Whilst the Freeform Dynamic research identified a group of ‘Elites’ who appear to be making all the right moves, after talking to customers and prospects from the legal community at this week’s Strategic Technology Forum 2013, there are still huge differences of opinion on what constitutes best practice.  Nathan Hayes, IT Director at Osborne Clarke, and I, hosted a round table discussion around the data fragmentation issue earlier today, and it became clear that views are polarized.

Dropbox, and the other popular ‘consumer cloud’ services, are not the only source of information fragmentation, but they frame a nice emotive subject with which to start a good conversation. Everyone agrees that the use of these tools in the enterprise is a threat to IT’s ability to manage sensitive information.  But opinions are split on the solution to the problem.  On the one hand, there’s a view that we can’t outlaw the likes of Dropbox, and instead we need to accommodate it – and similar tools like Evernote or Box.net – via a variety of different strategies.  On the other, there’re those who feel that consumer clouds should simply not be allowed in the enterprise.

Mimecast will provide a folder where users can drop important work documents from Box/Dropbox, etc. Those documents are in the archive, subject to DLP policies, fully compliant and discoverable

Both Gartner and Forrester have started to define a nascent market for what they call ‘File Sync and Share’ services, but from what I’ve read, both are advocating very different solutions.  Interestingly, Gartner calls this category Enterprise File Sync & Share (EFSS), by definition ruling out anything that’s not ‘enterprise-grade’.  And in line with that piece of context setting, Gartner (1) states in a recent report, “implementing an EFSS service can be a significant challenge, as IT organizations race to shepherd their rogue employees away from consumer-oriented services into a controlled environment suitable for enterprise data sharing. Although creating an easy-to-use EFSS solution can be an urgent and a high priority, enterprise IT should be keen to embrace solutions that also provide robust features, such as enhanced security, identity management, unified dashboards and content management.”  Users of consumer cloud services are considered ‘rogue’.  Forrester Research, Inc. (2), in complete contrast, says that any attempt to block personal cloud services and implement enterprise-grade alternatives will fail.  To quote from the report, “we predict that IT will create application programming interface (API)-style connections with employees’ personal cloud services in a fashion similar to business-to-business (B2B) integration.”

As the co-host of today’s discussion, I naturally had to stay on the fence and keep my own bias to myself.  But now that’s done and dusted, what would I – or Mimecast as an Enterprise software vendor – propose?

I think the remedy comes in two distinct stages, and we’re providing technology for both.  First of all, we need some damage limitation.  It may not be feasible to outlaw the use of Dropbox.  It’s a popular tool and corporate IT doesn’t necessarily have off the peg alternatives with ‘Enterprise-Grade’ stamped on them. Just a simple use case – needing to send a large file – is often enough to send a user to the dark side.  So let’s deliver IT a tool that provides a compliant framework for use of consumer clouds.  We’ll give you a Mimecast folder, into which your users can drop important work documents from Box/Dropbox, etc.  And once there, those documents are in the archive, subject to DLP policies, fully compliant and discoverable, and we can all sleep a little better at night.

If that’s phase one, then phase two is what we at Mimecast call ‘encroachment’.  It’s a polite way of saying we can obviate the need for something altogether.  I doubt Dropbox execs will be quaking in their shoes at this news, and we doubt very much we’ll put them out of business.  But if we can provide EFSS solutions for our customers and their end users that do the job for both sides, then slowly but surely, we can bring users back into the fold.

Even then, it probably wouldn’t be smart to ‘outlaw’ these popular services.  Rather, by providing strong, usable, viable alternatives, the compelling use cases for them will fade away.

The Enterprise Fights Back?  Perhaps, but it won’t be shock and awe.  More subtle persuasion.

It may not be feasible to outlaw Dropbox…IT doesn’t have off the peg alternatives
Click To Tweet

(1)  Use These Best Practices to Deploy a Private Enterprise-Class File Sync and Share Service.  Published 26 March 2013.  Gene Ruth, Arun Chandrasekaran, Gartner Inc.

(2) The Coming Integration of Personal Cloud Services And Enterprise Apps. Published 21 March 2013. Frank E. Gillett, with Christopher Mines and Michael Yamnitsky, Forrester Inc.

Mark Bilbe, Mimecast’s General Manager, NA – opens our new bigger U.S HQ in Boston

We’re seeing lots of opportunity in the U.S. and expect to double in size to over 200 employees here by the end of the year, making the U.S. represent 35 percent of our global team. 30 percent of this growth will come from adding new Mimecasters to the team in Boston. If you’re interested in joining us then check out our opportunities here.

