Today's cloud-computing vendors focus on infrastructure, but that won't be the case for long. It can't be. As competing vendors seek to differentiate themselves, they're going to move "up the stack" into applications.
It's like the history of enterprise computing, played out in months and years instead of decades.
Oracle arguably set this strategy in motion when it acquired its way to a complete infrastructure-plus-applications portfolio to lower customer acquisition costs and improve its competitive differentiation for CIOs. IBM and Microsoft also went that route, though to differing degrees and in different ways.
Cloud-computing platform vendors are going to have to do the same thing, except they don't have the luxury of waiting.
It's not enough for cloud vendors to build the infrastructure and pray, "Field of Dreams" style, that customers will come. They won't. Not without applications and a host of other issues worked out for them, not by them.
Even Google, born in the cloud, recognizes this. Instead of forcing government customers into its public cloud, the company is building a dedicated cloud for government organizations in the U.S. Google's reasoning?
To Continue Reading: Click Here
------------------------------------------------
Source: CNet
By: Matt Asay
Wednesday, December 30, 2009
Not Yet A Gartner E-Discovery Magic Quadrant, But Still A Gartner E-Discovery MarketScope
Earlier this month, Gartner published its third annual MarketScope For E-Discovery Product Vendors. Written by Debra Logan, Whit Andrews, and John Bace, the report is an excellent survey of this rapidly evolving market. It is also a useful buyer’s guide for anyone considering a purchase of electronic discovery software, since it analyzes and rates various e-discovery players. You can buy the report at Gartner’s site, or access a complimentary copy here.
The report covers 18 e-discovery software vendors. Missing from the report are e-discovery hosted/software-as-a-service (SaaS) providers and small e-discovery software vendors. Gartner believes the market is maturing and only larger companies are viable in the long run. So it increased the minimum annual revenue requirement for inclusion in the report to $15 million.
To Continue Reading: Click Here
-----------------------------------------------
Source: clearwellsystems.com
By: Aaref Hilaly
The report covers 18 e-discovery software vendors. Missing from the report are e-discovery hosted/software-as-a-service (SaaS) providers and small e-discovery software vendors. Gartner believes the market is maturing and only larger companies are viable in the long run. So it increased the minimum annual revenue requirement for inclusion in the report to $15 million.
To Continue Reading: Click Here
-----------------------------------------------
Source: clearwellsystems.com
By: Aaref Hilaly
Tuesday, December 29, 2009
Legal Process Outsourcing: 2010 challenges ahead
WITH THE countdown for 2010 on, it becomes more than necessary and desirable to look at the major events of the year going by and to assess our preparedness for the coming year.
This year 2009 is testimony to a phenomenal growth in the offshore outsourcing of legal processes wherein a majority of deals were with Indian vendors. Freshfields Bruckhaus Deringer, Linklaters, Slaughter and May, Osborne Clarke, Simmons and Simmons, Rio Tinto, Eversheds, Pinsent Masons are a few of the names in the news for outsourcing their legal processes to offshore destinations this year.
Infact as soon as they realized that offshore outsourcing is now the new level of globalization and the company’s, which earlier faced the question of whether or not to outsource were left with the only option to decide when to outsource, the situation moved from a may-be to a must-be. Offshore outsourcing today is neither a desire nor an option rather it is the support system of all globalizing companies, of all who wish to grow in this ever integrating competitive world. As one often tell friends in the industry, “One can't do today's job with yesterday's methods and be in business tomorrow”.
To Continue Reading: Click Here
-----------------------------------------------
Source: merinews.com
By: Jagriti Mishra
This year 2009 is testimony to a phenomenal growth in the offshore outsourcing of legal processes wherein a majority of deals were with Indian vendors. Freshfields Bruckhaus Deringer, Linklaters, Slaughter and May, Osborne Clarke, Simmons and Simmons, Rio Tinto, Eversheds, Pinsent Masons are a few of the names in the news for outsourcing their legal processes to offshore destinations this year.
Infact as soon as they realized that offshore outsourcing is now the new level of globalization and the company’s, which earlier faced the question of whether or not to outsource were left with the only option to decide when to outsource, the situation moved from a may-be to a must-be. Offshore outsourcing today is neither a desire nor an option rather it is the support system of all globalizing companies, of all who wish to grow in this ever integrating competitive world. As one often tell friends in the industry, “One can't do today's job with yesterday's methods and be in business tomorrow”.
To Continue Reading: Click Here
-----------------------------------------------
Source: merinews.com
By: Jagriti Mishra
Patriot Act May Hamper Cloud Computing Adoption
The common wisdom concerning e-mail these days is that it’s all heading into the cloud. After all, it’s difficult to manage and, as a basic utility of computing, in and of itself it doesn’t provide a lot of strategic value.
But Sendmail CEO Don Massaro would beg to differ with conventional cloud computing wisdom when it comes to e-mail in large enterprises. While Massaro concedes that e-mail delivered via the cloud will be a fairly common approach for small-to-medium (SMB) businesses, larger corporations are going to think long and hard about the legal and regulatory implications of such a move.
The issue that Massaro says will result in most large corporations refraining from putting too much data in the cloud is the existence of “Federal Letters,” otherwise known as National Security Letters. Under the provisions of the Patriot Act, these can be used to require carriers to turn over records and data concerning individual customers if asked to do so by the Federal government.
To Continue Reading: Click Here
-----------------------------------------------
Source: itbusinessedge.com
By: Michael Vizard
But Sendmail CEO Don Massaro would beg to differ with conventional cloud computing wisdom when it comes to e-mail in large enterprises. While Massaro concedes that e-mail delivered via the cloud will be a fairly common approach for small-to-medium (SMB) businesses, larger corporations are going to think long and hard about the legal and regulatory implications of such a move.
The issue that Massaro says will result in most large corporations refraining from putting too much data in the cloud is the existence of “Federal Letters,” otherwise known as National Security Letters. Under the provisions of the Patriot Act, these can be used to require carriers to turn over records and data concerning individual customers if asked to do so by the Federal government.
To Continue Reading: Click Here
-----------------------------------------------
Source: itbusinessedge.com
By: Michael Vizard
Monday, December 28, 2009
Don't Overlook Federal or State Data Regulations
Tracking new regulations and compliance rulings from federal and state government can be dizzying—they include FRCP, HIPAA, GLB, and more. But now more than ever, the government expects all businesses to comply, not just large corporations.
Today, every company is responsible for its data and for securing its customers’ information, no matter how much it costs to do so. In today’s litigious business world, the possibility of being dragged into a lawsuit is very real, and if that happens, you will likely need to make your information available to the process. And woe to the company that cannot comply with basic regulations, because a judge will not accept that you thought those requirements applied only to the big companies.
A good example is a recent investigation involving Freddie Mac. A small agency working with Freddie Mac was pulled into the investigation, and the agency had to complete a request by the government for an electronic discovery search. The agency assumed the cost would be minor, but it did not have an automated approach to managing its data in place. The inaccessibility of the data required an army of attorneys and staff to perform a hands-on physical review. The cost came to $6 million. When the agency sought relief, it was turned down by an appeals court. It should have known better.
To Continue Reading: Click Here-----------------------------------------------
Source: businessweek.com
By: Ursula Talley
10 big cloud trends for 2010
Look for tougher SLAs, simpler and less-expensive pricing and better tech.
Cloud computing is clearly worming its way into the enterprise, especially as a testing and development environment and as a platform for less than critical apps and services. But cloud vendors are, in short, still trying to grow up and become a platform for business-critical applications. They're already working on standards and security issues, improving service level agreements and encouraging vendors to embrace the meter of pricing based on software use -- not per-seat cost.
With that as backdrop, 2010 will be all about moving enterprises to the cloud. Here are the trends driving it.
