Category Archives: eDiscovery

X1 Announces Strategic Product Integration with Relativity

Today we are announcing some exciting news. Our X1 enterprise eDiscovery solution now integrates with Relativity, the industry leading e-discovery platform. X1 Insight & Collection, a component of the X1 Distributed Discovery platform, allows enterprises to search across and collect from up to thousands of custodians in hours, now with direct upload into Relativity, including RelativityOne, utilizing Relativity’s import APIs.

The X1 and Relativity integration addresses several pain points in the existing e-discovery process. For one, there is currently an inability to quickly search across all unstructured data, meaning users have to spend the weeks or even months that are required by other cumbersome solutions. Additionally, using ESI processing methods that involve appliances that are not integrated with the collection significantly increase cost and time delays. And with such an  inefficient process there is simply no way for attorneys and legal professionals to gain immediate visibility into data, often leaving them to wait weeks before they have a chance to assess the data, post- collection.

The X1/Relativity integration directly addresses these challenges. Among the substantial benefits of this integration is the dramatic increase in speed to review, flowing directly from the custodian into Relativity on-premise or into the cloud-based RelativityOne platform. And this integration significantly reduces or completely eliminates inefficient ESI processing. X1 will search, cull and de-duplicate data at the point of collection and now integrates with the Relativity ingestion API, rendering inefficient and expensive processing appliances obsolete.

Organizations will be given real time early case assessment within minutes of initial search instead of taking days and weeks for this insight.  All of this is achieved with a truly repeatable end-to-end process for enterprises. The combination of X1 and Relativity provides a full and complete e-discovery platform.

“Collecting enterprise ESI can be one of the most daunting parts of the e-discovery process,” said Drew Deitch, senior manager for strategic partnerships at Relativity. “We’re excited to bring X1 into the App Hub, where it will offer users another great way to access, search, process, and import enterprise data into Relativity.”

Finally, with this integration providing a complete platform for efficient data search, discovery and review across the enterprise, this also enables organizations to very effectively address numerous information governance use cases such as GDPR compliance, identifying and removing PII and conducting IP data audits.

To see X1 in action, we have a 7-minute demonstration video including this integration with Relativity available here.

Leave a comment

Filed under Best Practices, ECA, eDiscovery, eDiscovery & Compliance, Information Governance, Preservation & Collection, Uncategorized

GDPR Compliance Requires Effective Enterprise eDiscovery Search and Analysis Capabilities

The European General Data Protection Regulation (GDPR), which will be in full force in May 2018, promises to profoundly impact global organizations, requiring the overhaul of their data audit and information governance processes. The GDPR requires that an organization have absolute knowledge of where all EU personal data is stored across the enterprise, and be able to remove it when required.

GDPR-stampGDPR’s potentially significant penalties, which can be up to 4% of total global revenues or 20 million euro (whichever is greater), clearly have teeth and are intended to attain meaningful compliance.  However, The CXP Group, a leading IT research firm notes in an industry report that, “compliance with GDPR will only be legally (effectuated) if an organization is able to identify exactly where data is.”

Under the GDPR, a European resident can request — effectively on a whim — that all data an enterprise holds on them be identified and also be removed. Organizations will be required to establish a capability to respond to such requests. Actual demonstrated compliance will require the ability to search across all data sources in the enterprise for data, including distributed unstructured data located on desktops and file servers.

The GDPR specifies processes and capabilities organizations must have in place to ensure the personal data of EU residents is secure, accessible, and can be identified upon request. Its articles and principles set out several obligations organizations will need to address, including the points enumerated below. These requirements can only be complied with through an effective enterprise eDiscovery search capability:

  • Data minimization: Enterprises should only collect and retain as little personal data on EU subjects as possible. Corporate privacy attorneys advising clients on GDPR and EU privacy shield compliance, note that unauthorized “data stashes” maintained by employees on their distributed unstructured data sources is a key problem, requiring companies to search all endpoints to identify information including European phone numbers, European email address domains and other personal identifiable information.
  • Enforcement of Right to be forgotten: An individual’s personal data must be identified and deleted on request.
  • Effective incident response: If there is a compromise of personal data, an organization must have the ability to perform enterprise-wide data searches to determine and report on the extent of such breaches and resulting data compromise within seventy-two (72) hours.
  • Accountability: Log and provide audit trails for all personal data identification requests and remedial actions.
  • Enterprise-wide data audit: Identify the presence of personal data in all data locations and delete unneeded copies of personal data.

A mandatory aspect of GDPR compliance is the ability to demonstrate and prove that personal data is being protected, requiring information governance capabilities that allow companies to efficiently produce the documentation and other information necessary to respond to auditors’ requests. Many consultants and other advisors are helping companies establish GDPR compliance programs, and are documenting policies and procedures that are being put in place.

