How to avoid an e-discovery disaster
Be prepared to preserve data when your company is heading to court.
Computerworld - You know that feeling you get when you realize you forgot to do something important? That's how you'll feel if you overlook something during the e-discovery process when your company is involved in legal proceedings.
And the consequences could be devastating. Judges don't take kindly to lost or destroyed evidence, so your company could be hit with multimillion-dollar fines or lose an otherwise winnable court case. Here are some best practices to help you avoid such a scenario.
Talk to your legal department on a regular basis. Let's face it -- the legal department isn't an IT manager's favorite place to spend time. However, it's vital that legal and IT are on the same page when it comes to information management policies and e-discovery processes. One benefit of meeting with in-house counsel regularly is that you'll get to know the key contacts so you'll be prepared to act fast if your company does face legal action. And the best part is that it greatly reduces the surprises you could face down the road.
Make your information-handling practices routine and consistent. It's critical to be able to prove in court that your standard operating procedures are maintained and followed by every individual in your company.
For example, waiting until your backup system pages you because it needs a tape mount and then grabbing the last few tapes from an old backup that you "know is out of date" and sticking them in for overwrite should not be routine or consistent. Trust me; you don't want to have to explain later why you chose those specific tapes to overwrite. And no, "because they were on top" isn't an acceptable or defensible answer.
If your data retention policy requires the destruction of data, then it's even more critical for you to be unfailingly consistent with your approach. Destroying data on time is just as important as backing it up.
Keep a trail. Backup logs, system and event logs, shipping receipts, help desk tickets, work requests, e-mail, meeting notes, journal entries, and yellow sticky notes can all be resources for you to draw on when (not if) you need to recall or prove what you did or didn't do in the course of a typical day.
Once an e-discovery project starts, you'll hear the term chain of custody often. Basically, this means that you need to know -- and that you should be able to prove -- who had the data and when. The tricky part is that the chain has to start long before the e-discovery matter begins, so you need to take steps now to ensure that you can track the chain of custody in the future.
For instance, when an employee creates a file on your network and then you back it up, you need to keep track of the original author. Most backup software does this, or, at the very least, you can tell from the directory structure whether the file was in someone's home directory.
Your description of the chain of custody should indicate when a file was a shared resource for a group of users, as opposed to something held by a specific individual. For example, you may know that a file named StatusReport2.doc was created by Ann Smith, but she saved it in a shared folder where her seven teammates could, and frequently did, open it and enter their own comments.
In that case, you'd describe the group (Ann's Team) that had access to the documents as the custodians. When you back up the file and send the tapes off-site, you are the custodian.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Using VM Archiving to Solve VM Sprawl This CommVault whitepaper discusses how archiving virtual machines can mitigate VM sprawl with a comprehensive approach to VM lifecycle management.
- Keep Your Network Available, Efficient and Secure Make the most of your network by working with experts who "get it." CDW and F5 have partnered to keep networks highly optimized....
- Make or Break: New Auto Products Must Go To Market On Time This Webcast quantifies the value of time to market for the auto industry and highlights how Primavera Enterprise Portfolio Management can help organizations.
- IBM Flash Webcast: Optimizing your Datacenter for Efficient Storage & ROI Register for this webcast to learn the benefits of flash storage from IBM Customer, Leonardo Irastorza of Royal Caribbean Cruise Ltd and Storage... All Data Storage White Papers | Webcasts