Commodity cloud price slashing continues
Amazon EC2 cut prices up to 15% in November. A small standard Linux-based instance went from 10 cents to 8.5 cents an hour. That same month, Google cut its Picasa photo storage pricing from $20 to $5 for a year. Cloud-based apps are on a similar trajectory. Microsoft's Business Productivity Online Suite, which includes the SaaS versions of Exchange, went from $15 a month per user to $10. Anchoring pricing is Google's Apps Premier Edition at $50 per year. Cloud pricing is getting so low it's "ludicrous," quipped Jeff Maling, CEO of Roundarch Inc., a Web services consultancy in Chicago.
"They are pricing very aggressively to get volume on the platform," he said.
To Continue Reading: Click Here
-----------------------------------------------
Source: Computerworld
By: Patrick Thibodeau
Cloud computing is clearly worming its way into the enterprise, especially as a testing and development environment and as a platform for less than critical apps and services. But cloud vendors are, in short, still trying to grow up and become a platform for business-critical applications. They're already working on standards and security issues, improving service level agreements and encouraging vendors to embrace the meter of pricing based on software use -- not per-seat cost.
With that as backdrop, 2010 will be all about moving enterprises to the cloud. Here are the trends driving it.
Commodity cloud price slashing continues
Amazon EC2 cut prices up to 15% in November. A small standard Linux-based instance went from 10 cents to 8.5 cents an hour. That same month, Google cut its Picasa photo storage pricing from $20 to $5 for a year. Cloud-based apps are on a similar trajectory. Microsoft's Business Productivity Online Suite, which includes the SaaS versions of Exchange, went from $15 a month per user to $10. Anchoring pricing is Google's Apps Premier Edition at $50 per year. Cloud pricing is getting so low it's "ludicrous," quipped Jeff Maling, CEO of Roundarch Inc., a Web services consultancy in Chicago.
"They are pricing very aggressively to get volume on the platform," he said.
To Continue Reading: Click Here
-----------------------------------------------
Source: Computerworld
By: Patrick Thibodeau
"International Man of Mystery" Sanctioned for Contempt of Court and Intentional Spoliation
TR Investors, LLC v. Genger, 2009 WL 4696062 (Del. Ch. Dec. 9, 2009) (Unpublished)
In this case, defendant Arie Genger was held in contempt and found to have intentionally spoliated relevant documents in violation of a court order following his instruction to his personal IT consultant to wipe the unallocated space of his company’s computer system which his consultant then carried out. Declining to impose terminating sanctions, the court instead ordered that Genger produce 10 documents previously subject to a claim of privilege, that the burden of persuasion as to Genger’s affirmative defenses and counter-claims be raised one level, that Genger was precluded from prevailing on any material factual issue by reason of his testimony alone, and that Genger pay for plaintiffs’ reasonable attorneys’ fees and expenses in the amount of $750,000.
As of June 2008, defendant Genger was the Chief Executive Officer of TRI, a company that he founded. Plaintiff, The Trump Group, owned a sizeable portion of the company’s stock and had representatives on the board of directors. Eventually, for reasons unimportant to the discovery issues at hand, TRI sought to take over the company and to remove Genger from his position. Litigation ensued. While attempting to settle their disputes, the parties submitted to the court a stipulated status quo order which included a provision that prohibited tampering with or destroying company records.
It turned out that Genger was not a run of the mill CEO. Instead, aside from his usual business interests, Genger had high level contacts within the Israeli government for whom he performed “sensitive tasks” related to Israel’s national security. (As the court noted, “[a]lthough Mike Myers may have made millions by bringing to the big screen his take on what it is like to be an "international man of mystery," Arie Genger, as it turns out, is such a man.”) Highly sensitive documents related to his Israeli contacts were stored on his work computer and server, along with other personal documents. Concerned that his personal information would be viewed by members of The Trump Group, Genger undertook to segregate his personal documents from those relevant to the litigation. In doing so, Genger was substantially assisted by attorneys for TRI who in turn employed an outside technology firm to identify and encrypt personal confidential documents and to preserve documents related to the business of TRI.
To Continue Reading: Click Here
---------------------------------------------
Source: ediscoverylaw.com
In this case, defendant Arie Genger was held in contempt and found to have intentionally spoliated relevant documents in violation of a court order following his instruction to his personal IT consultant to wipe the unallocated space of his company’s computer system which his consultant then carried out. Declining to impose terminating sanctions, the court instead ordered that Genger produce 10 documents previously subject to a claim of privilege, that the burden of persuasion as to Genger’s affirmative defenses and counter-claims be raised one level, that Genger was precluded from prevailing on any material factual issue by reason of his testimony alone, and that Genger pay for plaintiffs’ reasonable attorneys’ fees and expenses in the amount of $750,000.
As of June 2008, defendant Genger was the Chief Executive Officer of TRI, a company that he founded. Plaintiff, The Trump Group, owned a sizeable portion of the company’s stock and had representatives on the board of directors. Eventually, for reasons unimportant to the discovery issues at hand, TRI sought to take over the company and to remove Genger from his position. Litigation ensued. While attempting to settle their disputes, the parties submitted to the court a stipulated status quo order which included a provision that prohibited tampering with or destroying company records.
It turned out that Genger was not a run of the mill CEO. Instead, aside from his usual business interests, Genger had high level contacts within the Israeli government for whom he performed “sensitive tasks” related to Israel’s national security. (As the court noted, “[a]lthough Mike Myers may have made millions by bringing to the big screen his take on what it is like to be an "international man of mystery," Arie Genger, as it turns out, is such a man.”) Highly sensitive documents related to his Israeli contacts were stored on his work computer and server, along with other personal documents. Concerned that his personal information would be viewed by members of The Trump Group, Genger undertook to segregate his personal documents from those relevant to the litigation. In doing so, Genger was substantially assisted by attorneys for TRI who in turn employed an outside technology firm to identify and encrypt personal confidential documents and to preserve documents related to the business of TRI.
To Continue Reading: Click Here
---------------------------------------------
Source: ediscoverylaw.com
Friday, December 25, 2009
Happy Holidays from EDD Blog Online
Wishing you and yours a safe and happy holiday season. Thank you all for your support throughout 2009, best wishes on a prosperous 2010.
Cheers
EDD Blog Online
Cheers
EDD Blog Online
Thursday, December 24, 2009
FORENSIC FILES: Clouds on the horizon
You may not know it, but we are yet again poised on the edge of a potential revolution in computing.
It's called "cloud computing" and it's drawing quite a bit of attention these days. If you use web mail, Facebook or Google Docs, you are already in the cloud. Interested parties include not only Chief Information Officers and IT folks, but those of us in electronic discovery as well. So, what exactly is this cloud computing?
In essence, cloud computing is computing services delivered on demand over the Internet. Cloud computing can offer much, if not all, of your desktop or network functionality over the Internet. Cloud services include word processing, sales force management, storage and email just to name a few.
These services are generally broken into three categories: Software as a Service (Saas), Infrastructure as a Service (Iaas) and Platform as a Service (Paas). Let's look a little closer at each.
Software as a Service could include a wide range of offerings from common office applications (like word processing, spreadsheets, etc) to customized applications targeted to sales and human resources.
Infrastructure as a Service replaces much of a company's traditional network including PC's and servers, along with their associated processing, memory and storage.
Lastly, Platform as a Service allows developers to create custom applications on a wide variety of platforms without having to actually purchase the supporting hardware and software.
To Continue Reading: Click Here
---------------------------------------------
Source: wvrecord.com
By: JOHN SAMMONS
It's called "cloud computing" and it's drawing quite a bit of attention these days. If you use web mail, Facebook or Google Docs, you are already in the cloud. Interested parties include not only Chief Information Officers and IT folks, but those of us in electronic discovery as well. So, what exactly is this cloud computing?
In essence, cloud computing is computing services delivered on demand over the Internet. Cloud computing can offer much, if not all, of your desktop or network functionality over the Internet. Cloud services include word processing, sales force management, storage and email just to name a few.
These services are generally broken into three categories: Software as a Service (Saas), Infrastructure as a Service (Iaas) and Platform as a Service (Paas). Let's look a little closer at each.
Software as a Service could include a wide range of offerings from common office applications (like word processing, spreadsheets, etc) to customized applications targeted to sales and human resources.