Our new office is at 480 Pleasant Street in Watertown in the former Boston Scientific Building, and is over 90 percent bigger than our previous space in the Waltham Watch Factory. We’ve a 152-seat auditorium and an open floor plan complete with several meeting rooms and demo rooms to help promote open collaboration.

While designing the new space, we also wanted to provide several wellness options for Mimecasters and the new office includes a relaxation area, yoga and workout studio, a wellness room for personal use and an on-site wellness expert to help address employees’ health questions and needs. Supporting our team in getting a good work-life balance is important to us – we hope that the combination of a beautiful working environment with these additional lifestyle elements will make Mimecast a fun place to work and build a career.

Mimecast Expands Boston U.S. Headquarters and Plans 30 Percent Local Headcount Growth in 2013
Click To Tweet

As you’d expect, like any business, Osborne Clarke is affected by macro-trends like BYOD and social media. But for me another force is equally as potent in driving this change – increasing client expectations.

In recent years, the margins of success and failure have become even finer meaning we’re constantly looking for that extra degree of responsiveness or productivity that can give us the advantage.

The old adage time is money has never been more front of mind – and our role in legal IT is to strike the fine balance between enabling users to take advantage of new technology services while still satisfying compliance-related requirements such as eDiscovery.

How fine is that balance? Well, it could be a matter of minutes. For example, if an eDiscovery system is easy to use – taking the searcher minutes rather than hours or days – it is convenient. But, considering this ease-of-use means the system can then be rolled out to individuals to run searches themselves, the right choice of system can have a significant impact on productivity and free up a huge chunk of time for the IT team to focus on where the firm can benefit most: adding strategic value.

As an international, full service law firm we like to think we strike that balance pretty well. For example, we were early to recognize that moving away from a bespoke IT architecture to a SaaS approach would save us money and give us the time back we needed to deliver what the business now considers to be most valuable.

But even in our position I feel both cautious and optimistic about the challenges ahead.

Finding the right balance in the legal sector is different to most, for example if emails aren’t captured at the gateway, you won’t have the crucial evidence on dates of transmission or receipt which could mean the difference between winning and losing an important case or dispute.

Successfully driving an IT strategy is built on a combination of long-sighted thinking around the way in which legal firms are growing and hard-won experience of what works for our sector (like my example above).

And even though we’re facing the same trio of unstoppable forces as most IT departments (downward cost pressure; increasing complexity of data and rapidly rising user expectations), I believe if the right strategic decisions are made, we can reinvent how the IT team integrates within the firm and elevate the value that we bring.

Personally, it’s a challenge I’m looking forward to.

As we expected data fragmentation is a very pressing issue for customers – and not just from a technology or IT infrastructure perspective. 82% of respondents see their business decision making being hampered or hurt as a result of data fragmentation.

82% see business decision making hurt by data fragmentation. 93% struggling to control corporate data. 83% see security risks as data is spread across corporate or ‘Shadow IT’ networks.

Fragmentation of corporate data across their IT infrastructure and the emergence of a ‘Shadow IT’ network of user devices or consumer cloud services outside their control, is also putting their organizations at risk. 83% are concerned about the security of their corporate data as it’s increasingly dispersed across their network and outside.

That’s not all. Getting the situation under control is also proving difficult with 93% saying that tracking and managing critical corporate data is now a big challenge. And of course it’s also driving up management and infrastructure costs – 84% highlighted that costs were a concern and many feel they’ve lost control of this.

Today’s CIOs are much less managers of IT real estate than custodians of corporate data. Their focus is on securing the all-important data, storing and managing its cost effectively, and then making it work harder for both end users and the business as a whole. This task is tough enough with information being siloed around the enterprise but when you add in consumer devices and ‘personal cloud services’, it becomes almost impossible for a CIO to really know where valuable corporate information is being stored. On the one hand, it’s hard to stop the use of these services, but on the other there’s no question that they represent a genuine security and compliance risk for IT.

The small number of expert or elite respondents in this survey show that there’re ways to tackle data fragmentation, and if policies and technologies are adopted before the problem becomes too widespread, it’s still quite possible to harness the data for the benefit of the business. It’s also clear that archiving solutions like Mimecast’s own can play a major role here, enforcing DLP and retention policies, fulfilling compliance requirements and giving the CIO a single view of all the critical corporate data.

