1 THE WINDOWS MANAGER S GUIDE TO INSIDE: A Concerning the matter heretofore of the party of the first part in the aforementioned case notwithstanding, it can be argued that on a number of occasions over a period of time it should be noted that the provision of law so states that the plaintiff indicated he was guilty, so the defense rests ghh Kerberos, trusted third party, malware, phishing, access control, patch, information security, token, PGP, risk assessment, SSL, message authentication, PIN, firewall, passwords, external audit, NIST, key management, exploit, vulnerability, rootkits, worm. CHAPTER 2 Building bridges between IT shops, legal teams and security staff Preparation and collaboration are key for successful e-discovery.
2 CHAPTER 2 Building bridges between IT shops, legal teams and security staff A ONE OF THE toughest parts about creating an e-discovery strategy for the enterprise is that technology alone can t solve every problem. For IT executives, this means more than simply installing new search tools and -archiving software for Exchange Server or putting processes in place that help to do whatever it takes to create a SQL Server database that can be searched quickly if there is litigation. Before information was electronically stored, most paper records lived in corporate purchasing departments. Over time, they would typically move to an off-site storage facility. Today, data can be anywhere, plus the management of stored information is strategic to the corporation. There must be a staff member on hand with a skill set in both legal issues and IT. This is much easier said than done. It s hard enough for an IT executive to decipher legal jargon. Few have probably heard of a 30 (b) (6) witness, which is the person who testifies on behalf of a company in a deposition. IT executives also cannot sound like Merlin the wizard when giving technical recommendations to their legal counterparts. John Bace, a research vice president at Gartner Inc., the Stamford, Conn.-based consulting firm, recommends that before a problem darkens your corporate doorstep, make sure to set up a cross-departmental group, or steering committee. Members should not only include IT and legal but also, in some cases, security staff, depending on how the company is structured. Especially in the case of the large decentralized enterprise, there also needs to be a? WHAT IS... q Litigation hold: A litigation hold is when a company suspends its document retention or destruction policies for documents that may be relevant to a lawsuit that has been filed or that might be filed in the near future. q Information datamap: An electronically stored information data map is a written overview of electronic information for use by legal counsel when preparing for discovery in a court proceeding. 2 THE WINDOWS MANAGER S GUIDE TO
3 CHAPTER 2 A lawyer who is familiar with the enterprise IT architecture and topography. This is especially true following the Federal Rules of Civil Procedure that were revised at the end of Lawyers will be held to a higher professional standard in their understanding of IT policies, Bace said. You can t say, I don t know how IT works. That won t cut it. At Cox Enterprises Inc., the sprawling Atlanta-based media company has built a forensics unit that oversees e-discovery investigations. When Cox had to address an e- discovery request, staff from legal, IT and security which is external New rules specify role of electronic data in court to IT formed a litigation discovery team to resolve issues. The team picked one individual to be the e-discovery coordinator. This particular team and individual do all the collection, filtering and culling of files in most of the Cox business divisions, said Scott Steiner, privacy and information risk manager at Cox. Most other business units have minimal e-discovery requests, he added. Steiner said his team is usually brought in by general counsel, along with an IT advocate, who defines and assesses the project and then interviews everyone in litigation and in IT. The Federal Rules of Civil Procedure are regulations that spell out the procedures for civil legal suits within U.S. federal courts. The rules were established in 1938 and are frequently revised. The latest major revision was in 2006, when provisions were made for the handling of electronic records to accommodate electronic discovery. Under the new rules, parties are now required to address the issue of electronically stored data as well as any claims of privileged electronic information early in the proceedings in mandatory meet and confer sessions. The 2006 revisions acknowledge that electronically stored information is a fact of doing business and can be a trove of potentially useful data in a lawsuit. They also acknowledge that in a digital age where vast amounts of information are stored, litigants cannot be expected to produce anything anybody asks for. But because the new rules also leave open to debate what exactly constitutes reasonably and unreasonably accessible data, a company s electronic information system policies will be subject to legal scrutiny like never before. SEARCHCIO.COM 3 THE WINDOWS MANAGER S GUIDE TO