Infrastructure as a Service replaces much of a company's traditional network including PC's and servers, along with their associated processing, memory and storage.
Lastly, Platform as a Service allows developers to create custom applications on a wide variety of platforms without having to actually purchase the supporting hardware and software.
To Continue Reading: Click Here
---------------------------------------------
Source: wvrecord.com
By: JOHN SAMMONS
Wednesday, December 23, 2009
Obama Cyber Czar Choice Worries About Smartphones, Social Networking
In choosing Howard Schmidt as cyber czar President Obama has gotten someone who has held a similar job in a previous administration, has varied experience at high-level corporate jobs, was a frequent panelist at security conferences and who has even written a book on defending the Internet.
Schmidt served under President George W. Bush for three years, ultimately resigning after producing the "National Strategy to Secure Cyberspace."
Because of his high profile past as CSO of Microsoft (MSFT) and CISO of eBay (EBAY), during which he spoke often at public forums, there is a broad record of his thoughts on network security, from smartphone threats to equating cyber security to physical security.Ten 2010 IT Security Predictions
The new cyber czar favors government promotion of education, research and prodding vendors to produce more secure products that will work their way into everyday use. "What is the government doing to make sure universities and companies have dollars to do research that will enhance security?" Schmidt said in a 2008 interview with Computer World. "There is R&D that needs to be done that may not benefit homeland security but it might create the next generation of the Internet that is more secure."
To Continue Reading: Click Here
---------------------------------------------
Source: cio.com
By: Tim Greene
Schmidt served under President George W. Bush for three years, ultimately resigning after producing the "National Strategy to Secure Cyberspace."
Because of his high profile past as CSO of Microsoft (MSFT) and CISO of eBay (EBAY), during which he spoke often at public forums, there is a broad record of his thoughts on network security, from smartphone threats to equating cyber security to physical security.Ten 2010 IT Security Predictions
The new cyber czar favors government promotion of education, research and prodding vendors to produce more secure products that will work their way into everyday use. "What is the government doing to make sure universities and companies have dollars to do research that will enhance security?" Schmidt said in a 2008 interview with Computer World. "There is R&D that needs to be done that may not benefit homeland security but it might create the next generation of the Internet that is more secure."
To Continue Reading: Click Here
---------------------------------------------
Source: cio.com
By: Tim Greene
Ruling Gives Guidance on Native Production
The production of electronically stored information in native file format continues to be a topic of interest for litigators. For those (and there are many) still confused, help may be on the way. Several recent decisions indicate that a consistent body of guidance is developing in the case law on this topic.
For the uninitiated, a document's "native format" is the "default format of a file."[FOOTNOTE 1] Files in their native format are usually read using the software program originally used to create them, as opposed to a generic reader, such as Adobe Acrobat, that is used to access files once they have been converted from their native format into another form, such as PDF files.[FOOTNOTE 2]
Unlike paper documents, which are fixed in form, ESI exists in a dynamic state such that the form in which it is kept in the regular course of business can evolve and be continuously manipulated. Because it "includes the metadata for the electronic document,"[FOOTNOTE 3] the native format can reveal its history, such as when a document was last edited and by whom.
Certain files, such as voluminous electronic spreadsheets or databases, can in some cases be rendered practically unusable when printed out and produced in paper format, making their production in native format almost a necessity in certain circumstances.[FOOTNOTE 4] No wonder, then, that more and more parties are requesting -- and more courts are requiring -- production of at least some types of data in native format.
Cenveo Corp. v. Southern Graphic Systems,[FOOTNOTE 5] a ruling from the U.S. District Court for the District of Minnesota, is one such case.
The facts of the underlying litigation are easily stated. Plaintiff Cenveo Corp. alleged that defendant Southern Graphic Systems lured employees away from Cenveo, and that those employees brought proprietary and confidential information with them when they joined SGS.[FOOTNOTE 6]
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: H. Christopher Boehning and Daniel J.Toal
For the uninitiated, a document's "native format" is the "default format of a file."[FOOTNOTE 1] Files in their native format are usually read using the software program originally used to create them, as opposed to a generic reader, such as Adobe Acrobat, that is used to access files once they have been converted from their native format into another form, such as PDF files.[FOOTNOTE 2]
Unlike paper documents, which are fixed in form, ESI exists in a dynamic state such that the form in which it is kept in the regular course of business can evolve and be continuously manipulated. Because it "includes the metadata for the electronic document,"[FOOTNOTE 3] the native format can reveal its history, such as when a document was last edited and by whom.
Certain files, such as voluminous electronic spreadsheets or databases, can in some cases be rendered practically unusable when printed out and produced in paper format, making their production in native format almost a necessity in certain circumstances.[FOOTNOTE 4] No wonder, then, that more and more parties are requesting -- and more courts are requiring -- production of at least some types of data in native format.
Cenveo Corp. v. Southern Graphic Systems,[FOOTNOTE 5] a ruling from the U.S. District Court for the District of Minnesota, is one such case.
The facts of the underlying litigation are easily stated. Plaintiff Cenveo Corp. alleged that defendant Southern Graphic Systems lured employees away from Cenveo, and that those employees brought proprietary and confidential information with them when they joined SGS.[FOOTNOTE 6]
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: H. Christopher Boehning and Daniel J.Toal
Sanctions Ordered Against Goodwin Procter Over Delay in Releasing E-Mail
A special master has ordered sanctions against Applied Materials Inc. and attorneys at Boston-based Goodwin Procter for stalling in releasing an e-mail by the company's chief executive.
Special master Thomas Denver, in the U.S. District Court for the Northern District of California, ordered Applied Materials and Goodwin Procter on Friday to pay Advanced Micro-Fabrication a yet-to-be-finalized monetary award. The sanctions follow Advanced Micro-Fabrication's repeated demand during discovery for an e-mail written by Applied Material's Chief Executive Michael Splinter.
Applied Materials, which makes machines that manufacture semiconductor chips, sued competitor Advanced Micro-Fabrication for allegedly stealing trade secrets, interfering with contractual relations, conversion and unfair competition under California laws.
Advanced Micro-Fabrication asked for $25,777.50 in sanctions based on the costs associated with filing a second motion to compel, and Denver asked the company to produce invoices to support the request.
Denver also ordered Applied Materials to review its discovery responses, particularly interrogatory responses "to see that they have been appropriately supplemented in light of the subject email."
The judge wrote, "Plaintiff's failure to produce the email in question is all the more troubling in that defense counsel had provided significant detail as to the document sought in the course of this litigation."
Denver later noted, "Any reasonably organized electronic search should have identified this document, resulting in production."
Denver's order also stated that Splinter's e-mail files were on a litigation hold requiring preservation and the plaintiff's opposition filings did not include affidavits from Splinter or people directly involved in the search for the e-mail.
The order further noted that the plaintiff's estimated cost for searching for the e-mail is not disproportionate "to litigation of this magnitude" and "not a justification for an inadequate search."
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: Sheri Qualters
Special master Thomas Denver, in the U.S. District Court for the Northern District of California, ordered Applied Materials and Goodwin Procter on Friday to pay Advanced Micro-Fabrication a yet-to-be-finalized monetary award. The sanctions follow Advanced Micro-Fabrication's repeated demand during discovery for an e-mail written by Applied Material's Chief Executive Michael Splinter.
Applied Materials, which makes machines that manufacture semiconductor chips, sued competitor Advanced Micro-Fabrication for allegedly stealing trade secrets, interfering with contractual relations, conversion and unfair competition under California laws.
Advanced Micro-Fabrication asked for $25,777.50 in sanctions based on the costs associated with filing a second motion to compel, and Denver asked the company to produce invoices to support the request.
Denver also ordered Applied Materials to review its discovery responses, particularly interrogatory responses "to see that they have been appropriately supplemented in light of the subject email."
The judge wrote, "Plaintiff's failure to produce the email in question is all the more troubling in that defense counsel had provided significant detail as to the document sought in the course of this litigation."
Denver later noted, "Any reasonably organized electronic search should have identified this document, resulting in production."
