Ensuring Legal Compliance in Microsoft 365 Migrations: A Cloudficient Blueprint

In the era of digital transformation, migrating to Microsoft 365 presents an opportunity for organizations to leverage cloud efficiency and innovation. However, this transition is not without its challenges, especially when it comes to satisfying legal and compliance requirements. Cloudficient stands at the forefront, ensuring that migrations into M365 not only meet technical expectations but also legal imperatives. 

This blog serves as a brief overview of the points to consider when migrating from legacy email archives to Microsoft 365, especially when an email journal is part of the migration process. Journal email introduces some significant challenges for legal teams when migrating to M365.  

A corresponding white paper available here provides much more detail about these migrations and will be valuable to IT or Legal teams while researching and planning a migration to M365. 

The Legal Landscape of Email Migration 

Migrating email systems to Microsoft 365 means carefully thinking about data integrity, retention, and accessibility. Our expertise in migrating email from platforms like Microsoft Exchange, and email archives from platforms such as Veritas Enterprise Vault, EMC SourceOne, and various cloud archives ensures that the process aligns with legal teams’ needs, securing rapid, efficient, and secure migrations. 

Categorizing Data: The Path to Legal Satisfaction 

Understanding the difference between "suitable" and "unsuitable" data is paramount. Suitable data includes user mailboxes, user archives, and PST files directly mapped to M365 users, while unsuitable data encompasses journals and other non-user-specific information. This distinction is crucial for maintaining the chain of custody and ensuring that each piece of data finds its right place in the cloud, complying fully with legal standards. 

The Cloudficient Approach  - Uncouple User and Legal Data 

Cloudficient’s strategy focuses on uncoupling user data migration from legal data considerations. While Microsoft 365 excellently serves user data needs, legal data requires a specialized approach to ensure compliance and efficient eDiscovery. Our suite of solutions addresses the migration of user data with unmatched speed and accuracy, ensuring legal compliance without compromising user experience. 

We also find, however, that there are certain data sets that may not fit well within the M365 ecosystem. This is data that is classified as “Legal” data. This is data that is used by the legal team to search and export for legal matters and is usually in the legacy archive in the form of a “journal archive”, or multiple journal archives. 

We recommend migrating user-based, or suitable, data to M365 so your end users can take advantage of the efficiencies and tools that M365 offers to end users. Cloudficient has a suite of tools to aid in this process, providing a completely automated workflow and speeds that are unmatched in the industry.  

Journal data, considered unsuitable for M365, requires special planning and consideration. There are currently two options to migrate this data to M365, and one solution that is provided by Cloudficient.  

The two options to migrate journal data into M365 are: 

Journal Explosion

The first option is to take the emails in the journal and “explode” them into individual mailboxes. This creates a massive expansion of the mailboxes in M365 and introduces duplication, as a large portion of the emails in the journal may also still reside in the individual mailboxes. You may think that this is not a major concern because storage in M365 is abundant, but there are many other factors to consider besides storage. 

• User license growth – There is a good chance that you have former employees within the journal email archive. The emails for former employees will need a mailbox as a landing spot for all their emails.  
  
  
• Mailbox expansion and item duplication - Copying all emails from the journal and pushing them into the individual users’ mailboxes will expand the size of the mailboxes 5X to 15X, potentially more. This duplication will introduce issues with legal teams when it comes to review and export. If your internal legal teams are reviewing data early in a matter, duplicate copies of emails or file attachments will add useless cycles to the review process. 
  
  
• Migration project timeframe – In addition to mailbox expansion and item duplication, you also must understand that the time to migrate this data will also expand at the same rate (5X to 15X). We had a recent customer review their email to get an understanding of the average number of recipients per email and the number they came back with was 80. This means that in an environment with a 100TB journal archive, the potential migration could reach 8 Petabytes. 

Journal Splitting

The second option for migrating journal archives into M365 involves dividing up the journal emails into sizable chunks and migrating that data into shared M365 mailboxes. This process includes creating a shared mailbox, migrating a set number of items into the shared mailbox, and then moving to the next shared mailbox until you have migrated all data into a number of shared mailboxes. There are many considerations for legal when you migrate journal data into shared mailboxes, such as: 

• Incomplete and Complex Search for eDiscovery: Shared mailboxes risk incomplete eDiscovery due to challenges in identifying relevant data, complicating searches and potentially leading to oversight of crucial information. The only option for searching journal data across shared mailboxes is by context or keyword only, making it difficult to execute custodian-based searches or exports. This important example is explored in greater detail below. 
  
  
• Governance Difficulties: Managing email records becomes complex without individual custodian-based storage, affecting records management and complicating divestitures. 
  
  
• Non-Compliance Risks: Regulated organizations may face incomplete archiving and non-compliance if ongoing journaling is required.
    
• Storage Limitations: The 100 GB limit on a licensed shared mailboxes is often insufficient for legacy journals, complicating data management. A 50TB journal data store would require 500 additional licenses in the environment and would also require your legal team to add all 500 shared mailboxes to an eDiscovery search. Some companies take the approach of letting the mailboxes expand naturally with auto-expanding mailboxes, but at a rate of 5GB to 7GB per week, waiting for MSFT Auto-Expansion can take months or years and is typically not recommended. 
  
  
• Single Custodian Hold Limitation: The inability to place single custodians on hold in shared mailboxes poses significant challenges for targeted legal holds and specific eDiscovery requirements, while also introducing risk to the organization by potentially retaining non-relevant data for too long.  
  
  
• Ambiguity in Microsoft's Licensing Rules: Utilizing shared mailboxes as a landing spot for existing journal emails may violate Microsoft’s licensing rules. IT and Legal teams should verify with Microsoft the rules around shared mailbox licensing. We have seen conflicting responses which may suggest that their stance around shared mailbox licensing may be changing.  

Expireon: Revolutionizing Legal Data Migration 

Cloudficient's Expireon platform emerges as a next-generation solution, particularly adept at handling the intricacies of legal and eDiscovery processes. With features like rapid data onboarding, continuous email journal capture, targeted indexing on demand, data autonomy, and right-sized eDiscovery tools, Expireon ensures that legal teams can efficiently manage discovery processes, maintain data integrity, efficiently discovery data for legal workflows, and comply with regulatory requirements, including the stringent SEC 17a-4 compliance. Our whitepaper provides more details on each of these Expireon features: 

• Rapid data onboarding 
• Continuous email journal capture 
• Retention management 
• Defensible deletion 
• Legal hold and preservation 
• Targeted indexing on demand 
• Data ownership – no vendor lock-in or ransom to get your data back 
• Right-sized eDiscovery tools 
• Lighting fast exports to downstream review tools 
• Custodian-based management 

Conclusion: A Strategic Legal Approach to M365 Migration 

The journey to Microsoft 365, guided by Cloudficient’s Expireon and migration solutions, provides a roadmap for organizations to achieve legal satisfaction. By addressing the dual needs of operational efficiency and legal compliance, companies can embark on their cloud transformation journey with confidence, knowing that their data is not just migrated but strategically aligned with legal and compliance imperatives. 

For organizations navigating the complexities of cloud migration, Cloudficient offers a beacon of innovation, efficiency, and legal compliance, ensuring that migrations to Microsoft 365 are conducted with the precision and foresight that legal teams demand. 

Our detailed whitepaper available here provides much more detail and is recommended for anyone that is currently researching a migration of email and email archives to M365.