DCIG is pleased to announce the availability of its DCIG 2014-15 Security Information and Event Management (SIEM) Appliance Buyer’s Guide. In this Buyer’s Guide, DCIG weights, scores and ranks 29 SIEM appliances respectively from nine (9) different providers. Like all previous DCIG Buyer’s Guides, this Buyer’s Guide provides the critical information that all size organizations need when selecting a SIEM appliance to help provide visibility into their security posture by providing usable and actionable information.
One of the most common initial use cases for cloud storage is for the storage of archival data. However that does not mean every organization is quite ready to move all of their archival data to the cloud or, what they do move to the cloud, trust the cloud to be available to provide access to the data when they need it. In this fifth blog entry in my interview series with C2C Systems’ CTO Ken Hughes, he talks about the importance of having access to cloud storage repositories for archival data and the advantages of keeping on-premise and data in the cloud synchronized.
Most companies recognize the benefits of deleting data when it no longer serves any business purpose or when it legal requirements to retain it have been met. However the act of deleting data still gives many organizations pause. In this third blog entry in my interview series with C2C Systems’ CTO Ken Hughes, he discusses C2C’s policy management features and the granular ways in which users may manage deletion in their data stores.
The accelerating increase in the volume of Electronically Stored Information (ESI) is resulting in knowledge workers reaching a point where they may not be able to utilize traditional data management and analytic technology and processes to keep pace. However, the increases in knowledge worker productivity and decreases in eDiscovery costs made possible by predictive analytic technology are coming to the point where they are applicable to other knowledge management tasks within the enterprise.
Faced with the accelerating increase in the volume of Electronically Stored Information (ESI) and the emergence of the concept of Big Data, enterprises worldwide need next generation IT systems to fulfill their corporate compliance, information governance and eDiscovery requirements to process and analyze all of this data. It is in response to this demand and the result of recent legal precendents that Technology Assisted Review (TAR), also known as Predictive Coding or Computer Assisted eDiscovery, is emerging as a legally viable and court-recognized option.
Companies who execute Information Governance plans are looking for eDiscovery products supporting Early Case Assessment (ECA). ECA is a combination of search, workflow management, information processing, and multilingual user interfaces. ECA requires a cohesive set of technology, business and data science stakeholders to select products.
ECA is powerful business process, but identifying ECA products is a beleaguering task. ECA mashes together eDiscovery and technology requirements. The “mashing of requirements” creates a broad matrix of products and functionality. Without question, eDiscovery has significantly evolved within the last few years.
On average most mid-sized companies are not bothering with Information Management as a means to mitigate e-discovery costs. That is a conclusion reached by comparing Symantec’s 2011 Information Retention and eDiscovery Survey announced in October 2011 with the research completed by King and Spalding, LLP for the Duke Law Journal December 2010.
Over the years big data has crept into the everyday life of systems administrators. Attempts to solve the big data problem in both block and file storage emerged as data management software. While data management software struggled to get a footing, deduplication and compression took off stunting data management software’s growth.
Deduplication and compression technologies have well known capabilities in both the storage and information disciplines. However, they differ in a significant way. These technologies do not ease the burden of information management.
Last week’s blog took a look at the 10 most read blogs in 2009 that were written in 2009. This week I wanted to step even further back and reflect upon the top 10 most read blogs in 2009 regardless of when they were written as I find this insightful in two ways. It lets me know what information continues to hold the attention of readers on as well as what topics from the past might become new trends in 2010. So while there is definitely some overlap between the two, there are also some entries that appear on this list that knock some of the top 10 blogs from last week off the list.
A recent virtual eDiscovery roundtable that I participated in highlighted the difficulties that companies are having in getting their arms around the proliferation of electronically stored information (ESI) in their organization. This is especially true when one considers the growth of social media and how it can negatively impact them going forward. One attorney participating in the roundtable even went so far to say that, “We have lost control in regards to blogs, wikis and newer forms of social media.” Thankfully the news is a little bit better in regards to the management of older, more mature forms of social media such as email but challenges still remain.