However, while policies, procedures and documentation are important, such GDPR compliance programs are ultimately hollow without consistent, operational execution and enforcement. CIOs and legal and compliance executives often aspire to implement information governance programs like defensible deletion and data audits to detect risks and remediate non-compliance. However, without an actual and scalable technology platform to effectuate these goals, those aspirations remain just that. For instance, recent IDG research suggests that approximately 70% of information stored by companies is “dark data” that is in the form of unstructured, distributed data that can pose significant legal and operational risks.

To achieve GDPR compliance and also EU data shield certification, organizations must ensure that explicit policies and procedures are in place for handling personal information, and just as importantly, the ability to prove that those policies and procedures are being followed and operationally enforced. What has always been needed is gaining immediate visibility into unstructured distributed data across the enterprise, through the ability to search and report across several thousand endpoints and other unstructured data sources, and return results within minutes instead of days or weeks. The need for such an operational capability is further heighted by the urgency of GDPR compliance.

X1 Distributed Discovery (X1DD) represents a unique approach, by enabling enterprises to quickly and easily search across multiple distributed endpoints and data servers from a central location.  Legal and compliance teams can easily perform unified complex searches across both unstructured content and metadata, obtaining statistical insight into the data in minutes, instead of days or weeks. With X1DD, organizations can also automatically migrate, collect, delete, or take other action on the data as a result of the search parameters.  Built on our award-winning and patented X1 Search technology, X1DD is the first product to offer true and massively scalable distributed searching that is executed in its entirety on the end-node computers for data audits across an organization. This game-changing capability vastly reduces costs while greatly mitigating risk and disruption to operations.

X1DD operates on-demand where your data currently resides — on desktops, laptops, servers, or even the Cloud — without disruption to business operations and without requiring extensive or complex hardware configurations. Beyond enterprise eDiscovery, GDPR and other information governance compliance functionality, X1DD includes the award-winning X1 Search, improving employee productivity while effectuating that all too illusive actual compliance with information governance programs, including GDPR.

Leave a comment

Filed under Comliance, Data Audit, eDiscovery, Uncategorized

eDiscovery Tech Can Effectively Address Key Cybersecurity Requirements

Organizations spent an estimated 122.45 billion USD in 2016 on cybersecurity defense solutions and services, in a never-ending effort to procure better firewalls, anti-malware tools, and intrusion detection and prevention systems to keep hackers out of their networks. However, recent industry studies clearly demonstrate that threats posed by insiders (whether through malice or negligent conduct) dwarf those from the outside.

In fact, industry experts assert that employees are inadvertently causing corporate data breaches and leaks daily. The Ponemon Institute recently surveyed hundreds of companies in its 2016 Cost of Data Breach Study.  Among 874 incidents, the survey revealed that 568 were caused by employee or contractor negligence; 191 by malicious insiders and only 85 incidents purely attributed to outsiders.

An insider is any individual who has authorized access to corporate networks, systems or data.  This may include employees, contractors, or others with permission to access an organizations’ systems. With the increased volume of data and increased sophistication and determination of attackers looking to exploit unwitting and even recruit malicious insiders, businesses are more susceptible to insider threats than ever before.

The most serious and often devastating cybersecurity incidents are usually related to “spear phishing” attacks, which are comprised of targeted and often highly customized electronic communications sent to specific individuals in a business that appear to come from a trusted individual or business. The targeted insider is often tricked into disclosing their passwords, providing highly sensitive information, or installing malware on their computer. These attacks tend to be successful because they are so customized and are designed to evade traditional cybersecurity defenses.

Much of the evidence and other indications of spear phishing and malicious insider incidents are not found in firewall logs and typically cannot be flagged or blocked by intrusion detection or intrusion prevention systems. Instead, much of that information is found in the emails and locally stored documents of end users spread throughout the enterprise. To detect, identify and effectively respond to insider threats, organizations need to be able to search across this data in an effective and scalable manner. Additionally, proactive search efforts can identify potential security violations such as misplaced sensitive IP, or personal customer data or even password “cheat sheets” stored in local documents.

To date, organizations have employed limited technical approaches to try and identify unstructured distributed data stored across the enterprise, enduring many struggles. For instance, forensic software agent-based crawling methods are commonly attempted but cause repeated high user computer resource utilization for each search initiated and network bandwidth limitations are being pushed to the limits rendering this approach ineffective. So being able to search and audit across at least several hundred distributed end points in a repeatable and quick fashion is effectively impossible under this approach.

What has always been needed is gaining immediate visibility into unstructured distributed data across the enterprise, through the ability to search and report across several thousand endpoints and other unstructured data sources, and return results within minutes instead of days or weeks. None of the traditional approaches come close to meeting this requirement. This requirement, however, can be met by the latest innovations in enterprise eDiscovery software.

X1 Distributed Discovery (X1DD) represents a unique approach, by enabling enterprises to quickly and easily search across multiple distributed endpoints from a central location.  Legal, cybersecurity, and compliance teams can easily perform unified complex searches across both unstructured content and metadata, obtaining statistical insight into the data in minutes, instead of days or weeks. With X1DD, organizations can proactively or reactively search for confidential data leakage and also keyword signatures of customized spear phishing attacks. Built on our award-winning and patented X1 Search technology, X1DD is the first product to offer true and massively scalable distributed searching that is executed in its entirety on the end-node computers for data audits across an organization. This game-changing capability vastly reduces costs and quickens response times while greatly mitigating risk and disruption to operations.

