Post Process

Everything to do with E-discovery & ESI

Archive for October 16th, 2007

Companies are taking Forensics in-house

Posted by rjbiii on October 16, 2007

According to an article posted by Dark Reading, (annoying ad warning) IT departments are doing more of the intrusion investigations, and other tasks traditionally outsourced to experts, themselves.

If you think finding out who did what with your data always means calling in high-priced spooks armed with arcane software, think again. The trend is toward placing the power to handle investigations in the hands of enterprises themselves. Why? With security incidents, e-discovery and litigation on the rise across all industries and organizations of all sizes, having tools in-house allows IT to mobilize quickly and address situations before there’s significant impact.

The forensics software landscape has also gotten more inclusive, with enterprise-class investigative tools in the pipeline along with log-analysis software, network monitors, and systems that can aid in investigations and e-discovery involving e-mail. Many of these do double duty, making them easier sells come budget time.

The article also discloses that Guidance Software, producer of EnCase, will soon get a little more competition:

In the forensics space, at least two upstarts are set to rival the enterprise edition of Guidance Software’s Encase, the granddaddy of investigative toolsets. By year’s end, security services provider Mandiant will step into the enterprise incident response arena with its Intelligent Response appliance, and AccessData is also prepping an offering, due in the first half of next year, that will encompass forensics, incident response and e-discovery.

I’m not sure what a product that encompasses “forensics, incident response and e-discovery” will look like (seems like it might be taking too big a bite of the cookie), but I’m willing to reserve judgment for now.

Posted in Articles, Computer Forensics, Computer Security, Discovery | Tagged: , , , , | Leave a Comment »

Kroll Ontrack has new tool for erasing data

Posted by rjbiii on October 16, 2007

Kroll Ontrack has issued a press release saying that the company has developed a new, “enterprise-wide erasing” product.

Helping companies protect against security breaches and comply with laws and regulations regarding data retention and privacy, Ontrack Eraser deletes all traces of information stored on targeted media, making recovery impossible.

If it does all the press release claims, it will be a highly useful tool.

Posted in Articles, Data Management, Document Retention, Tools | Tagged: | Leave a Comment »

Managing Resources while Complying with Rules: Depend on the Employee?

Posted by rjbiii on October 16, 2007

Doesn’t sound like a good idea to me, nevertheless, it seems to be a recommended approach suggested by an article on data governance by DM Review.

Like all governance efforts, IT and the business must work in tandem to identify responsibilities as they pertain to content vulnerabilities. Just as executive management and legal personnel need IT’s help in realistically understanding retention technology capabilities, IT will require clear guidance on what system controls to implement per corporate document retention policy. Companies must have the collective will to discuss and prioritize email governance issues and be proactive in addressing retention policies before a legal action or unauthorized dissemination of classified information puts the enterprise at a competitive disadvantage. Most importantly, employees company-wide must be familiar and comfortable with general email and document retention policies if such directives are to achieve uniform success across the enterprise.

On the face of it, I don’t disagree with the passage above, however, I do feel that by depending upon individual employees for compliance is a recipe for disaster. Any document management system must be able to take the responsibility of compliance-based retention (whether it be for regulatory or legal reasons) out of the hands of individuals, and into a process-based system that is strictly followed (whether by automation or policy). Such a system is easier to defend and produces better results.

Posted in Articles, Best Practices, Data Management | Leave a Comment »

Survey: Corporate Litigation down in U.S., up in U.K.

Posted by rjbiii on October 16, 2007

According to an annual survey sponsored by Fulbright & Jaworski, U.S. companies are defending, and filing, fewer lawsuits:

Based on interviews with in-house counsel at 250 major U.S. corporations, 17 percent of respondents said their companies had escaped the past year without having to defend a single new lawsuit, up sharply from only 11 percent in 2005-06.

American corporations also appear to have backed off as plaintiffs – 65 percent of respondents said their company had initiated at least one lawsuit in the past year, down from more than 70 percent a year ago and an even steeper drop from 2004, when 88 percent of U.S. companies said they had initiated litigation.

Our brethren in the U.K. have not been as fortunate:

By contrast, U.K. companies have experienced significant increases in both [regulatory and judicial] categories.

The news isn’t all good (or bad, depending upon your perspective); the number of product liability and patent suits are still climbing.

Posted in Articles, Trends | Tagged: | Leave a Comment »

E-Shredding: The View from Down-Under

Posted by rjbiii on October 16, 2007

Australian IT looks at the challenges posed by electronic discovery, and briefly compares the U.S. and Australian responses.

US courts have taken a dim view of failure to produce electronic documents in a timely fashion. Morgan Stanley faced a mind-focusing $US1.45 billion bill – including $US850 million in punitive damages – in a 2005 case. (Although the judgement was overturned in March, it is still subject to appeal.)

Other corporations penalised over electronically stored information non-compliance include UBS Warburg ($US29 million), Microsoft ($US27 million) and Philip Morris ($US2.75 million).

In Australia, the Victorian Supreme Court became the first to make a move, introducing an e-litigation Practice Note in February.

The note deals with the use of technology in litigation, including the electronic exchange of court documents, discovery lists and discovered documents. At present the note applies when the parties agree to it, or subject to a court order.

The article concludes that courts in Australia have not yet come to appreciate the “scale of the problem posed by ESI.” That may be, but a news report out of the country announce that new rules for handling electronic discovery will be released before Christmas.

Seamus Byrne, director of forensic technology at Vincents Chartered Accountants and a member of the court’s working party on e-discovery, said the planned Practice Note would be a turning point.

It is expected to emulate the US model, the 2006 Federal Rules of Civil Procedure, which imposes strict obligations on companies on their handling of electronically stored information and ensuring its availability for commercial litigation.

Mr Byrne said the revised note “will bring e-discovery to the masses”, and re-level the playing field that has in recent years been skewed in favour of large corporations and top-tier law firms.

Posted in Articles, International Issues, Trends | Tagged: | Leave a Comment »