Denver's order also stated that Splinter's e-mail files were on a litigation hold requiring preservation and the plaintiff's opposition filings did not include affidavits from Splinter or people directly involved in the search for the e-mail.
The order further noted that the plaintiff's estimated cost for searching for the e-mail is not disproportionate "to litigation of this magnitude" and "not a justification for an inadequate search."
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: Sheri Qualters
Tuesday, December 22, 2009
United States: Tip of the Month: Managing the Risks and Costs of Collecting ESI
Scenario
A large corporation was named as a defendant in a product liability lawsuit. The corporation has preserved a massive amount of electronically stored information (ESI) in response to the suit and is now considering how much of the ESI, and which portions, to collect in order to review and produce it.
Collecting ESI — Who, What, Where, When and How
While preservation may prevent spoliation of ESI, before such ESI can be reviewed and produced, it must actually be collected. The collection of ESI can be both a technically and legally complex endeavor. In order to manage the risks and costs of collecting ESI, a litigant is well advised to design and document an ESI collection plan which considers the following five questions: Who, What, Where, When and How.
* WHO Should Collect the ESI?
One of the first decisions a collecting party faces is whether to handle the collection internally or to outsource the process to a specialized vendor. The appropriate choice will depend on the specific organization and the nature of the particular litigation and data at issue, as well as on such factors as the frequency with which the party finds itself in litigation, the capability and availability of internal IT resources to perform the collection, the financial stakes of the litigation, and the sensitivity of the data to be collected. Outsourcing the collection process is not an all-or-nothing decision, because parties may outsource some portions of the collection process while retaining direct control over others. Using a vendor to collect data can be more expensive than using internal staff. However, one must also consider whether internal staff persons have the appropriate time, sophistication and tools to collect the data properly and completely.
* WHAT (and How Much) to Collect?
To Continue Reading: Click Here
---------------------------------------------
Source: mondaq.com
By: Thomas A. Lidbury , Kim Leffert and Christopher M. Barrett
2010: trends in e-discovery for contract attorneys
It’s that time of year when it seems everybody has come out with predictions about e-discovery for the coming year. And the recent Gartner report on the upswing in e-discovery in the U.S. and around the globe (click here and click here) and Fulbright & Jaworski’s 6th Annual Survey (click here) comes as no surprise.
But none focus on the trends directly affecting contract attorneys and computer forensic reviewers (the largest percentage of our membership), the ones in the trenches. That will be the focus of this post.
Note to new readers: When we started The Posse List in 2002, our base was contract attorneys in document review and production on large cases that required an army of reviewers — called in like a “posse” at the last minute, hence our name. As the technology improved, the need for these large teams declined, but the need for review expertise and additional information and expertise in e-discovery continued to grow. That growth expanded internationally, and we expanded our Posse List team to focus on the impact of ESI management on cross-border litigation and investigations. We launched The Posse Ranch, which focuses on solo practitioners and those seeking to leave the document review world, and we also launched The Posse List (Europe) and The Posse List (Asia). We also launched The Electronic Discovery Reading Room, a central location for contract attorneys, law firms, vendors and others to learn the about the basics of e-discovery, ESI, cloud computing and general issues related to modern litigation.
Our network of websites now attracts forensics consultants, paralegals, in-house counsel, law firm attorneys, solo practitioners, e-discovery vendors, legal media, and others, in addition to our original population of contract lawyers.
So, what trends in e-discovery do we see affecting contract attorneys as we are about to enter 2010? What will affect them most?
To Continue Reading: Click Here
---------------------------------------------
Source: theposselist.com
By: MrPosse
But none focus on the trends directly affecting contract attorneys and computer forensic reviewers (the largest percentage of our membership), the ones in the trenches. That will be the focus of this post.
Note to new readers: When we started The Posse List in 2002, our base was contract attorneys in document review and production on large cases that required an army of reviewers — called in like a “posse” at the last minute, hence our name. As the technology improved, the need for these large teams declined, but the need for review expertise and additional information and expertise in e-discovery continued to grow. That growth expanded internationally, and we expanded our Posse List team to focus on the impact of ESI management on cross-border litigation and investigations. We launched The Posse Ranch, which focuses on solo practitioners and those seeking to leave the document review world, and we also launched The Posse List (Europe) and The Posse List (Asia). We also launched The Electronic Discovery Reading Room, a central location for contract attorneys, law firms, vendors and others to learn the about the basics of e-discovery, ESI, cloud computing and general issues related to modern litigation.
Our network of websites now attracts forensics consultants, paralegals, in-house counsel, law firm attorneys, solo practitioners, e-discovery vendors, legal media, and others, in addition to our original population of contract lawyers.
So, what trends in e-discovery do we see affecting contract attorneys as we are about to enter 2010? What will affect them most?
To Continue Reading: Click Here
---------------------------------------------
Source: theposselist.com
By: MrPosse
A Case for Operating in the Cloud
A 27.5 percent drop in revenue will get your attention. It did mine in April 2009 when I reviewed my firm's financial results for the first quarter of the year. I was shocked, and worried whether my practice could stay open. I knew some of my competitors had gone out of business and I was afraid I was next.
But, I didn't feel things were too bad and as I looked farther down the income statement I realized why.
• Rent Expense: down 50 percent;
• IT Costs: down 90 percent;
• Outside Workers Cost: down 60 percent; and
• Payroll Costs: down 40 percent.
I realized then that my movement to Microsoft's "cloud" enabled me to survive this downturn and will help me thrive in the upturn. Without it, I may not have stayed in business. There are two ideas I would like to emphasize with this article.
First, cloud computing will drastically change the legal industry.
Second, as an IT person in your firm, your most important mission is to get your firm to move to the cloud.
This article discusses three topics: Why and how I moved to the cloud, what I'm doing and not worrying about with cloud, and why the best ways to persuade attorneys that they have to move to the cloud.
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: James C. Nolan
But, I didn't feel things were too bad and as I looked farther down the income statement I realized why.
• Rent Expense: down 50 percent;
• IT Costs: down 90 percent;
• Outside Workers Cost: down 60 percent; and
• Payroll Costs: down 40 percent.
I realized then that my movement to Microsoft's "cloud" enabled me to survive this downturn and will help me thrive in the upturn. Without it, I may not have stayed in business. There are two ideas I would like to emphasize with this article.
First, cloud computing will drastically change the legal industry.
Second, as an IT person in your firm, your most important mission is to get your firm to move to the cloud.
This article discusses three topics: Why and how I moved to the cloud, what I'm doing and not worrying about with cloud, and why the best ways to persuade attorneys that they have to move to the cloud.
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: James C. Nolan
Monday, December 21, 2009
How to Protect Your Cloud Data
Network World — The Cloud Security Alliance has taken a second run at creating recommendations for businesses to follow in order to better secure cloud services.
Cloud Security: Danger (and Opportunity) Ahead
The new document aligns CSA's definition of cloud computing with that of the National Institute of Standards and Technology's (NIST) definition, which includes on-demand self service, broadband network access, resource pooling, rapid provisioning and scalability, and metered usage.
11 security companies to watch
NIST also divides cloud services into three categories: software-as-a-service (SaaS) (applications supplied by the service provider); platform-as-a-service (tools and programming languages supported by the provider for customers to deploy their own applications); and infrastructure-as-a-service (provider supplies hardware platforms within its network for customer use).
"Security Guidance for Critical Areas of Focus in Cloud Computing V2.1" compresses some of the topics that were considered in the earlier draft, and comes up with more specific recommendations in each of the 13 areas the 76-page document contains.
The document recommends cloud providers adopt the ISO/IEC 27001 standard for information security management systems. Customers should find out if their providers are certified and if not what their plans are for getting certified. At the least, providers should show that their practices are aligned with those set down by ISO 27002.
Customers need to realize that the type of cloud service they buy has an impact on how much responsibility they have for directly providing security and management of their data and applications, the report says. "The key takeaway for security architecture is that the lower down the stack the cloud service provider stops, the more security capabilities and management consumers are responsible for implementing and managing themselves," the report says.
