Preparation and collaboration are key for successful e-discovery. CHAPTER 2. Concerning the matter heretofore of the party of

Transcription

1 THE WINDOWS MANAGER S GUIDE TO INSIDE: A Concerning the matter heretofore of the party of the first part in the aforementioned case notwithstanding, it can be argued that on a number of occasions over a period of time it should be noted that the provision of law so states that the plaintiff indicated he was guilty, so the defense rests ghh Kerberos, trusted third party, malware, phishing, access control, patch, information security, token, PGP, risk assessment, SSL, message authentication, PIN, firewall, passwords, external audit, NIST, key management, exploit, vulnerability, rootkits, worm. CHAPTER 2 Building bridges between IT shops, legal teams and security staff Preparation and collaboration are key for successful e-discovery.

2 CHAPTER 2 Building bridges between IT shops, legal teams and security staff A ONE OF THE toughest parts about creating an e-discovery strategy for the enterprise is that technology alone can t solve every problem. For IT executives, this means more than simply installing new search tools and -archiving software for Exchange Server or putting processes in place that help to do whatever it takes to create a SQL Server database that can be searched quickly if there is litigation. Before information was electronically stored, most paper records lived in corporate purchasing departments. Over time, they would typically move to an off-site storage facility. Today, data can be anywhere, plus the management of stored information is strategic to the corporation. There must be a staff member on hand with a skill set in both legal issues and IT. This is much easier said than done. It s hard enough for an IT executive to decipher legal jargon. Few have probably heard of a 30 (b) (6) witness, which is the person who testifies on behalf of a company in a deposition. IT executives also cannot sound like Merlin the wizard when giving technical recommendations to their legal counterparts. John Bace, a research vice president at Gartner Inc., the Stamford, Conn.-based consulting firm, recommends that before a problem darkens your corporate doorstep, make sure to set up a cross-departmental group, or steering committee. Members should not only include IT and legal but also, in some cases, security staff, depending on how the company is structured. Especially in the case of the large decentralized enterprise, there also needs to be a? WHAT IS... q Litigation hold: A litigation hold is when a company suspends its document retention or destruction policies for documents that may be relevant to a lawsuit that has been filed or that might be filed in the near future. q Information datamap: An electronically stored information data map is a written overview of electronic information for use by legal counsel when preparing for discovery in a court proceeding. 2 THE WINDOWS MANAGER S GUIDE TO

3 CHAPTER 2 A lawyer who is familiar with the enterprise IT architecture and topography. This is especially true following the Federal Rules of Civil Procedure that were revised at the end of Lawyers will be held to a higher professional standard in their understanding of IT policies, Bace said. You can t say, I don t know how IT works. That won t cut it. At Cox Enterprises Inc., the sprawling Atlanta-based media company has built a forensics unit that oversees e-discovery investigations. When Cox had to address an e- discovery request, staff from legal, IT and security which is external New rules specify role of electronic data in court to IT formed a litigation discovery team to resolve issues. The team picked one individual to be the e-discovery coordinator. This particular team and individual do all the collection, filtering and culling of files in most of the Cox business divisions, said Scott Steiner, privacy and information risk manager at Cox. Most other business units have minimal e-discovery requests, he added. Steiner said his team is usually brought in by general counsel, along with an IT advocate, who defines and assesses the project and then interviews everyone in litigation and in IT. The Federal Rules of Civil Procedure are regulations that spell out the procedures for civil legal suits within U.S. federal courts. The rules were established in 1938 and are frequently revised. The latest major revision was in 2006, when provisions were made for the handling of electronic records to accommodate electronic discovery. Under the new rules, parties are now required to address the issue of electronically stored data as well as any claims of privileged electronic information early in the proceedings in mandatory meet and confer sessions. The 2006 revisions acknowledge that electronically stored information is a fact of doing business and can be a trove of potentially useful data in a lawsuit. They also acknowledge that in a digital age where vast amounts of information are stored, litigants cannot be expected to produce anything anybody asks for. But because the new rules also leave open to debate what exactly constitutes reasonably and unreasonably accessible data, a company s electronic information system policies will be subject to legal scrutiny like never before. SEARCHCIO.COM 3 THE WINDOWS MANAGER S GUIDE TO

4 CHAPTER 2 A AND WHY OF A Employees need to know what the corporate litigation hold process is. Companies need to determine how a litigation hold will be issued, how to keep people from destroying documents and when to lock down records. Also, relevant backup tapes need to be taken out of rotation. After the litigation hold is issued, IT executives should then try to narrow its scope and determine how to start the data collection process, Steiner said. If you have a data map, this is the time to use it, he said. A main concern for Cox was related to the risk of data spoliation which refers to the preservation of data that can be used for discovery within an enterprise and establishing a chain of custody for that data. Pulling together a discovery request is expensive in terms of time and resources. IT executives should first determine if the request is feasible and if or how it can be mitigated. It is possible to negotiate. For example, if there is a request for all , that request might be too costly to produce. The team may counter-propose something that is reasonable and practical. Many times they accept the terms, Steiner said. The worst case is when IT offers information that is later ruled incomplete because what is produced was not the entire available data set, he said. L I T I G AT I O N D I S C O V E R Y R E S P O N S E P R O C E S S First internal awareness Issue internal litigation hold Discovery request by one party Court order issued Deliver response to the court Result review Archive database Search query User directory Discovery request Discovery depends on effective archiving Recent revisions require that litigants address electronic data issues early in the process. SOURCE: CONTOURAL INC. 4 THE WINDOWS MANAGER S GUIDE TO