Here are some of the key findings but find out more here:

• 82% of IT managers see decision making hampered by data availability issues and 77% by data inconsistency.
• 93% are struggling to control critical corporate data. 84% believe storage costs are running out of control.
• 83% see security risks as their corporate data fragments across the private and public network, with 38% already experiencing the issues acutely.
• 92% see email as a common means of storing and sharing critical data within corporations. 62% say that local offline email stores – for example, PSTs on desktops, are frequently used for storing business information – compounding the risk.

"82% of IT professionals see their business decisions being hurt by data fragmentation"
Click To Tweet

I mean let’s face it, ever since Microsoft announced its new operating system it had more than its share of critics appearing from every corner of the globe offering up their opinions (much like I’m doing now).

Microsoft has released screenshots confirming the return of a Start button to Windows 8

I don’t understand what the negativity is about.

I’m a Windows 8 professional user and I’ve been very happy with my upgrade from Windows 7 to Windows 8.

Before I continue, I just want to clarify a few things about myself and my history with Operating Systems because I’m not like the average user.

Like most, my first OS was a Microsoft OS (DOS 3.1 to give you an idea of my age) and I stayed within the Microsoft ecosystem for many years until one day in 1998 I decided to run a test to see if Linux was ready for the desktop. That test failed miserably but it instilled a love of all things Linux in me which I still have today.

In 2000, I moved to a fulltime Linux desktop as all the work I was doing was consulting and working around Linux systems. This continued to 2004 when a consulting project I was involved in required documents to be created in Office 2003 (Project and Visio). At that point I migrated from SuSE Linux 9.1 to Windows XP with Office 2003. That project completed and in 2005 I started working at Mimecast. My machine stayed on XP as I didn’t have the time to dedicate to migrate my data again.

My work at Mimecast brought me closer to Microsoft Exchange and Outlook and when they released Windows Phone I was excited to see what their re-imagining of the user interface would be like. The change from my BlackBerry Bold 9000 to the HTC HD7 was remarkable. Never before had I handled a phone that was so intuitive, user friendly and functionally useful to me. Sometime later I got “upgraded” to an iPhone 4s and – in what my wife and many others thought was a backwards step – I returned the iPhone and went back to WP7, this time to a Nokia Lumia 800. The iPhone wasn’t anywhere near as user friendly and intuitive as the Windows Phone was for me.

So when Microsoft announced Windows 8 and that it would be a similar experience to the Windows Phone, I was intrigued. I soon had a Lenovo Twist, a nice little machine with a touch screen that folds over and turns the laptop into a tablet and I began using it and reporting back to the IT department any problems I had or things I thought might be problematic for us as an organization to support.

I love being a guinea pig.

Anyway, barring basic issues like desktop AV clients not yet properly supported and drivers for my obscure Boogie Board Rip not yet working properly, everything has worked pretty much perfectly from day 1.

Yes, I’m not a basic user, but I ‘m a person who uses a lot of applications and is constantly moving between them. I’m someone who should, if the people who cry about the lack of start buttons and booting to desktops are to be believed, be miserable with this new OS.

Nothing could be further from the truth.

All in all, my life hasn’t really changed. I use the machine almost exclusively in desktop mode. Not because I don’t like the apps in the new UI, but because the tools I use on a daily basis are all on my desktop. I use Outlook, not the mail app, I use Word, not some note app, I use Excel not some calculator that can be obtained from the marketplace.

When I start up, I get dropped into the new start screen. Shock and horror, in order to begin my day I do what I’ve ALWAYS done. I start my mail client, Outlook. This is done by clicking or tapping the Outlook tile that I’ve positioned neatly in my direct line of sight on the start screen. Outlook starts and takes me into desktop mode.

I don’t miss the start button at all and it amazes me how much attention this insignificant little feature is getting. The start screen easily replaces the start button but if I am too lazy to jump around, I just use shortcuts. My taskbar in desktop mode has shortcuts to all my frequently used apps on it. (Microsoft have just announced that Windows 8.1 will include a start button but no start menu, among other much more exciting features but more on that later).

Both in my home office and my work office I’m connected to external displays and in almost every instance of using the machine I’m working with my keyboard and mouse.

My son uses the touch interface to play games. I don’t play games on this, I prefer to save the battery for more boring things like connectivity and spreadsheets.