4 CHAPTER 2 A AND WHY OF A Employees need to know what the corporate litigation hold process is. Companies need to determine how a litigation hold will be issued, how to keep people from destroying documents and when to lock down records. Also, relevant backup tapes need to be taken out of rotation. After the litigation hold is issued, IT executives should then try to narrow its scope and determine how to start the data collection process, Steiner said. If you have a data map, this is the time to use it, he said. A main concern for Cox was related to the risk of data spoliation which refers to the preservation of data that can be used for discovery within an enterprise and establishing a chain of custody for that data. Pulling together a discovery request is expensive in terms of time and resources. IT executives should first determine if the request is feasible and if or how it can be mitigated. It is possible to negotiate. For example, if there is a request for all , that request might be too costly to produce. The team may counter-propose something that is reasonable and practical. Many times they accept the terms, Steiner said. The worst case is when IT offers information that is later ruled incomplete because what is produced was not the entire available data set, he said. L I T I G AT I O N D I S C O V E R Y R E S P O N S E P R O C E S S First internal awareness Issue internal litigation hold Discovery request by one party Court order issued Deliver response to the court Result review Archive database Search query User directory Discovery request Discovery depends on effective archiving Recent revisions require that litigants address electronic data issues early in the process. SOURCE: CONTOURAL INC. 4 THE WINDOWS MANAGER S GUIDE TO
5 The legal investigation is connected to the discovery request is connected to combing through terabytes of archived is connected to your clean bill of health is connected to Symantec Enterprise Vault, the comprehensive archiving solution that makes managing fast, efficient, and thorough Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and Enterprise Vault are registered trademarks of Symantec Corporation. Take control of your most important digital assets. Up to 5% of your company s intellectual property is in or instant messaging. Today, a typical ediscovery request can cost IT departments countless hours and dollars to recover the specific range of messages on time. Symantec Enterprise Vault facilitates the legal and business best practices of storing, managing, and discovering and other electronic files. So you re free to focus on the big picture. Learn more at symantec.com/enterprisevault Confidence in a connected world.
6 CHAPTER 2 A QUICK LIST OF Gartner s Bace recommends that, for their part, IT executives should develop an inventory of electronic information that could potentially be requested during a discovery process. Executives should know what is reasonably accessible and what is not. This is not just creating an electronically stored information (ESI) data map. You want to try to help the lawyer limit the scope of discovery from the other side, he said. Let the legal team limit the scope of discovery to the relevant custodians who are involved in the matter. For example, if it s a case involving product liability, e-discovery might be limited to those who helped develop the product. The other side will ask for any and all [ , instant messages and so on], and you don t want to do IT executives should develop an inventory of electronic information that could potentially be requested during a discovery process. that, he said. Bace also suggests that IT executives and lawyers create a nomenclature and define their terms so every- Data retention policies Gartner Inc. offers its recommendations on retention policies q Develop a reasonable Windows document retention policy that supports the business and gives authority to destroy information when it is no longer needed. q Communicate, educate and enforce document retention policies to ensure they provide value and reduce risk for the organization. q Use technology to automate whenever and wherever possible regarding document retention and management. q Strive for a collaborative environment with regard to e-discovery. Whenever possible, negotiate with adversaries to share the value and reduce cost. 6 THE WINDOWS MANAGER S GUIDE TO
