[baobun]

> and you can't self-hosted email because sender reputation is too important in business.

It is not uncommon to self-host everything except the outgoing sending. So you can mostly bring it all home without tackling sender reputation.

> Freshdesk. Can't exit because: we could get off the ticketing system, but the knowledge base is hosted here as well, and that's publicly accessible.

This can be done. The knowledge base sounds like some of the easier things to migrate tbh.

Why the need to go to paper filing? Airgapped servers are a middle ground.

But I guess your deeper issue is one of organizational culture norms, not of technical limitations or challenges...

Which I hope can be encouraging. It's all doable if you (plural) actually want it.

One path is to start with setting up contingency systems. Continously sync all mail to your own infra so you can access mailboxes even if o365 is unavailable. Mirror the knowledge base. Forward ticket mails to a duplicate archive (obviously potential caveats around PII and security here).

[jazzyjackson]

I’m on Team Airgap but I would expect that bringing on dedicated devops staff to maintain internal systems would blow away any cost savings and leave you at higher risk for downtime if the one Linux Wizard you hired to set it all up leaves for greener pastures. At least the SaaSs have a higher bus factor.

And then you have your security risks of duplicating your access control. So you mirror all your employees emails, now you have to make sure only administrators have read access and avoid ever exposing that system to the internet and prevent exfil.

I’m thinking of how to do this for a friends company and the amount of stuff that a SaaS takes care of is staggering. Right now I’m stuck on learning to be my own root CA to distribute client certificates for mTLS so I can avoid relying on third party SSO/auth.