How to Like E-Discovery, Security and Social Media. Dr. Gavin W. Manes, CEO

Similar documents
Employee Privacy, Digital Evidence, and the CFE. Kenneth C. Citarella, M.B.A., J.D., CFE Managing Director, Investigations Guidepost Solutions LLC

DIGITAL EVIDENCE TOOL BOX

Applications for Preservation and Production in our Digital World

3/13/2018. Legal Hold Notices, the Duty to Preserve, and Electronically Stored Information ( ESI ) What is Electronically Stored Information ( ESI )?

Shielding the Organization from Data Risk & E- Discovery Failures

Cyber Risks in the Boardroom Conference

BYOD (Bring Your Own Device): Employee-owned Technology in the Workplace

Data Inventory and Classification, Physical Devices and Systems ID.AM-1, Software Platforms and Applications ID.AM-2 Inventory

A Privacy and Cybersecurity Primer for Nonprofits Nonprofits in the Digital Age March 9, 2016

Practical ESI Discovery Iowa Defense Counsel. Phil A. Burian 6/10/14 1

FERPA & Student Data Communication Systems

What every attorney should know about E-security Also, ESI

Elements of a Swift (and Effective) Response to a HIPAA Security Breach

Employee Security Awareness Training Program

Data Breach Preparedness & Response

Data Breach Preparedness & Response. April 16, 2015 Daniel Nelson, C EH, CIPP/US Lucas Amodio, C EH

CYBERSECURITY IN THE POST ACUTE ARENA AGENDA

E-DISCOVERY. The process in which electronic data is sought, located, secured, using it as evidence in a civil or criminal legal case.

POLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6

Privacy Statement. Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information

The simplified guide to. HIPAA compliance

THE SEDONA CONFERENCE JUMPSTART OUTLINE :

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

Incident Response and Cybersecurity: A View from the Boardroom

Real-world Practices for Incident Response Feb 2017 Keyaan Williams Sr. Consultant

25 ESI and E-Discovery Terms. (in 75 minutes!) for Mediators

Employee Departure Checklist

Preservation, Retrieval & Production. Electronic Evidence: Tips, Tactics & Technology. Issues

Cloud Security Whitepaper

Deloitte Discovery Caribbean & Bermuda Countries Guide

HIPAA COMPLIANCE AND

Not Just Another Day of HIPAA

When Recognition Matters WHITEPAPER CLFE CERTIFIED LEAD FORENSIC EXAMINER.

The Big (and Expensive) Dig: Mining for Data in Megaproject Arbitration

Protecting your Data in the Cloud. Cyber Security Awareness Month Seminar Series

Oracle Data Cloud ( ODC ) Inbound Security Policies

What is Cybersecurity?

Building YOUR Privacy Program: One Size Does Not Fit All. IBM Security Services

Cloud Communications for Healthcare

NMHC HIPAA Security Training Version

Discovery Attender. Version 2.2. White Paper. Discovery Attender is a member of the Attender Utilities family.

10 Hidden IT Risks That Might Threaten Your Business

Avoiding the Pitfalls of Bring Your Own Device Policies

Hacking and Cyber Espionage

Five Ways to Improve Electronic Patient Record Handling for HIPAA/HITECH with Managed File Transfer

Disaster Planning and Business Continuity

SAMPLE LITIGATION HOLD NOTICES

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

CLOUD REPORT LITTLE CHANGE IN GDPR-READINESS LEVELS WITH MAY 2018 DEADLINE LOOMING. 24.6% of cloud services rated high on GDPR-readiness

Cybersecurity Auditing in an Unsecure World

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

Total Cost of Ownership: Benefits of the OpenText Cloud

Hallmark Solutions Limited PRIVACY NOTICE

DuncanPowell RESTRUCTURING TURNAROUND FORENSIC

Total Cost of Ownership: Benefits of ECM in the OpenText Cloud

Information Security in Corporation

Finding Holes in Productions Best Practices in Testing & Reporting on ESI Adequacy Using Modern Analytics

Pinpoint Labs ESI Collection Tools

The GDPR Are you ready?

Federal Rules of Civil Procedure IT Obligations For

HIPAA. Developed by The University of Texas at Dallas Callier Center for Communication Disorders

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

E-DISCOVERY PRESENTATION E-DISCOVERY 101: BASICS

Lesson Three: False Claims Act and Health Insurance Portability and Accountability Act (HIPAA)

ZEROING IN DATA TARGETING IN EDISCOVERY TO REDUCE VOLUMES AND COSTS

SPECIAL REVIEW - SURPLUS COMPUTER EQUIPMENT DATA REMOVAL SPECIAL REPORT OCTOBER 2003

Matt Danner Flashback Data

Mobile Device Policy. Augusta University Medical Center Policy Library. Policy Owner: Information Technology Support and Services

Refreshing Your Records Management. Tracy Rebstock, Southwest Regional Archivist

TERMS OF USE Terms You Your CMT Underlying Agreement CMT Network Subscribers Services Workforce User Authorization to Access and Use Services.