7 CHAPTER 2 A? WHAT IS... a litigation support manager? one is in agreement. Also, work with the legal staff to create some metrics that illustrate terms such as volume and speed. It may be too much of a cost burden to collect all for January, for example. Perhaps something can be worked out that is more reasonable. The process for e-discovery has to be repeatable, defensible and transparent, Bace said. Get the facts on the table, get to the court room, and there everyone can beat themselves bloody. The costs and volumes that are associated with e-discovery are rising, and enterprises must recognize that there is huge value in organizing their information and data, Bace said. By taking a proactive approach to preparing for an e-discovery request, and by creating cross-departmental teams and a plan for document management, IT executives are in a good position to minimize their companies overall risk in litigation. NO MATTER HOW much extra training is involved, IT managers are not lawyers and lawyers are not IT managers. Both have separate and complicated jobs. But this combination of skills, plus a changing legal landscape, has created the need for a role in the IT department for someone with insight on the needs of both, according to Gartner Inc., which is tracking this emerging career path. The role of the litigation support manager is to oversee the creation and maintenance of the inventories, to keep track of e-discovery products and services, to act as the liaison for corporate counsel in e-discovery actions, and to carry out the process of litigation hold, among other things. Gartner experts say many of these specialists now work in law firms. Indeed, the role is more likely filled by a lawyer than an IT support professional because fewer IT pros are likely to know the law. Over time, however, that is likely to change as IT departments become more familiar with the demands of the law, according to the firm. The only training that anyone is likely to have today is on the job. Enterprises might cull early candidates from IT security, where some pros will know forensics tools, or maybe even regulatory agencies or from law enforcement. Margie Semilof THE WINDOWS MANAGER S GUIDE TO
8 CHAPTER 2 ABOUT THE AUTHORS: A Margie Semilof is the senior news director for TechTarget s Windows Media Group and is responsible for news coverage of the Windows platform. A high-tech journalist for more than 20 years, Semilof has written about a variety of technical topics ranging from hardware and software to telecom and networking. Kathryn Hilton has worked as an industry analyst for Gartner Group and for several large storage companies. She is currently a senior analyst for policy at Contoural Inc., a provider of business and technology consulting services that focuses on litigation readiness, compliance, information and records management, and data storage strategy. The Windows Manager's Guide to e-discovery is part of the Windows Manager Guide series from SearchWinIT.com. Marilyn Cohodas Editorial Director Christine Casatelli Editor Martha Moore Copy Editor Linda Koury Art Director of Digital Content Jonathan Brown Publisher Gabrielle DeRussy Senior Director of Sales 8 THE WINDOWS MANAGER S GUIDE TO
9 RESOURCES FROM OUR SPONSOR Learn more about Symantec Enterprise Vault Symantec Enterprise Vault 200 provides a software-based intelligent archiving platform that stores, manages and enables discovery of corporate data from systems, file server environments, instant messaging platforms and content management and collaboration systems. q Click here for a variety of white papers, case studies, testimonials and more. 9 THE WINDOWS MANAGER S GUIDE TO
INSIDE chapter 1 email -archiving project roadmap Email archiving: Ready to dive into email archiving? Try this four-phased approach to get your project up and running Planning, policies and product selection
Addressing the Abandoned Email Archive Risk WHITE PAPER Table of Contents 3 Executive Summary 3 Introduction 4 What are Email Archives? 4 EOL, Obsolete, and Abandoned Email Archives 5 The Risks and Costs
White Paper How Long Should Email Be Saved? Sponsored by Symantec, Inc. Copyright 2007 Contoural, Inc. Table of Contents Introduction... 3 Considering Email retention... 3 Can IT Set Email Retention Policy?...
Managing Information for E-discovery Readiness A Docula bs Wh i te Pa pe r 2009 Doculabs, 200 West Monroe Street, Suite 2050, Chicago, IL 60606 (312) 433-7793 firstname.lastname@example.org. Reproduction in whole or
White Paper Minimizing ediscovery Complexity Through Vendor Consolidation By Brian Babineau March, 2010 This ESG White Paper was commissioned by FTI Technology and is distributed under license from ESG.
