March 18, 2014 · 8:53 AM
by Barry Murphy
Many moons ago, one of my first projects as an analyst with Forrester Research was to find the answer to a seemingly simple question: what is the industry standard for storing new types of electronic information such as X-rays and other images? The client was a government agency that needed to store these records long-term and anticipated potentially needing to produce them in court many years in the future. As such, the agency needed to know how to store and find these records. The answer proved to be anything but simple – in reality, the answer was that there was no “standard” for storing this new type of content. My investigation into the topic led me to find this new market called eDiscovery and the rest is history.
The experience was interesting because it was my first foray into working with the Federal government. I went into the experience with the assumption that Federal agencies would somehow be more advanced in their information management efforts. Records management, after all, was (and still is) very important in government. But, government agencies are just like other organizations – struggling to keep up with exploding volumes of digital information, under the gun to respond to information requests (whether it is in response to Congressional inquiries, regulatory requests, or litigation), and dealing with the needs for more modern IT infrastructure elements like Virtual Desktop Infrastructure (VDI).
The only difference between government agencies and other organizations is that agencies may be under even more stringent rules for complying with investigations and for dealing with digital information management. President Obama’s Managing Government Records directive mandates that agencies manage electronic information as stringently as paper records have traditionally been managed. Agencies are under even more of a microscope than corporations, yet face the same information management challenges. Information assets are scattered across email, file systems, disparate SharePoint sites, and Cloud-based repositories. In addition, some agencies adopt newer IT infrastructure elements such as virtualization and cloud computing to stay relevant. For example, the Department of Energy deployed a virtual desktop infrastructure (VDI) in order to enable worker mobility (Source: Zurier, Steve. Agencies Deploy VDI with an Eye Toward BYOD. Fed Tech Magazine, March 18, 2013). VDI allows agencies to implement initiatives like BYOD while maintaining top-notch security.
Keeping up with modern IT infrastructure, while simultaneously responding to thousands of information requests each year – whether it is in response to Congressional inquiries, regulatory requests, or litigation – is a challenge. Before assuming that government agencies have the process under control, consider this: according to Deloitte’s Seventh Annual Benchmarking Study of Electronic Discovery Practices for Government Agencies, only 59% of respondents believed their agencies were effective in deploying eDiscovery capabilities compared to 73% in the previous year (Source: Deloitte’s Seventh Annual Benchmarking Study of Electronic Discovery Practices for Government Agencies, Spring 2013).
Why the drop in confidence? Part of the reason is that traditional search and eDiscovery products fail to effectively support agencies’ IT environments in a way that creates a true solution. Rather, traditional products have agencies creating centralized eDiscovery labs that require copying information from various systems to a central eDiscovery location. This is both time-consuming and expensive. To learn how to address information management challenges in federal agencies, click here to download a whitepaper that outlines the critical problem, its legal compliance implications, and compelling solutions that help agencies develop built-in search and eDiscovery capabilities that reduce costs and improve operational productivity.
Filed under Information Management, Records Management
Tagged as agencies, agency, BYOD, cloud, Deloitte, Department of Energy, digital, DoE, e-discovery, eDiscovery, Federal, Forrester Research, government, infrastructure, Investigations, IT, mandates, Obama, Records, SharePoint, Steve Zurier, VDI, Virtual Desktop Infrastructure
February 26, 2014 · 1:13 PM
by Barry Murphy
Last week, this blog featured highlights from the very successful SharePoint eDiscovery webinar with Reed Smith. It is a topic that came up time and again in my tenure as an analyst; companies and government Agencies are becoming tightly bound to SharePoint and want to be sure that eDiscovery ordeals can be avoided.
Microsoft SharePoint continues to gain widespread traction in organizations large and small. A recent Forrester Research survey found that 66% of respondents will deploy SharePoint server in the next 12 months (source: Forrester Research August 2013 Global SharePoint Usage online survey). The attraction to SharePoint is obvious – the system creates business benefits: enabling collaboration in efficient ways; providing ways to track versions of documents edited by multiple parties; allowing non-technical business people to apply basic workflow to content-driven processes, and providing faster access to information (via search and integration with the MS Office suite of apps).
For the value it creates, SharePoint can cause eDiscovery and information governance headaches if proper planning does not take place. It is all too easy to assume that if information is searchable, eDiscovery will be no problem when the time comes. But, as is often the case in life, the devil is in the details. Because SharePoint allows users to add value to content (e.g. adding workflow tasks), there is the factor of metadata to consider.
In eDiscovery, metadata is a critical component of ESI that can wreak havoc on collection efforts. When we talk about metadata for native ESI, we are usually concerned about the Operating System (OS) fields that are kept in the File Allocation Table (FAT). Different OS formats support a wide variety of fields such as different dates, attributes, permissions and file name formats (long vs. short). These fields are not usually stored within the actual file and so are very vulnerable to alteration or complete loss when items are read or copied. Forensic collection is focused on preserving this ‘envelope’ information so that evidence can be authenticated and the context reconstructed in court. That is only half of the metadata story. Microsoft Office and other programs retain non-displayed information within the header and body of all common file types, especially with the adoption of the XML based Office 2007 file formats.
This metadata issue is only extended with SharePoint because most collection efforts are focused only on grabbing SharePoint document libraries (as they are stored on file systems). But SharePoint is so much more than document libraries (if it weren’t, it would simply be another file share sitting out there).
A defensible SharePoint collection solution will be able to capture document libraries, metadata, and truly enable contextual preservation. When considering a SharePoint collection tool be sure that it:
- Allows for incremental preservation, monitoring changes, identifying and preserving different document versions, and incrementally preserve to multiple matters over time
- Maps to custodian access and prevent over-preservation, collecting and preserving only what is relevant to a particular custodian, not the entire SharePoint site
- Is deployable in the same fashion as SharePoint, which tends to be highly decentralized and siloed; thus the collection solution should be deployable on-demand, directly to SharePoint sites through a highly automated, remote installation, with intuitive administration and operation performed through a standard web browser
At the end of the day, informed customers will make sure that the collection tool can get more than just SharePoint document libraries, but all metadata, as well. Also, look for solutions that will not impact the production environment too heavily; you don’t want to bring SharePoint to its knees when it is a valuable business application. And finally, get legal and IT together on the same page about how to reasonably prove that your SharePoint preservation and collection methodologies and tools are defensible.
Filed under Information Governance
Tagged as Barry Murphy, collection, defensible, document libraries, e-discovery, eDiscovery, ESI, Forrester Research, metadata, Microsoft, Microsoft Office, preservation, Reed Smith, search, SharePoint, Webinar