-to-business (B2B) integration.”

As the co-host of today’s discussion, I naturally had to stay on the fence and keep my own bias to myself.  But now that’s done and dusted, what would I – or Mimecast as an Enterprise software vendor – propose?

I think the remedy comes in two distinct stages, and we’re providing technology for both.  First of all, we need some damage limitation.  It may not be feasible to outlaw the use of Dropbox.  It’s a popular tool and corporate IT doesn’t necessarily have off the peg alternatives with ‘Enterprise-Grade’ stamped on them. Just a simple use case – needing to send a large file – is often enough to send a user to the dark side.  So let’s deliver IT a tool that provides a compliant framework for use of consumer clouds.  We’ll give you a Mimecast folder, into which your users can drop important work documents from Box/Dropbox, etc.  And once there, those documents are in the archive, subject to DLP policies, fully compliant and discoverable, and we can all sleep a little better at night.

If that’s phase one, then phase two is what we at Mimecast call ‘encroachment’.  It’s a polite way of saying we can obviate the need for something altogether.  I doubt Dropbox execs will be quaking in their shoes at this news, and we doubt very much we’ll put them out of business.  But if we can provide EFSS solutions for our customers and their end users that do the job for both sides, then slowly but surely, we can bring users back into the fold.

Even then, it probably wouldn’t be smart to ‘outlaw’ these popular services.  Rather, by providing strong, usable, viable alternatives, the compelling use cases for them will fade away.

The Enterprise Fights Back?  Perhaps, but it won’t be shock and awe.  More subtle persuasion.

(1)  Use These Best Practices to Deploy a Private Enterprise-Class File Sync and Share Service.  Published 26 March 2013.  Gene Ruth, Arun Chandrasekaran, Gartner Inc.

(2) The Coming Integration of Personal Cloud Services And Enterprise Apps. Published 21 March 2013. Frank E. Gillett, with Christopher Mines and Michael Yamnitsky, Forrester Inc.


New Research Shows Growing Data Fragmentation a Serious Concern

[Tweet ""82% of IT professionals see their business decisions being hurt by data fragmentation""]

This week we joined forces with independent analysts Freeform Dynamics and commissioned research into the impact that growing data fragmentation is having on IT professionals in the UK and U.S. You can get a summary of the report, a 1 page infographic best practice guide and the full report here.

As we expected data fragmentation is a very pressing issue for customers – and not just from a technology or IT infrastructure perspective. 82% of respondents see their business decision making being hampered or hurt as a result of data fragmentation.

82% see business decision making hurt by data fragmentation. 93% struggling to control corporate data. 83% see security risks as data is spread across corporate or ‘Shadow IT’ networks.

82% see business decision making hurt by data fragmentation. 93% struggling to control corporate data. 83% see security risks as data is spread across corporate or ‘Shadow IT’ networks.

Fragmentation of corporate data across their IT infrastructure and the emergence of a ‘Shadow IT’ network of user devices or consumer cloud services outside their control, is also putting their organizations at risk. 83% are concerned about the security of their corporate data as it’s increasingly dispersed across their network and outside.

That’s not all. Getting the situation under control is also proving difficult with 93% saying that tracking and managing critical corporate data is now a big challenge. And of course it’s also driving up management and infrastructure costs – 84% highlighted that costs were a concern and many feel they’ve lost control of this.

Today’s CIOs are much less managers of IT real estate than custodians of corporate data. Their focus is on securing the all-important data, storing and managing its cost effectively, and then making it work harder for both end users and the business as a whole. This task is tough enough with information being siloed around the enterprise but when you add in consumer devices and ‘personal cloud services’, it becomes almost impossible for a CIO to really know where valuable corporate information is being stored. On the one hand, it’s hard to stop the use of these services, but on the other there’s no question that they represent a genuine security and compliance risk for IT.

The small number of expert or elite respondents in this survey show that there’re ways to tackle data fragmentation, and if policies and technologies are adopted before the problem becomes too widespread, it’s still quite possible to harness the data for the benefit of the business. It’s also clear that archiving solutions like Mimecast’s own can play a major role here, enforcing DLP and retention policies, fulfilling compliance requirements and giving the CIO a single view of all the critical corporate data.

Here are some of the key findings but find out more here:

  • 82% of IT managers see decision making hampered by data availability issues and 77% by data inconsistency.
  • 93% are struggling to control critical corporate data. 84% believe storage costs are running out of control.
  • 83% see security risks as their corporate data fragments across the private and public network, with 38% already experiencing the issues acutely.
  • 92% see email as a common means of storing and sharing critical data within corporations. 62% say that local offline email stores – for example, PSTs on desktops, are frequently used for storing business information – compounding the risk.