That’s not to say I don’t go into the new UI ever because I do. My password management app is in the new UI.

So let’s recap.

I can do everything I need to do.

I don’t care that I’ve no start button because it doesn’t impact me in any way.

I work in desktop mode all day and the start screen doesn’t magically stop me being able to do this.

I switch between new UI and desktop all the time and I haven’t gone crazy.

So why’s everyone so anti this new operating system?

Beats me!

Dallas, Texas – Mimecast has a new 3,000 square foot office, situated in the Las Colinas area which is home to nearly 2,000 companies including several Fortune 500 headquarters.

In Dallas we have a new 3,000 square foot office at 222 W. Las Colinas Boulevard in Irving, Texas and this is led by Marcus Conroy, Director of Sales. The office is situated in the Las Colinas area which is home to nearly 2,000 companies including several Fortune 500 headquarters.

In Chicago we are in a 2,000 square foot space located in the heart of River North at 212 W. Superior Street. This team is led by Garrett Weliever, Director of Sales who has extensive experience in the Chicago region and will build on existing partners and customers in the area.

And in San Francisco we have outgrown our existing location and have a new 3,800 square foot SOMA office space on 301 Howard Street led by Matthew Lane, Director of Sales.

We have seen incredible customer, partner, revenue and employee growth within the U.S. We are very proud of what our team has achieved so far and we see considerable opportunity to grow in the future. We are expanding our U.S. team to meet customer and partner demand for our technology. These new teams and offices mean we can extend our existing regional relationships significantly and solidify our presence in these strategic regional markets.

The channel world (and a quivering Ross McSorley) has been watching his progress and will know by now that Dave is one to watch.  Nothing has been left to chance. Boxing is a sport that requires the greatest of skill, strength and accuracy. But it also demands the greatest of psychological will power and discipline, and for that reason we’ve even drafted in Mimecast CEO, Peter Bauer, for a final training check, too.

Dave has promised to deliver the fight of his life, and you can see for yourself where that confidence comes from by following him on his journey to becoming a fighting legend on Twitter.  I’m sure you’ll agree, Dave means business!

In addition to the personal glory, he has a Mimecast track record to preserve; Fight Night fans may remember our 2012 fighting legend, none other than Dave ‘The Doctor’ Rodger, so we’ll be looking for a double Dave win!

Remember that Dave, along with all the other Warriors, is fighting for charity (Dave is fighting for the Roy Castle Lung Cancer Foundation) and these guys have all given up a huge amount of personal time to prepare for this event, so let’s show our appreciation by digging deep to donate to these very worthy causes.

We wish all the fighters the best of luck as the final countdown to tomorrow evening begins and, remember, there’s still time to vote for your Ultimate Fighter!  Many of you will be aware of how hard your fellow colleagues have trained over these past months, so now is the time to nominate them for this accolade, the winner of which will be officially recognised on the night.

Seconds out – this is going to be a great night…look forward to seeing you there!

Firstly, it’s important I tell you that our service is fully restored and back to normal operations. There will, no doubt, be a few isolated issues to fix here and there, and we’re continuing to address those now. From a service point of view – all our UK data centres are functioning normally and all processing clusters are fully operational in fully resilient mode. Remote device and application services (MSO and mobile) are up and running normally as are archiving indexes and functions.

It’s also important to know that long term data was not damaged during this incident. A very small number of customer emails bounced back to the senders for retry where delivery was not an option.

So – our services are fully recovered, and all of the data we keep for customers is where it should be.

Let me now take this opportunity to outline the key technical facts behind the incident, and the key learnings we’ll be taking forward from here.

What Happened?

We are working through the formal incident report now and we’ll be delivering it directly to customers on Tuesday 21st May.

The incident summarises as follows:

At 10:38BST on Thursday morning, a high availability core switching solution within our Woking UK data centre failed. It’s important to know that our platform software didn’t cause this issue. Our network engineers tried to revive the switching solution, but finally conceded that it could not be recovered and that the Woking DC was offline. At that point we invoked our full data centre failover process so that we could operate from another UK data centre.

We fully completed the failover process by around 14:00 on the same day and customer emails began flowing some time before that. Three hours is a long time in terms of email backlog, and it took some time for email backlogs to work through so some customers still experienced delayed emails into the evening.

