Re: e-discovery software and outsourcing insights?

[Steve Werby <smwerby () VCU EDU>]

Caroline,

We do have a records management program (unlike UVA, it's not under the
ISO) and I concur that the typical building blocks like a robust data
inventory, data reduction, etc. should be pursued.  Our relative lack of
visibility into where our data is, especially with devices and systems
that aren't centrally managed, has already been discussed internally.
Short-term though, I need to be able to deal with last month's request,
last week's request and those unknown requests that will likely cross my
path in the months to come.  My focus right now is on data my staff and
colleagues are able to acquire.

It seems as though the software and systems that exist may help address
some of our needs.  At this stage, I just need to do my due diligence.
I want to be able to present some alternatives to our CIO and legal
counsel.  I'll take a look at the sites you mentioned and I appreciate
your offer.  I'll probably be in touch in the next week or two.

--
Steve Werby
Information Security Officer
Virginia Commonwealth University
VCU Information Security - http://infosecurity.vcu.edu/
News, Tips & More - http://www.twitter.com/vcuinfosec
Best Practices - http://infosecurity.vcu.edu/docs/infosecbp.pdf

On 2/26/2010 4:16 PM, Walters, Caroline (cw8de) wrote:
> I agree with Valdis - clean up your data storage/process etc before you are faced with a preservation order.  We have a 
> saying here - it's easier to find the needle(s) if you have a smaller haystack.  If you have a records management 
> program, check with them on retentions of back-ups, data etc.  If the records/back-ups/data have met the required retention 
> and there are no pending audit/legal issues, destroy the information.  It will save you time, effort and $$$$ in the long 
> run.
>
> Also do an inventory of where all your electronic information is stored and who is the custodian/owner of the data - a good "data 
> map" makes the discovery process much easier - and also helps to keep the "haystack" small as it can identify data that 
> should end up in the destruction bin and allow for much more focused searching for records.
>
> The software/systems I have seen for e-discovery do help when you are processing the data for relevant information.  It 
> won't find that laptop or thumb drive with data on it, it may search networked servers.  You will still have to spend time 
> restoring all the back-ups (if requested).  And it won't make decisions on what is ultimately relevant to the case - most of 
> the programs require an attorney/paralegal etc. to review of the findings after the search for relevancy.  It will help limit 
> what the attorneys have to search through by keyword searches - but many of the vendors charge according to the amount of data it 
> has to search and the number of keywords, etc.
>
> The Sedona Conference has done some great work on e-discovery issues.  You can check out their publications and 
> resources here:  http://www.thesedonaconference.org/
>
> Also AIIM has helpful with information on e-discovery issues and their annual Expo conference usually has great 
> programs and loads of vendors who provide e-discovery services:  http://www.aiim.org/What-is-eDiscovery.aspx
>
> Happy to answer other question off line.
> Caroline
>
>
> Caroline J. Walters, MA, MLS
> University Records Officer/Records Management
> Information Security, Policy, and Records Office (ISPRO)
> Office of the Vice President/CIO
> University of Virginia, 2400 Old Ivy Rd.
> Box 400898, Charlottesville, VA 22904-4898
> Phone: (434) 243-9162
> Fax: (434) 243-9197
> Email: cjwalters () virginia edu
>
>
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valdis 
> Kletnieks
> Sent: Friday, February 26, 2010 3:52 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] e-discovery software and outsourcing insights?
>
> On Fri, 26 Feb 2010 11:11:25 EST, Steve Werby said:
>
>
> > Do you have experience or insights about e-discovery platforms that
> > cover all phases of the process after data collection (processing,
> > searching, analysis, reviewing, production, etc.)?
> Insight:  If you wait till after data collection, you've made your work about 63.4 times harder than you had to.  You 
> *really* want to sit down and do some up-front work to make the back-end work easier.
>
> A few years ago, we had an unfortunate incident on campus, where we literally ended up doing the first steps of data 
> preservation while still in lockdown.
> The fact we weren't ready for it beforehand, combined with a legacy tape system that used 40G tapes, conspired to leave us holding the bag on 
> some 18,000 tapes. We're *still* dealing with the fall-out from that - by the time we're done we'll have easily blown 10 man-years on 
> it.  And that's before we've actually handled a single e-discovery request.
>
> Moral: You *really* want to look at your ongoing business practices, and see where you can make things simpler for when 
> things go bad...