INSIDE email archiving Planning, policies and product selection Defining an CHAPTER 2 email-archiving 03 What is the purpose of an email-archiving policy? 04 What qualifies as acceptable use? Implement
SearchExchange.com email archiving Planning, policies and product selection CHAPTER 5 Finding the right email-archiving product INSIDE 04 email-archiving products and services 05 of email-archiving products
Making Sense of E-Discovery: 10 Plain Steps for Producing ESI The following article provides a practical guide to producing electronically stored information (ESI) that lawyers can apply immediately in
E-Discovery Lessons from the Battlefield Mike Williams Wheeler Trigg O Donnell (Denver, CO) email@example.com 303.244.1867 http://www.wtotrial.com/michael-t-williams-1 Introduction Over the past 15
Special Advertising Supplement TEXAS LAWYER ROUNDTABLE SERIES ROSS CUNNINGHAM DAVID GRANT JULIE E. GRANTHAM APRIL 20, 2009 VOL. 25 NO. 3 Studies have shown that the average U.S. company faces more than
WHITE PAPER: EDISCOVERY AND LITIGATION READINESS Becoming Litigation Ready Through Proactive Information Governance OCTOBER 2008 Peter Pepiton II CA INFORMATION GOVERNANCE SOLUTIONS Table of Contents Executive
Records Management Best Practices Guide A Practical Approach to Building a Comprehensive and Compliant Records Management Program Protecting and Managing the World s Information. Since 1951, Iron Mountain
Issue 4 Handling Inactive Data Efficiently 1 Editor s Note 3 Does this mean long term backup? NOTE FROM THE EDITOR S DESK: 4 Key benefits of archiving the data? 5 Does archiving file servers help? 6 Managing
White Paper May 2006 Applying Electronic Records Management in the Document Management Environment: An Integrated Approach Written by: Bud Porter-Roth Porter-Roth Associates Table of Contents Introduction
Mergers, Acquisitions, Divestitures and Closures Records and Information Management Checklists By John T. Phillips March 2011 Project Underwritten by: ARMA International Educational Foundation Endowment
Best Practices for Cloud-Based Information Governance Autonomy White Paper Index Introduction 1 Evaluating Cloud Deployment 1 Public versus Private Clouds 2 Better Management of Resources 2 Overall Cloud
The Impact of Electronically Stored Information on Corporate Legal and Compliance Management White paper The impact of electronically stored information on corporate legal and compliance management: An
Ville-Pekka Peltonen Software Asset Management Current state and use cases Helsinki Metropolia University of Applied Sciences Master of Business Administration Master's Degree Programme in Business Informatics
ICC CYBER SECURITY GUIDE FOR BUSINESS ICC CYBER SECURITY GUIDE FOR BUSINESS Acknowledgements The ICC Cyber security guide for business was inspired by the Belgian Cyber security guide, an initiative of
Cyber-Security Essentials for State and Local Government Best Practices in Policy and Governance Operational Best Practices Planning for the Worst Case Produced by with content expertise provided by For
hottopic ARMA International s MAKING THE JUMP TO THE CLOUD? How to Manage Information Governance Challenges www.arma.org Governance for Protecting Information in the Cloud Barclay T. Blair If your organization
The Growing Importance of E-Discovery on Your Business! An Osterman Research White Paper Published June 2008 SPONSORED BY!! Osterman Research, Inc. P.O. Box 1058 Black Diamond, Washington 98010-1058 Phone:
BELGIAN CYBER SECURITY GUIDE PROTECT YOUR INFORMATION This Guide and the accompanying documents have been produced jointly by ICC Belgium, FEB, EY, Microsoft, L-SEC, B-CCENTRE and ISACA Belgium. All texts,
ediscovery and Information Governance Practice Overview ediscovery and Information Governance Electronic discovery, or ediscovery, is increasingly changing from the exception to the norm in modern litigation.
The Impact of Electronic Discovery on Corporations? Michael J. Powell L. Clint Crosby Look How Far We ve Come ESI ESI = Electronically Stored Information Any information that is stored in a medium from
Brochure Best practices for cloud-based information governance Autonomy Cloud solutions Information governance in the cloud Key advantages to cloud computing Cloud computing alleviates adoption complexity,
Commonsense Electronic Discovery Planning: How to Help Your Client Meet Its Electronic Production Obligations By Elleanor H. Chin and Scott E. Warnick Reprinted with permission from The Oregon State Bar