A recent DCIG blog entry called into question the value of Bear Stearns selection of Orchestria and its inability to detect the alleged illegal activities of two of its Asset Management portfolio managers. More specifically, it asked why Orchestria did not detect the illegal activities of these individuals and why Bear Stearns did not configure it to monitor for these activities in the first place. The blog posting prompted a comment and phone call from Alan Morley, one of the individuals formerly responsible for implementing and managing Orchestria at Bear Stearns and why monitoring, detecting and preventing this activity is not as easy as it sounds.
Before storing documents electronically gained acceptance in the enterprise, retrieving documents meant parsing file cabinets and retrieving paper forms. And when it came time to share that information with the public without revealing classified information, it usually meant copying the original document and then pulling out a black marker that was used to cross out sensitive information on the copy, followed by more copying until the underlying text could no longer be seen. So while in the last decade most companies have scrapped file cabinets in favor of document images, more companies keep the black marker handy than they would probably like to admit.
Enterprise and holistic investigation, as concepts and strategies, generate many questions, concerns and risks. Our investigator, legal and security community is made up of 50+ professionals. Our community helps develop working Investigation Playbooks to intersect pressing investigative issues. For example, our community collaborates with us to develop Investigation Playbooks to manage retention policy, business continuity and information security issues. Some of our community members includes KPMG, ARC Group NY and individuals, such as Steve Harper of Crucial Security and Randy Barr Chief Security Officer at WebEx.
As corporate counsel becomes more savvy and comfortable with the ‘reasonable’ standards of due diligence, they have begun to take control of the spend. The first question that many a General Counsel asks is “Why don’t we just do this ourselves?” Your vendors will have a polished set of answers sprinkled with names like Morgan Stanley, Qualcomm and Merrill Lynch, all designed to use the Sanction Scarecrow to keep their golden goose producing. The smoke and mirrors have lost their effectiveness in the face of new guidance from the Sedona Conference, EDRM, conference panels and waves of webinars.
This is delivered by marrying efficient resources, high-speed review applications and proactive project and process management. We also use higher level strategies, such as our Dynamic Data Analysis™ (a blending of statistical, conceptual and legal analysis), to both identify relevant documents as quickly and cost-effectively as possible, and to simultaneously reduce the total amount of data required to be reviewed.
The legal (but somewhat impractical) issue is pretty straightforward here—what industry you’re in will determine the regulatory and legal requirements for you. Since relatively few industries are subjected to substantial regulatory/legal requirements for preservation, the question of retention of most records is, often, a balance between the benefit of end user access, aka knowledge management, contrasted against the burdens of data retention expense and potential legal production obligations.
The greatest challenge we experience is the requirement to educate IT and legal teams on the downstream impact of their technology decisions (e.g., an application may be a dream to manage for the IT team but could be very poor for review and production purposes). Our challenge is getting both teams to factor in functionality for all stakeholders and the impact of downstream costs, such as review, legal risk, analysis, etc., to their overall Return On Investment (ROI) calculations.
For example, a few years ago DiscoverReady had a conversation with a lawyer who needed high-level help understanding the basics of eDiscovery. Three months later, he was listed on his firm’s website as the eDiscovery practice leader. DiscoverReady recommends legal counsel be aware of self-proclaimed experts and stay deeply involved in the eDiscovery process.
Frankly, I agree with Steve that EMCs work on solution frameworks is paramount. That work is primarily focused on structured content and structured processes. However, the frameworks aren’t really new to the area of managing unstructured content. Microsoft first released accelerators in 2003 under the umbrella of “Office Solution Accelerators”, then in late 2004 renamed the program to Solution Showcase for the Microsoft Office System. In either case, the situation remains bleak for managing unstructured content created by non-deliberate processes.
Business processes, like electronic discovery, offer defined metrics and quantitative impacts on organizations. Historically speaking, electronic discovery review budgets have been rising steadily; creating the need to improve review (better crushing power) or reduce data going into review (refined selection process). Moreover, the team at KVS/Symantec knew in 2005 that “Discovery Accelerator 1.0” was a stifled product; primarily designed to return email results for people, according to dates and keywords. At the time all the talk was around better “improving review,” but the market has been saying “early case assessment” since early 2007.