Businesses, including corporations and law firms, are increasingly choosing to host their business-critical applications with third parties to reduce (or avoid altogether) CapEx and OpEx associated with installing and managing software behind their corporate firewall. Two common options are physical servers that reside in the third party provider’s data center, and cloud-based environments. While these are just two options, evaluating which environment to use to host sensitive and confidential data subject to legal and compliance matters can confound even to the most tech-savvy lawyers and litigation support staff.
Key considerations to evaluate when hosting legal and compliance data include security, scalability, uptime and cost.
Cloud environments are built in a manner where pools of resources are shared across an entire environment by multiple tenants. In other words, a host puts many users on a single server, where they share the server’s resources. While allocation can add some efficiencies, it also has numerous drawbacks. For example, it can hamper performance because all clients share the server’s disk, memory, CPU, and network. If one client is using 80% of a server’s memory, it means the other clients must split the remaining 20% of memory. This “bad neighbor” effect can slow down processes and cause more unpredictable disk input and output. In fact, all of this sharing can mean a single user can overwhelm a local compute node—the source of storage, memory, networking, and processing resources—resulting in temporary outages, performance issues, and limited scalability.
Furthermore, when it comes to data security, depending on the provider’s security infrastructure and processes, these systems can compromise client data. Firewalls and server security applications, guaranteed uptime and availability, and disaster recovery all depend on the quality of the hosting provider. Furthermore, shared cloud services are not inherently redundant, so this capability has to be built into the system.
Finally, the cloud infrastructure can add layers of unnecessary complexity, the cost of which can be unpredictable: additional unanticipated expense can be associated with adding bandwidth or disk space, IP addresses, web hosting panels, and the like.
Environments Hosted on Physical Servers
In a hosting environment in a third-party data center, especially a dedicated environment (versus shared), a client’s data is stored on a unique server. As a result, performance remains consistently high, because there’s no impact from having to share resources with other clients. The server can also better handle spikes in volume during complex and voluminous data ingestion and processing activities, ensuring greater uptime and data availability. In addition, organizations can assess the security of their data center and make sure it has the appropriate certifications, such as ISO 27001 and Tier 3+ rankings for uptime, along with the proper physical, application, and user-level security measures required to protect high-value information. Clients can also exercise greater control over the server, so they can add customized programs, applications, and scripts to make their eDiscovery software utilization and workflow more effective. Even with all of these benefits, the costs of dedicated hosting should be predictable and fixed, so organizations can better plan their budget.
Not all data hosting environments are the same, and organizations and their counsel must carefully consider performance, security, scalability, and cost. Because of the benefits of dedicated environments hosted on physical servers for highly sensitive and confidential legal and compliance data, organizations and law firms are increasingly considering dedicated environments as part of a managed services solution.