I used to be someone who publicly eschewed the use of the cloud. I wrote whitepapers on the topic and mentioned it in every presentation I gave. For our company, I chose to operate a private cloud principally because it was less expensive to run it myself. At the time, the feature sets were identical between cloud and on-premises environments. More importantly, I had control over updates, migrations, and the user experience. It allowed me to run legacy applications, and I could integrate middleware – which we frequently use since we have in-house developers. I advised my clients that data loss or disclosure was an issue with cloud providers, and they were subject to unannounced third-party discovery.
But everyone is allowed to change their mind, and I have because almost all of these concerns have been addressed by cloud providers. In short, a major evolution has occurred over the last five years. So, I encourage you to examine each of these processes to determine if a cloud offering has something you want – both for business processes and eDiscovery. Maybe, just like me, you’ll change your mind.
Email is the easiest cloud service to compare on-prem vs. cloud. On-prem solutions have been the norm since the inception of email, even before the advent of hybrid/remote work, and Office365 and Google Workspace (formerly G Suite) are two of the most common solutions for cloud email. They have solved almost all the issues listed above, except the application is updated with additional features or changes without notification to users or support. On-prem email services tend to be more costly than O365 and Google Workspace, especially when factoring in the features included in those cloud offerings – benefits such as litigation hold, compliance, and basic eDiscovery search and export.
Phone Provider
Before the pandemic, we operated an on-prem custom Asterisk SIP server for our phone needs. However, modern providers had no update paths without reconfiguring the entire system. Even though the hardware was generic, we had moved to a virtual machine environment, and this bare metal system was costing more to maintain – a $2 fan became a $20 one. It was the definition of a legacy application.
We searched and tried several cloud-based SIP providers and ultimately decided to move entirely into a unified real-time communications system in the cloud (Zoom). This move solved the hardware issue by eliminating it altogether, taking updates out of our tasks, and adding capabilities never possible before. For example, incoming phone calls come to any device and can be transitioned to meetings without disconnection, there are real-time notifications when someone is away, and so many more. No on-prem solutions offered these features, and although several competing cloud offerings were available, they required third-party services to unify everything. From an operations perspective, it took the burden off our staff, and from a cost perspective, it was significantly less expensive with far more functionality.
eDiscovery
eDiscovery services in the cloud inherit many of the issues and solutions from both of the previous examples. They are generally much cheaper with the right software and the right provider while offering far more features than legacy applications. They are frequently updated so they can provide a better user experience and, in some cases, do-it-yourself options.
Having eDiscovery services hosted in a cloud environment allows integration with other cloud applications businesses may already have. For instance, if any company or client data is stored in Amazon Web Service (AWS), eDiscovery solutions exist that enable the processing and searching of that data in place without having to export, copy, ship, or re-store the data for the purposes of eDiscovery. If you’re still paying per gigabyte per month, this could represent significant savings.
In general, there are two types of cloud-based eDiscovery services: proprietary applications and software as a service (SaaS). There are a few proprietary applications where users can upload, process, and review data through the website provided by the software provider – this is analogous to Gmail because you can’t access the backend. The only place to interact with Gmail is through Google, as no other provider hosts Gmail. Updates are automatic and out of the users’ control. There may be a charge for tech support because it hasn’t been developed to deliver certain functionality for end users. Very few of these providers have any type of external API access that allow third-party integrations or applications. Users are beholden to that proprietary provider and its development cycle.
SaaS for eDiscovery was historically available through managed service providers, but it has always been a SaaS offering bundled with other services. There are many different deployment types that allow complete access to the system, like in an on-prem environment or a SaaS model closer to the proprietary provider described above. A key difference is the SaaS provider is a common application that can be installed in multiple locations and is not solely hosted by the software provider. You could host them in multiple environments, from AWS to Azure to a private data center. SaaS eDiscovery can range from merely providing the platform so you can handle all workflows yourself to a full-service eDiscovery offering sold as a SaaS service. There, the SaaS provider maintains the platform as well as potentially loading data, performing productions, and other eDiscovery tasks.
The SaaS offering in the eDiscovery realm is superior because it allows custom integrations and custom workflows that aren’t necessarily available with proprietary providers. For instance, if a connector needs to be written to download data from a file storage site directly into the platform, this can be accomplished depending on the host cloud environment. Specifically, building on the AWS example above, there is no need to double or triple-store the data if the cloud-hosted eDiscovery platform can access the data in place and that data is under a programmatic legal hold. Avansic has seen this accomplished where the eDiscovery platform is in a private data center, hosted in Microsoft Azure, or hosted in AWS where the private data center has the most flexibility for connections.
In our remote workforce, we rarely travel to collect data, as most of it can now be reached remotely. This has changed eDiscovery workflows when sharing data with external parties.
Having your eDiscovery platform in a cloud environment also facilitates better data sharing with third parties and virtually eliminates the need to ship hard drives or download material to external file share or FTP sites. That one benefit is why cloud eDiscovery solutions are considerably more useful, and one of the main reasons I changed my mind about the cloud in eDiscovery.
Conclusion
On-prem eDiscovery solutions have been the norm for the last several years. The maturity of eDiscovery solutions in the cloud and more corporate data moving to the cloud have deprecated on-prem solutions. The primary reason for abandoning on-prem or legacy eDiscovery solutions is a combination of cost and features. Costs in the cloud were previously more expensive than they are today. The features of SaaS eDiscovery solutions are reducing the overall cost of eDiscovery by making previously manual tasks more automated and lowering the cost of legal review substantially.
Dr. Manes routinely serves as an expert witness including consulting with attorneys on data preservation issues. He contributes academic content to peer-reviewed journals and delivers classroom lectures. See his full CV at gavinmanes.com.
Dr. Manes has published over fifty papers on eDiscovery, digital forensics, and computer security, countless blog posts, and educational presentations to attorneys, executives, professors, law enforcement, and professional groups on topics from eDiscovery to cyber law. He’s briefed the White House, the Department of the Interior, the National Security Council, and the Pentagon on computer security and forensics issues.
At the University, Dr. Manes formed the Tulsa Digital Forensics Center, housing Cyber Crime Units from local, state, and federal law enforcement agencies. He’s a founder of the University of Tulsa’s Institute for Information Security, leading the creation of nationally recognized research efforts in digital forensics and telecommunications security.