Skip Links

10 tips for moving e-discovery into the enterprise

StoredIQ on e-discovery

Security Strategies Alert By M. E. Kabay, Network World
June 05, 2008 12:05 AM ET
Sign up for this newsletter now!

The long view of security strategies for your network.

I recently received an interesting essay from a public relations officer, Dave Dix, who wrote:

“In the wake of Enron, Sarbanes-Oxley, and new Civil Rules of Federal Procedure in 2006 governing standards for preserving information, e-discovery (i.e., identifying, collecting, and processing electronic legal evidence) is turning into an ever-greater expense for many mid- and large sized companies. Unstructured information is proliferating, spending is skyrocketing, heavyweight analysts such as Gartner and Forrester are weighing in. More and more enterprises are deciding to bring e-discovery in-house, rather than have it performed by litigation support services firms. But when they do, they'll need to assemble a careful checklist of features their solution will need to have to be effective.”

He then included the following essay from Ursula Talley, vice president of marketing for StoredIQ, a provider of “enterprise-class Intelligent Information Management solutions that enable organizations to gain visibility and control over business-critical information in order to meet compliance, governance, and legal discovery requirements.”

The remainder of today’s column is Talley’s work (with minor edits). I was particular impressed that she does not even mention her own products!

* * *

If you work for a mid- to large-sized company - say, one with more than $500 million in revenue - you are probably familiar with the problems of e-discovery. Your enterprise may routinely face five or more litigation matters each year, and you have terabytes of unstructured information that you need to sort through in order to find relevant information and place it on litigation hold.

Worse, that unstructured information is growing dramatically: at a rate of up to 80% a year in many enterprises. Unmanaged and unplanned-for e-discovery tasks increase both risk and headaches for legal, IT, and business unit organizations. Outsourcing e-discovery to litigation services firms makes sense if you don’t have much data or rarely face litigation, but it doesn’t make good financial sense as your organization grows. That’s particularly true if you work in highly regulated and litigation-prone industries such as banking, insurance, energy, or utilities.

Here are 10 tips to choosing an e-discovery solution that can get up and running quickly, solve the problems you need it to, and pay for itself within months.

1. Make sure your solution covers the full breadth of the e-discovery process as defined by the industry’s EDRM (Electronic Discovery Reference Model) standard. Your solution needs to cover everything from information management, identification, preservation, and collection, to processing, and early case analysis – handing over only the smallest legally defensible set of data to the legal review team. Otherwise, you’ll have to cobble together multiple solutions from multiple vendors, and create a bigger headache for yourself. Not to mention the compromised audit liability point solutions present.

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services and teaching. He is Chief Technical Officer of Adaptive Cyber Security Instruments, Inc. and Associate Professor of Information Assurance in the School of Business and Management at Norwich University. Visit his Web site for white papers and course materials.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News