Knock-on Issues

Some customers were only configured to deliver outbound emails via our Woking data centre, so we had to work with these customers to ensure that their settings were correct before we could get their emails flowing again. Also, some residual DNS issues affected the delivery of email, having a small knock on effect on a number of North American customers. DNS issues were resolved over the course of the day.

Will It Happen Again?

Like any cloud vendor, we live in the knowledge that at some point, one of our data centres worldwide can fail. After all – that is why we have several of them in a mirrored configuration for every region. We would have expected to recover from such a failure very quickly by using the redundant capabilities we have built into the platform’s design. This case was different as it is the first time that a data centre could not be recovered within a short period of time.

Moving forward, we continue to assume and plan for the eventuality of a volume data centre failing again for any number of reasons – because it will happen. It’s what we do when that happens that matters. We have spent 10 years building software that is able to withstand this kind of catastrophic event – but we need to tweak our services and procedures so that event doesn’t cause us or our customers significant pain.

We are scoping out significantly improved failover processes, which we think could reduce the downtime caused by a single DC failure by as much as 90%, and eliminate the knock-on effects entirely.

It’s important to note that the design of our service is good, and we will not need to rewrite significant parts of our code to deal with this kind of incident in future. Most of the systems did exactly what we designed them to do – which is why we had a 3 hour total outage as opposed to a total outage lasting 8 or even 12 hours as we have seen with some other cloud service providers.

As painful as this event has been, it has undoubtedly made us stronger technically. We now know the realities of this kind of scenario first hand. It’s a hard way to learn, but it has also set in motion many adjustments that will mean that we can deal with disaster scenarios even more quickly. This gives me confidence in our future ability to deliver our service to customers no matter what.

Finally, I would like to add my apology to Peter’s and thank you all for your patience while we dealt with the incident.

Yesterday I referred to a 3-hour window of ‘outage’, between 11am and 2pm, from the moment the failure happened to the moment we completed failover to the second data centre. I was, of course, talking about the outage from one particular angle – how long did it take us to failover an entire data centre before we were able to start bringing customers’ services back up.

Of course, when the blog went live, some customers thought I was shutting down the issue and pretending the crisis had only lasted three hours. I wasn’t trying to mislead or underplay it, but I understand how it might have looked that way.  And for that, I apologise.

For several customers it wasn’t a three-hour problem, it’s been an ongoing problem and although most services are working normally, we can’t put this to bed until the second data centre is fully back in sync, operating normally. You’ll hear from us as soon as that is the case.

The second issue I’d like to take the opportunity to address, and which has received a lot of attention on Twitter and in the media, is our 100% availability SLA. There is some suggestion that a 100% SLA is impossible, because there’s always a chance a service will go down. What it really means to us is a commitment to a level of service we are willing to be held accountable for.  Anything less, and we pay for the short-fall. We give the 100% SLA not because we think we are infallible but because zero downtime is something so important to our customers and us we believe we should stand up for it as the gold standard to aspire to. And be accountable in the event we don’t meet it.

Most cloud service providers don’t want to accept that level of accountability (and the cost) with customers. It is a very rare event at Mimecast but we were reminded failures can happen the hard way yesterday, after 10 years of consistent service. Yesterday we fell below that standard. We are sorry about that and will be working with customers affected by yesterday’s outage to arrange SLA compensation.

Mail Flow and Routing

All UK odd and even numbered grid hosts are now processing email as normal. Residual queues and some slowness caused by processing backlogs may continue to persist throughout the day, but in decreasing numbers.

Other Services

There may be some continued slowness in other services provided by Mimecast Services for Outlook, Mimecast Services for Exchange as well as archive searches. This slowness is caused by the accelerated processing of the email backlog, we are aware of this problem and are working to reduce its impact throughout the day.

USA Issues

Some of our North American hosted customers have experienced problems with the DNS resolution of MX Records for outbound email. This has been resolved and we continue to monitor the situation.

Isolated Issues

We are still receiving reports of some isolated issues due to local configurations. If you are experiencing any continued problems with email delivery or AdCon please contact our Service Delivery team at support@mimecast.com

What Next?

We will be making an Incident Report available shortly, which will be sent to all affected customers and Partners.

Our Customer Experience teams are taking proactive steps to contact all our affected customers in the coming days and to honour of SLA obligations.

Thank you again for your patience during this incident, we are very sorry we failed to live up to your expectations and will keep you updated as to how we are working hard to ensure this never happens again.

The Mimecast Team