5 The legal investigation is connected to the discovery request is connected to combing through terabytes of archived is connected to your clean bill of health is connected to Symantec Enterprise Vault, the comprehensive archiving solution that makes managing fast, efficient, and thorough Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and Enterprise Vault are registered trademarks of Symantec Corporation. Take control of your most important digital assets. Up to 5% of your company s intellectual property is in or instant messaging. Today, a typical ediscovery request can cost IT departments countless hours and dollars to recover the specific range of messages on time. Symantec Enterprise Vault facilitates the legal and business best practices of storing, managing, and discovering and other electronic files. So you re free to focus on the big picture. Learn more at symantec.com/enterprisevault Confidence in a connected world.

6 CHAPTER 2 A QUICK LIST OF Gartner s Bace recommends that, for their part, IT executives should develop an inventory of electronic information that could potentially be requested during a discovery process. Executives should know what is reasonably accessible and what is not. This is not just creating an electronically stored information (ESI) data map. You want to try to help the lawyer limit the scope of discovery from the other side, he said. Let the legal team limit the scope of discovery to the relevant custodians who are involved in the matter. For example, if it s a case involving product liability, e-discovery might be limited to those who helped develop the product. The other side will ask for any and all [ , instant messages and so on], and you don t want to do IT executives should develop an inventory of electronic information that could potentially be requested during a discovery process. that, he said. Bace also suggests that IT executives and lawyers create a nomenclature and define their terms so every- Data retention policies Gartner Inc. offers its recommendations on retention policies q Develop a reasonable Windows document retention policy that supports the business and gives authority to destroy information when it is no longer needed. q Communicate, educate and enforce document retention policies to ensure they provide value and reduce risk for the organization. q Use technology to automate whenever and wherever possible regarding document retention and management. q Strive for a collaborative environment with regard to e-discovery. Whenever possible, negotiate with adversaries to share the value and reduce cost. 6 THE WINDOWS MANAGER S GUIDE TO

7 CHAPTER 2 A? WHAT IS... a litigation support manager? one is in agreement. Also, work with the legal staff to create some metrics that illustrate terms such as volume and speed. It may be too much of a cost burden to collect all for January, for example. Perhaps something can be worked out that is more reasonable. The process for e-discovery has to be repeatable, defensible and transparent, Bace said. Get the facts on the table, get to the court room, and there everyone can beat themselves bloody. The costs and volumes that are associated with e-discovery are rising, and enterprises must recognize that there is huge value in organizing their information and data, Bace said. By taking a proactive approach to preparing for an e-discovery request, and by creating cross-departmental teams and a plan for document management, IT executives are in a good position to minimize their companies overall risk in litigation. NO MATTER HOW much extra training is involved, IT managers are not lawyers and lawyers are not IT managers. Both have separate and complicated jobs. But this combination of skills, plus a changing legal landscape, has created the need for a role in the IT department for someone with insight on the needs of both, according to Gartner Inc., which is tracking this emerging career path. The role of the litigation support manager is to oversee the creation and maintenance of the inventories, to keep track of e-discovery products and services, to act as the liaison for corporate counsel in e-discovery actions, and to carry out the process of litigation hold, among other things. Gartner experts say many of these specialists now work in law firms. Indeed, the role is more likely filled by a lawyer than an IT support professional because fewer IT pros are likely to know the law. Over time, however, that is likely to change as IT departments become more familiar with the demands of the law, according to the firm. The only training that anyone is likely to have today is on the job. Enterprises might cull early candidates from IT security, where some pros will know forensics tools, or maybe even regulatory agencies or from law enforcement. Margie Semilof THE WINDOWS MANAGER S GUIDE TO

8 CHAPTER 2 ABOUT THE AUTHORS: A Margie Semilof is the senior news director for TechTarget s Windows Media Group and is responsible for news coverage of the Windows platform. A high-tech journalist for more than 20 years, Semilof has written about a variety of technical topics ranging from hardware and software to telecom and networking. Kathryn Hilton has worked as an industry analyst for Gartner Group and for several large storage companies. She is currently a senior analyst for policy at Contoural Inc., a provider of business and technology consulting services that focuses on litigation readiness, compliance, information and records management, and data storage strategy. The Windows Manager's Guide to e-discovery is part of the Windows Manager Guide series from SearchWinIT.com. Marilyn Cohodas Editorial Director mcohodas@techtarget.com Christine Casatelli Editor ccasatelli@techtarget.com Martha Moore Copy Editor mmoore@techtarget.com Linda Koury Art Director of Digital Content lkoury@techtarget.com Jonathan Brown Publisher jebrown@techtarget.com Gabrielle DeRussy Senior Director of Sales gderussy@techtarget.com 8 THE WINDOWS MANAGER S GUIDE TO

9 RESOURCES FROM OUR SPONSOR Learn more about Symantec Enterprise Vault Symantec Enterprise Vault 200 provides a software-based intelligent archiving platform that stores, manages and enables discovery of corporate data from systems, file server environments, instant messaging platforms and content management and collaboration systems. q Click here for a variety of white papers, case studies, testimonials and more. 9 THE WINDOWS MANAGER S GUIDE TO