716 West Ave Austin, TX USA

Take control of your e-discovery process. Increase efficiency, reduce risk and keep costs in line with an integrated solution.

Virginia Commonwealth University School of Medicine Information Security Standard

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

8 COMMON HIPAA COMPLIANCE ERRORS TO AVOID

CYBER THREATS: REAL ESTATE FRAUD ADVISORY COUNCIL

SURVIVING THE CYBERPOCALYPSE. Craig Felty Vice President, Patient Care Services Hancock Regional Hospital

ediscovery: Tips and Traps Mary Lou Flynn-Dupart David S. Curcio Jennifer Bryant Jackson Walker LLP

BEST PRACTICES FOR PERSONAL Security

FROM TACTIC TO STRATEGY:

Electronic Discovery in Employment Cases: What Every Employer Needs to Know. Presented By: Shannon Cohorst Johnson

The Trail of Electrons

Hire Counsel + ACEDS. Unified Team, National Footprint Offices. ediscovery Centers

Managing Your Record Retention Policy Safely

Data protection. 3 April 2018

Computer Security Incident Response Plan. Date of Approval: 23-FEB-2014

Putting It All Together:

Law Prac ce Management MCLE Mee ng ARC May 27, 2014

Data Security and Privacy at Handshake

How Secure Do You Feel About Your HIPAA Compliance Plan? Daniel F. Shay, Esq.

Digital Forensics for Attorneys

Product Overview Archive2Azure TM. Compliance Storage Solution Based on Microsoft Azure. From Archive360

2010 E-discovery Best Practices from Real-World Cases

This factsheet intends to provide guidance on how you can manage your s. You will discover:

Enviro Technology Services Ltd Data Protection Policy

HIPAA Compliance and OBS Online Backup

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA

By John P Collins, JD DTI, Director of Information Governance & Office 365 Consulting

Data Security and Privacy Principles IBM Cloud Services

PEDs in the Workplace: It s a Mad, Mad BYOD World

Transcription:

How to Like E-Discovery, Security and Social Media Dr. Gavin W. Manes, CEO

Gavin W. Manes, Ph.D. CEO, Avansic Doctorate in Computer Science from TU Scientific approach to e- discovery Published over fifty papers on e-discovery, forensics and security, presented at hundreds of events Expert witness

ESI Processing

Who are the Players? Clients/Corporations Organize and know where data is Continue doing business carefully Law Firm Direct discovery Plan and strategize EARLY Choose technology partners [vendor, in-house, client] Review and redact ESI vendor Communicate well with parties Recommend best course of action based on experience Manage expectations Execute project plan as efficiently as possible

What Are the Legal Team s Choices? Preservation Use client resources; hire vendor; use law firm s staff Processing Hire vendor; use client or law firm resources; some of each Search terms; deduplication; email threading; Review Use analytics and concept clustering; use predictive coding or technology assisted review; put eyes on every document Use hosted review tool; use PDFs, fileshares and spreadsheets; use desktop review tool; internally host tool at the firm Use contract reviewers; use law firm reviewers; use client reviewers Production Use review tool to package documents into loadfiles; use PDFs

Small Sized E-Discovery Case Examples Opposing counsel sends over a DVD with the results of a keyword search: a PST of someone s email and a hundred loose files Need to find all the text messages to and from a specific phone number on one person s cell phone Client gives you a hard drive with four PSTs in order to determine correspondence with keywords within a two week timeframe Scan one box of paper documents, including 4 CDs, to online review tool for attorney review

Small Sized E-Discovery Case Choices Collection options: corporate IT create a copy of the email store and hard drive (careful!), forensic copy created by vendor Processing options: no processing, load to simple online processing/review tool, vendor indexing, filtering, de-dupe Review options: straight review of the images by attorney, load to review tool (desktop or hosted) Production options: create pdfs, produce from desktop/hosted tool Or, a hybrid

Medium Sized E-Discovery Case Examples A forensic examination of an ex-employee s hard drive and cell phone where it is believed they took proprietary information to their next employer Expert authentication of a set of ten email, photographs and documents Keyword search of two years of email for 6 custodians and their loose and paper files, including attorney review, coding, and production