To Continue Reading: Click Here
---------------------------------------------
Source: CIO
By: Tim Greene
Cloud Security: Danger (and Opportunity) Ahead
The new document aligns CSA's definition of cloud computing with that of the National Institute of Standards and Technology's (NIST) definition, which includes on-demand self service, broadband network access, resource pooling, rapid provisioning and scalability, and metered usage.
11 security companies to watch
NIST also divides cloud services into three categories: software-as-a-service (SaaS) (applications supplied by the service provider); platform-as-a-service (tools and programming languages supported by the provider for customers to deploy their own applications); and infrastructure-as-a-service (provider supplies hardware platforms within its network for customer use).
"Security Guidance for Critical Areas of Focus in Cloud Computing V2.1" compresses some of the topics that were considered in the earlier draft, and comes up with more specific recommendations in each of the 13 areas the 76-page document contains.
The document recommends cloud providers adopt the ISO/IEC 27001 standard for information security management systems. Customers should find out if their providers are certified and if not what their plans are for getting certified. At the least, providers should show that their practices are aligned with those set down by ISO 27002.
Customers need to realize that the type of cloud service they buy has an impact on how much responsibility they have for directly providing security and management of their data and applications, the report says. "The key takeaway for security architecture is that the lower down the stack the cloud service provider stops, the more security capabilities and management consumers are responsible for implementing and managing themselves," the report says.
To Continue Reading: Click Here
---------------------------------------------
Source: CIO
By: Tim Greene
Sentrigo Identifies Top Data Security Trends to Watch for in 2010
Automated attacks, cloud computing, regulatory compliance, insider threats and data storage practices top issues for coming year
Sentrigo, Inc., the innovator in database security software, has announced its top data security trends to watch for in 2010.
Exploiting Known Database Vulnerabilities Getting Easier
In the coming year it will be easier to perform attacks, which will become more sophisticated and completely automated. The result will be an increase of random attacks that no longer target a specific company, but instead look for specific vulnerabilities. Readily available toolkits on the Internet allow hackers of all skill levels to penetrate databases using sophisticated attacks. Every quarterly CPU from Oracle, as well as many of Microsoft’s patch Tuesday releases, announce new vulnerabilities that are quickly rolled out into these toolkits enabling immediate attacks that exploit published vulnerabilities. Data Security will Continue to be an Obstacle for Cloud Computing, but Solutions Will Begin Arriving
Cloud Computing makes it inherently harder to protect data since the data frequently moves and can be replicated without notification, and the applications that access this data are also highly transient. This will prevent many organizations from moving to a cloud model for applications with compliance requirements where auditable proof is required. Organizations will solve issues of securing data in the cloud using methods that attach data controls to the underlying database and centrally manage the policies and logging, even in a highly dynamic environment.
Pressure to Meet Regulatory Compliance Tied to Economic Conditions
The dichotomy between companies cutting back on spending and increased pressure for regulatory compliance will drive organizations to invest in solutions that help them achieve the bare minimum level of compliance. Businesses will pursue technology that provides adequate protection and low total-cost-of-ownership. Ease of implementation, cost of entry and time-to-compliance are going to be key decision making criteria. As the economy recovers, leading organizations will begin to view increased security as a differentiator for their offering, and will consider going beyond the regulatory requirements.
To Continue Reading: Click Here
-----------------------------------------------
Source: prweb.com
Sentrigo, Inc., the innovator in database security software, has announced its top data security trends to watch for in 2010.
Exploiting Known Database Vulnerabilities Getting Easier
In the coming year it will be easier to perform attacks, which will become more sophisticated and completely automated. The result will be an increase of random attacks that no longer target a specific company, but instead look for specific vulnerabilities. Readily available toolkits on the Internet allow hackers of all skill levels to penetrate databases using sophisticated attacks. Every quarterly CPU from Oracle, as well as many of Microsoft’s patch Tuesday releases, announce new vulnerabilities that are quickly rolled out into these toolkits enabling immediate attacks that exploit published vulnerabilities. Data Security will Continue to be an Obstacle for Cloud Computing, but Solutions Will Begin Arriving
Cloud Computing makes it inherently harder to protect data since the data frequently moves and can be replicated without notification, and the applications that access this data are also highly transient. This will prevent many organizations from moving to a cloud model for applications with compliance requirements where auditable proof is required. Organizations will solve issues of securing data in the cloud using methods that attach data controls to the underlying database and centrally manage the policies and logging, even in a highly dynamic environment.
Pressure to Meet Regulatory Compliance Tied to Economic Conditions
The dichotomy between companies cutting back on spending and increased pressure for regulatory compliance will drive organizations to invest in solutions that help them achieve the bare minimum level of compliance. Businesses will pursue technology that provides adequate protection and low total-cost-of-ownership. Ease of implementation, cost of entry and time-to-compliance are going to be key decision making criteria. As the economy recovers, leading organizations will begin to view increased security as a differentiator for their offering, and will consider going beyond the regulatory requirements.
To Continue Reading: Click Here
-----------------------------------------------
Source: prweb.com
Sunday, December 20, 2009
Anti-COFEE tool DECAF revealed as spoof
Two developers said they created a tool, called DECAF, that compromises Microsoft's COFEE computer-forensics tool by killing its processes, disabling a computer's connection ports and even conjuring up fake MAC addresses.
It's fake.
After numerous media outlets reported this week that there were delinquent hackers trying to thwart COFEE-assisted cyber-crime investigations, the DECAF developers on Friday revealed their creation as a publicity stunt. They said the COFEE tool Microsoft gives to police is luke-warm.
"We hope that as you realize this was a stunt to raise awareness for security and the need for better forensic tools that you would reconsider cutting corners on corporate security," the DECAF Web site now states. "Also, governments should not rely on a tool to automate the process of forensics but rather invest in the education of investigators and forensic tool experts."
Congratulations, media hogs, for manipulating everyone – including Microsoft, which on Thursday sent me a statement on DECAF while I was working on a report. Indeed, I was duped, too.
There was something suspicious about the DECAF Web site before it switched to spoof mode Friday morning. The developers posted an explanatory video, highlighted DECAF's supposed features, promised pie-in-the-sky updates (such as the ability to send DECAF a text message to trigger "Lockdown Mode") and appealed to expert developers for help in making better forensics tools. It all seemed a little too legitimate and focused for an anti-policing tool.
To Continue Reading: Click Here
-----------------------------------------------
Source: blog.seattlepi.com
By: Nick Eaton
It's fake.
After numerous media outlets reported this week that there were delinquent hackers trying to thwart COFEE-assisted cyber-crime investigations, the DECAF developers on Friday revealed their creation as a publicity stunt. They said the COFEE tool Microsoft gives to police is luke-warm.
"We hope that as you realize this was a stunt to raise awareness for security and the need for better forensic tools that you would reconsider cutting corners on corporate security," the DECAF Web site now states. "Also, governments should not rely on a tool to automate the process of forensics but rather invest in the education of investigators and forensic tool experts."
Congratulations, media hogs, for manipulating everyone – including Microsoft, which on Thursday sent me a statement on DECAF while I was working on a report. Indeed, I was duped, too.
There was something suspicious about the DECAF Web site before it switched to spoof mode Friday morning. The developers posted an explanatory video, highlighted DECAF's supposed features, promised pie-in-the-sky updates (such as the ability to send DECAF a text message to trigger "Lockdown Mode") and appealed to expert developers for help in making better forensics tools. It all seemed a little too legitimate and focused for an anti-policing tool.
To Continue Reading: Click Here
-----------------------------------------------
Source: blog.seattlepi.com
By: Nick Eaton
IQPC Puts a Wrap on E-Discovery 2009
IQPC's eDiscovery event of 2009 focused on rapid early case assessment and review strategies, as well as realigning relationships between outside counsel, in-house counsel, legal, and IT. As organizations adopt e-discovery strategies for 2010, they should consider many of the issues covered at this year's sessions that provided a perspective for the future.
The IQPC event concluded a pivotal year in legal technology that "was all about moving left on the Electronic Discovery Reference Model and getting information management practices in order," said attendee Stephen Ludlow, senior program manager for e-discovery at Waterloo, Ontario-based Open Text.
The IQPC captured those "leftist" trends in its early sessions with programs that discussed good corporate hygiene and effective records management, among other topics. Bruce Whitney, former chief litigation counsel at Air Products and Chemicals noted, "Good records management is like diet and exercise -- it is good for us, but getting there is another story." He and fellow panelist, Michael Lubben, vice president of risk management for Ryder Systems, cautioned that with baby boomers retiring, a company's institutional knowledge "is walking out the door"; by ignoring records management, "you are impairing your ability to compete."
2009 was certainly about competition, but it was also a year for organizations to more clearly determine their litigation profiles to identify ways to reduce their spending without impairing the legal team's ability to represent the company's interests. Some entities also took the time to determine what types of litigation they generally engage, the volume of work, and the systems they use. "There is a self-diagnostic that has to go on," advised Craig Carpenter, general counsel for Recommind.
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Ari Kaplan
The IQPC event concluded a pivotal year in legal technology that "was all about moving left on the Electronic Discovery Reference Model and getting information management practices in order," said attendee Stephen Ludlow, senior program manager for e-discovery at Waterloo, Ontario-based Open Text.
The IQPC captured those "leftist" trends in its early sessions with programs that discussed good corporate hygiene and effective records management, among other topics. Bruce Whitney, former chief litigation counsel at Air Products and Chemicals noted, "Good records management is like diet and exercise -- it is good for us, but getting there is another story." He and fellow panelist, Michael Lubben, vice president of risk management for Ryder Systems, cautioned that with baby boomers retiring, a company's institutional knowledge "is walking out the door"; by ignoring records management, "you are impairing your ability to compete."
2009 was certainly about competition, but it was also a year for organizations to more clearly determine their litigation profiles to identify ways to reduce their spending without impairing the legal team's ability to represent the company's interests. Some entities also took the time to determine what types of litigation they generally engage, the volume of work, and the systems they use. "There is a self-diagnostic that has to go on," advised Craig Carpenter, general counsel for Recommind.
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Ari Kaplan
How Did Our 2009 Predictions Fare?
This week CMS Watch issued its twelve predictions for 2010. In this post, I look back at our 2009 predictions to see how we did. The 2009 predictions were...
This week CMS Watch issued its twelve predictions for 2010. In this post, I look back at our 2009 predictions to see how we did. The 2009 predictions were:
1. Open source ECM players get an initial boost. Yes, the recession gave them a boost, though smart customers are still asking tough questions about multi-year total cost of ownership.
2. Office 14 casts long shadow on SharePoint. Yes, and no. SharePoint 2010 has energized Redmond's consulting channel. The new version is mostly casting a long shadow on 3rd-party SharePoint add-ons and some enterprise procurement teams looking to delay strategic decisions.
3. "Taxonomies are dead. Long live metadata!" Definitely less interest in complicated, human-maintained hierarchies.
To Continue Reading: Click Here
-----------------------------------------------
Source: intelligent-enterprise.informationweek.com
By: Tony Byrne
This week CMS Watch issued its twelve predictions for 2010. In this post, I look back at our 2009 predictions to see how we did. The 2009 predictions were:
1. Open source ECM players get an initial boost. Yes, the recession gave them a boost, though smart customers are still asking tough questions about multi-year total cost of ownership.
2. Office 14 casts long shadow on SharePoint. Yes, and no. SharePoint 2010 has energized Redmond's consulting channel. The new version is mostly casting a long shadow on 3rd-party SharePoint add-ons and some enterprise procurement teams looking to delay strategic decisions.
3. "Taxonomies are dead. Long live metadata!" Definitely less interest in complicated, human-maintained hierarchies.
To Continue Reading: Click Here
-----------------------------------------------
Source: intelligent-enterprise.informationweek.com
By: Tony Byrne
Friday, December 18, 2009
Supreme Court Takes 'Texting' Case
For businesses that offer their employees access to the Internet via company-provided computer and communications systems, the Supreme Court's decision to hear the case of City of Ontario v. Quon, No. 08-1332, may be significant.
The case presents questions regarding the reasonableness of an employee's expectations of privacy in using an employer's Internet-based "text messaging" system. A description of the case appears in the lower court opinion, Quon v. Arch Wireless Operating Co., 529 F.3d 892 (9th Cir. 2008), available at www.ca9.uscourts.gov.
Background of the case: In late 2001, Sergeant Jeff Quon received a pager from his employer, the Ontario, California, Police Department. The City of Ontario had no official policy on use of the pagers, but it did have a general "Computer Usage, Internet and Email Policy," which stated that "[t]he use of City-owned... equipment... is limited to City of Ontario related business." The policy also stated that the City "reserves the right to monitor and log all network activity... without notice. Users should have no expectation of privacy when using these resources."
The Police Department provided officers with pagers for official business, informing officers that it was a violation of policy to use the pagers for personal matters and that if they exceeded the monthly character limit set by the text service provider, they would have to pay any additional charges.
Sgt. Quon used his pager to send both business and personal messages, including messages of a sexual nature. He repeatedly went over his monthly limit. Despite the formal usage policy, a supervisor told Quon, informally, that if he paid the overage fees, his messages would not be audited. Quon paid the fees several months in a row.
To Continue Reading: Click Here
-----------------------------------------------
Source: internetrevolution.com
By: Steven C. Bennett
The case presents questions regarding the reasonableness of an employee's expectations of privacy in using an employer's Internet-based "text messaging" system. A description of the case appears in the lower court opinion, Quon v. Arch Wireless Operating Co., 529 F.3d 892 (9th Cir. 2008), available at www.ca9.uscourts.gov.
Background of the case: In late 2001, Sergeant Jeff Quon received a pager from his employer, the Ontario, California, Police Department. The City of Ontario had no official policy on use of the pagers, but it did have a general "Computer Usage, Internet and Email Policy," which stated that "[t]he use of City-owned... equipment... is limited to City of Ontario related business." The policy also stated that the City "reserves the right to monitor and log all network activity... without notice. Users should have no expectation of privacy when using these resources."
The Police Department provided officers with pagers for official business, informing officers that it was a violation of policy to use the pagers for personal matters and that if they exceeded the monthly character limit set by the text service provider, they would have to pay any additional charges.
Sgt. Quon used his pager to send both business and personal messages, including messages of a sexual nature. He repeatedly went over his monthly limit. Despite the formal usage policy, a supervisor told Quon, informally, that if he paid the overage fees, his messages would not be audited. Quon paid the fees several months in a row.
To Continue Reading: Click Here
-----------------------------------------------
Source: internetrevolution.com
By: Steven C. Bennett
The Radicati Group, Inc. Releases "eDiscovery and Data Loss Prevention Market, 2009-2013" Study
The latest study by The Radicati Group, Inc. "eDiscovery and Data Loss Prevention Market 2009 - 2013" provides market size, four-year forecasts, breakouts by region, and discusses legislative and technology issues of the eDiscovery and DLP market. The study also provides an analysis of the leading market players.
eDiscovery and DLP are supervision solutions that help companies monitor and manage electronic data travelling over their corporate channels, as well as stored on servers, desktops, laptops, and other endpoints. They help organizations comply with government regulations, as well as make sure that all users adhere to the established internal policies.
Despite the economic slowdown, there is strong demand for eDiscovery and DLP solutions and the study estimates that the total market for both eDiscovery and DLP solutions combined will top $2 billion by 2013.
To Continue Reading: Click Here
-----------------------------------------------
Source: earthtimes.org
eDiscovery and DLP are supervision solutions that help companies monitor and manage electronic data travelling over their corporate channels, as well as stored on servers, desktops, laptops, and other endpoints. They help organizations comply with government regulations, as well as make sure that all users adhere to the established internal policies.
Despite the economic slowdown, there is strong demand for eDiscovery and DLP solutions and the study estimates that the total market for both eDiscovery and DLP solutions combined will top $2 billion by 2013.
To Continue Reading: Click Here
-----------------------------------------------
Source: earthtimes.org
Legacy Apps in the Cloud: Six Details Worth Sweating
Sprawl in a cloud environment costs the user extra for wasted resources and increases the risk of security breaches
A host of substantial problems with porting legacy apps to the cloud will keep most companies from diving in for now, say analysts reporting on weaknesses in the cloud and ISVs trying to fill in the gaps.
But just as important for legacy applications that are often heavily customized and surrounded by cordons of stored procedures, report-generating scripts and security auditing tools, are the smaller issues that aren't obvious immediately, but can stop the show just as effectively as the biggies, according to Bernard Golden, CEO at consulting firm HyperStratus, and CIO.com blogger. Here's a look at the details worth sweating.
Visibility
Some applications require close monitoring, either by IT people on guard to make sure nothing goes pear-shaped unexpectedly, or by software that keeps track of who uses the application, what data they accessed and what they did with it, according to Chris Wolf, infrastructure analyst at The Burton Group.
This isn't an issue of basic security-limiting either physically or through programmatic limits the number of people who can use software or data. It's the ability to go much deeper-tracking which authorized users actually used the application, when they did, what data they changed or reports they generated, and who used those reports or data afterward, Wolf says.
To Continue Reading: Click Here
-----------------------------------------------
Source: cio.com.au
By: Kevin Fogarty
A host of substantial problems with porting legacy apps to the cloud will keep most companies from diving in for now, say analysts reporting on weaknesses in the cloud and ISVs trying to fill in the gaps.
But just as important for legacy applications that are often heavily customized and surrounded by cordons of stored procedures, report-generating scripts and security auditing tools, are the smaller issues that aren't obvious immediately, but can stop the show just as effectively as the biggies, according to Bernard Golden, CEO at consulting firm HyperStratus, and CIO.com blogger. Here's a look at the details worth sweating.
Visibility
Some applications require close monitoring, either by IT people on guard to make sure nothing goes pear-shaped unexpectedly, or by software that keeps track of who uses the application, what data they accessed and what they did with it, according to Chris Wolf, infrastructure analyst at The Burton Group.
This isn't an issue of basic security-limiting either physically or through programmatic limits the number of people who can use software or data. It's the ability to go much deeper-tracking which authorized users actually used the application, when they did, what data they changed or reports they generated, and who used those reports or data afterward, Wolf says.
To Continue Reading: Click Here
-----------------------------------------------
Source: cio.com.au
By: Kevin Fogarty
EU Data Protection Meets U.S. Discovery
As a result of an increase in U.S. lawsuits requiring the transfer of personal data from France to the United States, the French Data Protection Agency (CNIL) published a recommendation in August 2009, which is designed to offer guidance on data transfers in connection with U.S. civil discovery proceedings.[FOOTNOTE 1] The CNIL's recommendation expands on the guidelines adopted by the body of European data protection agencies (the Article 29 Data Protection Working Party) in February 2009.[FOOTNOTE 2]
EU member states increasingly enforce their data protection laws. For instance, in 2008, the Spanish data protection agency imposed fines amounting in total to €22.6 million. In France and other EU countries, companies are under pressure to comply with U.S. discovery requests, which frequently call for the production of personal data about employees, clients, or customers. The CNIL's recommendation reflects a tension between a company's obligation to respond to U.S. discovery requests and its obligation to comply with EU data protection laws. Because data protection laws pursue a legitimate interest and are increasingly enforced in Europe, courts and litigants in the U.S. should take them into account when ordering discovery abroad.
CNIL RECOMMENDATION
The CNIL acknowledges that the parties to a U.S. lawsuit have a legitimate need for documents, and that European and French data protection laws do not prohibit the transfer of personal data to the U.S. for litigation purposes. Such transfers, however, should be subject to certain requirements to comply with data protection laws. The CNIL's recommendation states, among other things, the following:
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Daniel Schimmel
EU member states increasingly enforce their data protection laws. For instance, in 2008, the Spanish data protection agency imposed fines amounting in total to €22.6 million. In France and other EU countries, companies are under pressure to comply with U.S. discovery requests, which frequently call for the production of personal data about employees, clients, or customers. The CNIL's recommendation reflects a tension between a company's obligation to respond to U.S. discovery requests and its obligation to comply with EU data protection laws. Because data protection laws pursue a legitimate interest and are increasingly enforced in Europe, courts and litigants in the U.S. should take them into account when ordering discovery abroad.
CNIL RECOMMENDATION
The CNIL acknowledges that the parties to a U.S. lawsuit have a legitimate need for documents, and that European and French data protection laws do not prohibit the transfer of personal data to the U.S. for litigation purposes. Such transfers, however, should be subject to certain requirements to comply with data protection laws. The CNIL's recommendation states, among other things, the following:
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Daniel Schimmel
Hackers Take Twitter Offline
Microblogging site Twitter went offline for a while Friday after hackers calling themselves the Iranian Cyber Army apparently managed to change DNS records, redirecting traffic to another Web page.
Instead of the usual Twitter Web site design, visitors to the site instead saw a black screen with an image of a green flag and Arabic writing. The defaced site also included a message that said, "This site has been hacked by Iranian Cyber Army," and an e-mail address.
Whether or not Iranian hackers are responsible for the attack wasn't immediately clear. However, Twitter and other Internet sites have been used by Iranian opposition groups and protestors to share details of anti-government protests in that country.
To Continue Reading: Click Here
-----------------------------------------------
Source: cio.com
By: Sumner Lemon
Instead of the usual Twitter Web site design, visitors to the site instead saw a black screen with an image of a green flag and Arabic writing. The defaced site also included a message that said, "This site has been hacked by Iranian Cyber Army," and an e-mail address.
Whether or not Iranian hackers are responsible for the attack wasn't immediately clear. However, Twitter and other Internet sites have been used by Iranian opposition groups and protestors to share details of anti-government protests in that country.
To Continue Reading: Click Here
-----------------------------------------------
Source: cio.com
By: Sumner Lemon
Thursday, December 17, 2009
Disaster recovery: senior management not interested
Computing: How do you justify the concept of business continuity management to senior executive and other departments?
Roger Bearpark, assistant head of ICT, London Borough of Hillingdon:
We don’t anymore. There are plenty of other things I can do and would not waste my time trying to sell it. Hillingdon tried very hard to get the interest of senior management in the past, but unless you have something practical such as scary cost figures to grab their attention, or talk about the potential loss of reputation, it is impossible.
Neil Edmonds, systems specialist (operations), the Salvation Army:
9/11 and 7/7 made no impact at all on our senior managers, who tended to think "it will never happen to us". One question was "if we have a DR site how long does it take to get a server in there?". So we had to take a group down to the data centre and show them six racks and ask: "which part of the infrastructure do you want to retrieve?" That got people thinking, but when we have an issue that affects the business, the first thing people do is go home. It is only on returning to work that they ask how are we going to get our systems back.
David Weston, IT infrastructure manager, Oxford University Press:
Business continuity is a major part of our role, but not [necessarily including] computers. We have a lot of academics in senior management who think IT should just work while they focus on writing and selling books. IT is becoming a business function within which the IT department is just a participant. We invite business users to come along to tests designed to make sure they can recover their systems [in the event of failure], which is a major step forward, but it is a lot of hard work to pursuade people to attend.
To Continue Reading: Click Here
-----------------------------------------------
Source: computing.co.uk
By: Martin Courtney
Roger Bearpark, assistant head of ICT, London Borough of Hillingdon:
We don’t anymore. There are plenty of other things I can do and would not waste my time trying to sell it. Hillingdon tried very hard to get the interest of senior management in the past, but unless you have something practical such as scary cost figures to grab their attention, or talk about the potential loss of reputation, it is impossible.