X1DD operates on-demand where your data currently resides — on desktops, laptops, servers, or even the Cloud — without disruption to business operations and without requiring extensive or complex hardware configurations.

Beyond providing enterprise eDiscovery and information governance functionality for an organization, employees benefit from having use of the award-winning X1 Search product to improve their productivity, with the added benefit of allowing the business to address the prevalent cybersecurity gap in addressing spear phishing attacks and other insider threats.

 

Leave a comment

Filed under compliance, Cybersecurity, eDiscovery, eDiscovery & Compliance

Microsoft Office 365 is Disrupting the eDiscovery Industry in a Major and Permanent Fashion

The adoption of cloud-based Microsoft Office 365 (“O365”) within enterprises is growing exponentially. According to a 2016 Gartner survey, 78 percent of enterprises use or plan to use Office 365, up from 64 percent in mid-2014. O365 includes built-in eDiscovery tools in the Security and Compliance Center at an additional cost. Many, but not all, O365 customers are utilizing the internal eDiscovery module, to which Microsoft is dedicating a lot of effort and resources in order to provide a go-to solution for the eDiscovery of all information located within O365. o365-logoBased upon my assessment through product demos and discussions with industry colleagues, I believe Microsoft will achieve this goal relatively soon for data housed within its O365 platform. The Equivio eDiscovery team that transitioned over to Microsoft in a 2015 acquisition is very dedicated to this effort and they know what they are doing.

But as I see it, the O365 revolution presents two major takeaways for the rest of the eDiscovery software and services industry. The first major point comes down to simple architecture. Most eDiscovery tools operate by making bulk copies of data associated with individual custodians, and then permanently migrate that data to their processing and/or review platform. This workflow applies to all non-Microsoft email archiving platforms, appliance-based processing platforms, and hosted review platforms. As far as email archiving, a third-party email archive solution requires the complete and redundant duplication, migration and storage of copies of all emails already located in O365. This is counter-productive to the very purpose of a cloud-based O365 investment. We have already seen non-Microsoft email archiving solutions on the decline in terms of market share, and with MS Exchange archiving becoming much more robust, we will only see that trend accelerate.

eDiscovery processing tools and review platforms are also fighting directly against the O365 tide.  This is especially true for processing appliances (whether physical or virtual), which address O365 collections through bulk copy and export of all of the target custodians’ data from O365 and into their appliance, where the data is then re-indexed. Such an effort is costly, time consuming, and inefficient. But the main problem is that clients who are investing in O365 do not want to see all their data routinely exported out of its native environment every time there is an eDiscovery or compliance investigation. Organizations are fine with a very narrow data set of relevant ESI leaving O365 after it has been reviewed and is ready to be produced in a litigation or regulatory matter. What they do not want is a mass export of terabytes of data because eDiscovery and processing tools need to broadly ingest that data in their platform in order to begin the indexing, culling and searching process. For these reasons, most eDiscovery software and compliance archiving tools do not play well with O365, and that will prove to be a significant problem for those developers and the service providers who utilize those tools for their processes.

The second major O365 consideration is that organizations, especially larger enterprises, rarely house all or even most of their data within O365, with hybrid cloud and on-premise environments being the norm. The O365 eDiscovery tools can only address what is contained within O365. Any on-premise data, including on-premise Microsoft sources (SharePoint, Exchange and Office docs on File Shares) cannot be readily consolidated by O365, and neither can data from other cloud sources such as Google Drive, Box, Dropbox and AWS. And of course, desktops, whether physical or virtual, are critical to eDiscovery collections and are also not supported by the O365 eDiscovery tools, with Microsoft indicating that they do not have any plans to soon address all these non-O365 data sources in a unified fashion.

So eDiscovery software providers need to have a good process to perform unified search and collection of non-O365 sources and to consolidate those results with responsive O365 data. This process should be efficient and not simply involve mass export of data out of O365 to achieve such data consolidation.

X1 Distributed Discovery (X1DD) is uniquely suited to complement and support O365 with an effective and defensible process and has distinct advantages over other eDiscovery tools that solely rely on permanently migrating ESI out of O365. X1DD enables organizations to perform targeted search and collection of the ESI of up to thousands of endpoints, as well as O365 and other sources, all in a unified fashion. The search results are returned in minutes, not weeks, and thus can be highly granular and iterative, based upon multiple keywords, date ranges, file types, or other parameters. Using X1DD, O365 data sources are searched in place in a very targeted and efficient manner, and all results can be consolidated into Microsoft’s Equivio review platform or another review platform such as Relativity. This approach typically reduces the eDiscovery collection and processing costs by at least one order of magnitude (90%). For a demonstration or briefing on X1 Distributed Discovery, please contact us.

1 Comment

Filed under Cloud Data, compliance, eDiscovery, Uncategorized