Medium Sized E-Discovery Case Choices Collection choices: forensic imaging (internal or vendor), remote collection of DropBox Processing choices: load to simple processing/review tool (desktop or hosted), vendor indexing, filtering, de-dupe Review choices: load to review tool (desktop or hosted) Production choices: produce from desktop/hosted tool Or, a hybrid

Large Sized E-Discovery Case Scenarios Remote collection of multiple server shares for large date range (email and files), concept clustering, attorney review for hot documents Onsite collection of six computers and cell phones, keyword search, attorney privilege review, production to opposing One dozen employees email, filtering and attorney review in response to government subpoena

Large Sized E-Discovery Case Choices Collection choices: use internal or external resources to create forensic images, use remote assisted collection when possible Processing choices: load to robust processing/review tool (using vendor or internal resources) to indexing, filtering, de-dupe, cluster Review choices: load to review tool, use contract reviewers if necessary Production options: produce or direct vendor to produce, multiple levels of QC Or, a hybrid

Connected Devices

E-Discovery and Security Deepest Darkest Secrets Challenges at every phase of e-discovery Preservation: custody and control Processing: no comingling, secure laboratory at vendor, encryption Review: strong user authentication, auditing and tracking Data storage: insecure file-sharing (Dropbox, etc.) Communication: careful with non-encrypted email Each additional layer of security means a reduction in convenience Time Ease of technology use Encryption

What is the Cloud? Using a shared pool of configurable computing resources (NIST) Gmail (or any other webmail) DropBox or Google Documents Offsite application hosting Your office network Types Software Common Use someone else s software to perform an operation Software as a Service Hardware Using someone else s processing power IE, animation company rendering graphics

Free Data Security - Encryption Encoding data/ messages so only authorized parties can read them Does NOT prevent interception (it actually expects it) Not just password protection the stored data is secured Every extra security measure introduces a loss of convenience Generally free (BitLocker, 7-Zip AES encryption) Key management, personnel training, small to medium IT burden Could become requirement by ABA ethics

HIPAA Case Study Malpractice suit against a hospital, so HIPAA applies Lead attorney Contacted the firm s IT to discuss requirements: NIST 800-111 for data at rest, NIST 800-52 or 800-77 for data in motion Requested that any productions from any party be encrypted Interviewed e-discovery vendors, specifically about encryption and HIPAA BAAs Firm IT and Vendor Made changes in hardware, software and procedure to meet NIST standards Vendor created secure FTP and ability to encrypt email Vendor offered an online review tool that met the requirements Project Progression Everyone gets BAAs (Business Associate Agreements) Vendor received the encrypted drive, processed and loaded to review Physically & logically separated this case s data from all others Attorneys reviewed and coded documents Vendor created production, encrypted it, sent to the firm When case was complete, the firm and the vendor destroyed data per NIST 800-88

Ransomware Hack

Social Media and Cloud Preservation Huge amount of personal and corporate information Time is of the essence - preserve key data immediately Must be handled as evidence in order to ensure admissibility Some sites have a self-preserve feature (Facebook) Not easy Some service providers are cooperative, most are NOT! Cloud/synced data can be difficult to locate Related mobile data is stored In the cloud and/or synced to another computer or server On the device itself On-device storage is limited and therefore overwrites quickly BYOD issues (Bring Your Own Device) Mobile devices make access easy Purpose is to freely share information Publicly dispersed rather than specifically targeted (i.e., e-mail)

Social Media - Who Owns the Content? Individual employees tasked with social media content/posts Does company own the profile and any associated posts? Or does the person who posted? Twitter: PhoneDog v. Kravitz editor-in-chief started a Twitter account for the company then left, claimed the followers and content were his personally, company sued for economic interference, the case is ongoing Eagle vs. Edcomm Company shut down an employee s LinkedIn account after she left, court ruled that it did not violate the Computer Crimes and Abuse Act No universal ruling, case-by-case basis

The Internet Has a Memory Very difficult to take back something said or shared on the Internet Erasing profiles is expensive and hard Most hosting sites have cached versions of posts and pages Even if those are deleted, anyone who viewed that page may have pieces left on their computer Wayback machine Imagine if corporate data was inadvertently exposed or shared Or privileged information Careful, thorough and clear policies Careful control and selection of the individuals who can post on behalf of the company

Conclusion Carefully balance risks and benefits Cloud Social Media Portable Devices Computer Use Consider yourself, your firm and your client Security and privacy are paramount with electronic data Increasing security usually means decreasing convenience

avansic.com Corporate Office First Place Tower, Suite 1800 15 E. Fifth St, Tulsa, OK 74103

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback