The concept of Defensible Disposition has been around for many years. Defensible Disposition is the process of disposing of unneeded and valueless information in a manner that provides information about the disposition process showing that deleted data was not under regulatory retention requirements and the data was not subject to current or anticipated eDiscovery. In short, a data disposition process that ensures regulatory and legal considerations are taken into account.
There are many reasons to develop and follow information management policies including the retention/disposition of information. The most obvious reason is to ensure compliance with regulatory retention requirements. Another reason is because of business requirements such as ensuring that data not deemed having long term value is disposed of so that IT resources are not consumed with "junk" data.
I continue to hear companies make the case for the need to have relatively detailed retention/disposition policies is due to their belief that "the law" requires it - in case your company is involved in a lawsuit and eDiscovery. Let me first touch on the first two reasons before I get into the main reason for this blog.
There's a compelling business case for attorney’s utilizing cloud storage including cost, ease of access, and security, but can lawyers ethically use it?
I still have attorneys argue with me about the appropriateness of storing client-related data, client notes, case notes, and eDiscovery results sets in the cloud. Because cloud storage involves storing data, on remote servers/storage outside of the lawyer's direct control, it continues to generate concerns regarding its acceptability under applicable professional ethics rules.
In my last blog, I discussed the connection between information management and data value. I laid out a math exercise showing how a lack of information management can dramatically affect productivity across the organization by calculating the actual cost of employees not being able to find information when the need it. This in turn causes employees to waste time looking for it, and when not found, being forced to recreate it. By estimating the number of hours of lost productivity as well as the fully loaded cost of the average employee, we are able to determine the total cost of lost productivity.
Taking this theme further, we can use the estimate of lost productivity hours and calculate total lost revenue – the revenue the company could have captured if enterprise-wide information management was more efficient.
Corporate data is what powers most businesses and so is a valuable business asset. In fact, you can say that companies employ information workers to generate and consume data for the betterment of the company. But can you actually calculate the value of data?
Employee’s annual salary, benefits, training, and corporate infrastructure all go into calculating the cost of information. On the other side of the equation, average revenue and profit per employee are measures of efficiency and productivity. To be successful, companies must generate more revenue (and profit) than total cost. And these are driven by how well companies manage their information.
In a couple of blogs over the last month, I have mentioned the possibility of Predictive Information Governance (PIG) - automated information governance based on unsupervised machine learning technology. Just like the name implies, unsupervised machine learning (computers teaching themselves) removes the iterative manual training cycles of the learning process and allows the system to automatically categorize, store, apply retention/disposition, and manage content as it flows within the system.
In past blogs I have discussed the possibilities of machine learning and information management, i.e. predictive information governance (PIG) and auto-categorization to automate the management of electronically stored information (ESI). One of the challenges the information management industry continues to face is how to extend this machine learning capability to audio and video content.
Many companies faced with a need to archive data (usually email) due to regulatory requirements, eDiscovery responsibilities, or business requirements, look for solutions based on capabilities, cost, vendor reputation, security, and regulatory requirements.
In the past, companies in need of archiving solutions purchased one of the many on premise or cloud-based solutions that met their needs. However, many of these archiving solutions actually converted the data so as to enable more efficient storage, indexing, and search. The problem with data conversion is the data can be corrupted or metadata changed or lost nullifying its “golden copy” or copy of record status. In most cases, this is not really a problem… unless you are anticipating or are in fact, involved in litigation.
SharePoint adoption continues to grow year over year. It was originally envisioned to be an entry level document management system but has since grown to include content management, as an intranet portal for enterprise information and applications, a groupware platform, a social platform, personal cloud, and a platform for custom web applications. Because of these expanding use models, many have found that the standard SharePoint storage allowance is not enough.
Social media platforms have proliferated as a direct method for companies to connect with their customers. However, in the last several years, businesses have been forced to collect and make available social media content for both eDiscovery and regulatory compliance.
For centuries, records/information managers have had to rely on end-users to take the first, second, and third steps in information governance which are:
- Make a decision on a document as to whether it should be retained
- Decide how long it should be kept (retention period)
- And actually take the step to move the document somewhere for safekeeping and management.
Over the last 15 to 20 years, many companies have marketed and sold “records management systems” that would supposedly make information management much easier. However, these systems didn’t address the 3 points above; the reliance on end users to initiate the process and to make decisions on the importance of the content.
They knew they had something here. I guess they should have known that when one of the largest banks in North America became one of their first clients. Our founders brought a simple tool to market - a software solution that moved data, moved it fast, and moved it completely, to the cloud. At that time, we liked to describe the company as a moving company and everyone was (and still is) always moving. What made it better was that everyone’s lawyer and every new law required our customers to never throw any of those old boxes of stuff away. By law, every relatively insignificant email, attachment, scrap of metadata, etc., from every deal, and every past and current employee had to be boxed up and kept in storage in perpetuity, or until someone somewhere had the guts to actually say “delete it.”
Finally, the financial industry is no longer forced into purchasing and supporting overpriced on premise WORM storage or high priced, specialty cloud archives that lock them into the platform with ridiculously high penalties when you want to move your data out. At least many of the on premise WORM storage systems such as the EMC Centera storage system have a proven history of meeting SEC Rule 17 a-4 requirements however, the financial industry is moving to the cloud for lower prices and higher security.
Updated: Corporate eDiscovery data storage practices have progressed (a bit) over the last 10 years. More than a few times over the years, I’ve received emails from my employer’s corporate legal department informing me that they would need me to search my email—including local and online file repositories—for any potentially relevant content and set it aside until it was asked for. Come to think about it, I never received any follow-up emails releasing me from those instructions …
I am pleased to announce that Archive360 has made it past Round 1 and is moving on to Round 2 of the Big50-2017. To make it past the first round, the Big50-2017 judges evaluated Archive360 on criteria that ranged from exploring the challenges we help our customers to overcome and the IT and business goals we help them to achieve – to drilling down into how we actually do it. We were excited to make it onto the Round 1 roster!! Then, the next step was for actual end customers and our fellow vendors to vote.
Many companies that store content in cloud-based archives are stunned by their cloud vendor’s one-way attitudes - it’s free to move huge amounts of data into their cloud-based archives, however, it’s another story when you want to move it out again.
Whether you need to export a large data set in response to an eDiscovery request, or, heaven forbid, you’ve grown dissatisfied with the cloud vendor and want to move your data somewhere else, the cost to extract your data skyrockets, and in many cases, to ridiculous levels.
President Trump signed an Executive Order (EO) on 5/11 designed to strengthen the cybersecurity of federal networks by continuing a massive shift in how the US Government handles its data aiming to create a single federal IT enterprise. This effort will be quarterbacked by the Department of Homeland Security (DHS) and the Office of Management & Budget (OMB). DHS Security Advisor Tim Bossert explained that there will be a preference in federal procurement for shared IT services among the 190 federal agencies and the goal of this move to the cloud is to avoid defending antiquated and fractional systems.
Can your defense team save additional litigation cost and lower risk by using the cloud to dramatically reduce the number of data transfers?
The cloud has become a ubiquitous tool for most companies (and industries) over the last several years. However, when dealing with legal situations and eDiscovery, companies are still in the habit of shipping hard disks, optical disks, or if they’re lucky, electronically transferring terabytes of data to their external law firms in response to eDiscovery demands. Those same law firms turn around and follow the same data shipping/transfer processes when turning over client eDiscovery data to opposing counsel.
With the continuing explosion of data piling up across organizations around the world, many are turning to the cloud as an economical way to keep pace with the vast amounts of data they must store, manage, and share. Eventually, much of this data is archived for regulatory, legal, and business reasons while all of it is backed up due to disaster recovery practices.
Most of us have been exposed to enterprise file shares during our professional life. These enterprise file shares are what some also referred to as “home drives”; personal folders setup on network drives that employees would have access to store work files etc. Over the last several years, cloud-based individual file shares have become very popular. Dropbox, Google Drive, Box, Apple iCloud, SugarSync, and Microsoft OneDrive are but a few of the more popular ones.