Neil Edmonds, systems specialist (operations), the Salvation Army:
9/11 and 7/7 made no impact at all on our senior managers, who tended to think "it will never happen to us". One question was "if we have a DR site how long does it take to get a server in there?". So we had to take a group down to the data centre and show them six racks and ask: "which part of the infrastructure do you want to retrieve?" That got people thinking, but when we have an issue that affects the business, the first thing people do is go home. It is only on returning to work that they ask how are we going to get our systems back.
David Weston, IT infrastructure manager, Oxford University Press:
Business continuity is a major part of our role, but not [necessarily including] computers. We have a lot of academics in senior management who think IT should just work while they focus on writing and selling books. IT is becoming a business function within which the IT department is just a participant. We invite business users to come along to tests designed to make sure they can recover their systems [in the event of failure], which is a major step forward, but it is a lot of hard work to pursuade people to attend.
To Continue Reading: Click Here
-----------------------------------------------
Source: computing.co.uk
By: Martin Courtney
The 2009 Data Breach Hall of Shame
If there was anything even vaguely comforting about the data breaches that were announced this year, it was that many of them stemmed from familiar and downright mundane security failures.
Slideshow: When Rogue IT Staffers Attack: 8 Organizations That Got Burned
Enterprise Data Security: Definition and Solutions
Companies continued to be felled more by usual issues such as lost laptops, un-patched or poorly coded software, inadvertent disclosures and rogue insiders, rather than by sneaky new attack techniques or devastating new hacker tools.
Here's a look back at five of the more notable breaches of the year:
TSA: Lessons in redaction
In what must arguably rank as one of the biggest security gaffes of this year, the Transportation Security Administration (TSA) accidentally posted on a public Web site a manual that contained complete details on its airport screening procedures.
The TSA manual included details for screening passengers, checking for explosives devices, special rules for handling the CIA, diplomats and law enforcement officials, and the technical settings and tolerances used by metal and explosive detectors used at airports.
To Continue Reading: Click Here
-----------------------------------------------
Source cio.com
By: Jaikumar Vijayan
Slideshow: When Rogue IT Staffers Attack: 8 Organizations That Got Burned
Enterprise Data Security: Definition and Solutions
Companies continued to be felled more by usual issues such as lost laptops, un-patched or poorly coded software, inadvertent disclosures and rogue insiders, rather than by sneaky new attack techniques or devastating new hacker tools.
Here's a look back at five of the more notable breaches of the year:
TSA: Lessons in redaction
In what must arguably rank as one of the biggest security gaffes of this year, the Transportation Security Administration (TSA) accidentally posted on a public Web site a manual that contained complete details on its airport screening procedures.
The TSA manual included details for screening passengers, checking for explosives devices, special rules for handling the CIA, diplomats and law enforcement officials, and the technical settings and tolerances used by metal and explosive detectors used at airports.
To Continue Reading: Click Here
-----------------------------------------------
Source cio.com
By: Jaikumar Vijayan
Sanctions Imposed for Wiping BlackBerrys
Numerous courts have imposed sanctions for failing to preserve e-mails and other electronic documents. But few decisions have addressed the consequences of destroying electronic information stored on portable electronic devices -- such as BlackBerrys and smart phones. This may be starting to change.
Recently, in Southeastern Mechanical Services Inc. v. Brody, No. 8:08-CV-1151, 2009 WL 2883057 (M.D. Fla. Aug. 31, 2009), the Middle District of Florida imposed spoliation sanctions for destruction of e-mails, calendar entries and text messages that were stored on portable electronic devices. This court's imposition of sanctions is an important reminder about the consequences of deleting information on such devices.
In particular, the court found it significant that information stored on the BlackBerrys at issue had not been fully synchronized to a corporate server -- and therefore destruction of information contained on the BlackBerrys was improper. Accordingly, both counsel and litigants should be apprised of the scope of the duty to preserve electronic information and should keep in mind that the duty to preserve such information likely extends to portable devices, such as BlackBerrys and smart phones.
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Edward H. Rippey and Skye L. Perryman
Recently, in Southeastern Mechanical Services Inc. v. Brody, No. 8:08-CV-1151, 2009 WL 2883057 (M.D. Fla. Aug. 31, 2009), the Middle District of Florida imposed spoliation sanctions for destruction of e-mails, calendar entries and text messages that were stored on portable electronic devices. This court's imposition of sanctions is an important reminder about the consequences of deleting information on such devices.
In particular, the court found it significant that information stored on the BlackBerrys at issue had not been fully synchronized to a corporate server -- and therefore destruction of information contained on the BlackBerrys was improper. Accordingly, both counsel and litigants should be apprised of the scope of the duty to preserve electronic information and should keep in mind that the duty to preserve such information likely extends to portable devices, such as BlackBerrys and smart phones.
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Edward H. Rippey and Skye L. Perryman
Wednesday, December 16, 2009
EDiscovery market set for 2010 boom: Gartner
Litigation fuelling growth
The eDiscovery software market is set for rapid growth, with revenues expected to surpass $1.2bn in 2010, according to analyst house Gartner. The market this year is tipped to total $1bn, a 25% increase over 2008 figures.
Gartner defines eDiscovery as, “the identification, preservation, collection, preparation, review and production of electronically stored information associated with legal and government proceedings.”
It can be delivered on-promise or through a SaaS offering.
The growth in the market is being fuelled by increasing levels of litigation across the business world. Craig Carpenter, VP of marketing at eDiscovery and eDisclosure form Recommind, told CBR that the economic situation was driving more companies to take legal proceedings.
To Continue Reading: Click Here
-----------------------------------------------
Source: cbronline.com
By: Steve Evans
The eDiscovery software market is set for rapid growth, with revenues expected to surpass $1.2bn in 2010, according to analyst house Gartner. The market this year is tipped to total $1bn, a 25% increase over 2008 figures.
Gartner defines eDiscovery as, “the identification, preservation, collection, preparation, review and production of electronically stored information associated with legal and government proceedings.”
It can be delivered on-promise or through a SaaS offering.
The growth in the market is being fuelled by increasing levels of litigation across the business world. Craig Carpenter, VP of marketing at eDiscovery and eDisclosure form Recommind, told CBR that the economic situation was driving more companies to take legal proceedings.
To Continue Reading: Click Here
-----------------------------------------------
Source: cbronline.com
By: Steve Evans
To Have and to Hold: A Romantic Guide to Document Preservation
"Romantic" would probably not be the first word -- or even the last -- that comes to mind when considering the case law and emerging best practices regarding document preservation. Yet, there is an unmistakable parallel between the preservation of documents and the preservation of a romantic union. The same common-sense principles guiding relationships that countless advice columnists have offered also apply to successful document preservation. As many companies still do not have litigation hold processes in place to deal with document preservation,[FOOTNOTE 1] mastering the following basic principles of document preservation is more important than ever, especially considering the steady flow of decisions in 2009 addressing the topic.[FOOTNOTE 2]
Timing is everything. For litigation hold notices, as in love, timing is important. If Romeo waits too long to ask Juliet out, he may find that the object of his affection has moved on to another suitor. A litigation hold notice issued too late -- or not at all -- can lead to similarly tragic results, in this case in the form of spoliation and sanctions.[FOOTNOTE 3] The first step for a preserving party is to assess the "trigger date" for its preservation obligation. The duty to preserve attaches at the time that litigation is reasonably anticipated -- in other words, when a party knew or should have known that evidence may be relevant to future litigation.[FOOTNOTE 4] The trigger date can be no later than the start of the litigation, but may also be sooner.[FOOTNOTE 5] Whether a preservation obligation has been triggered depends on the facts and requires careful analysis.[FOOTNOTE 6]
Get to know each other. Early courtship is a time for extended candlelit conversations to aid the process of getting to know each other. These early conversations are crucial in evaluating whether to take things to the next level -- or whether to leave a suitor standing at the curb without even a good night kiss to show for their efforts. Document preservation requires getting to know the preserving party, so as to determine who should receive the litigation hold notice. These key players are the individuals who are "likely to have information relevant to the events that underlie the litigation."[FOOTNOTE 7] The preserving party should not overlook support staff or others who have access to key players’ information and, consequently, should also receive the litigation hold notice.[FOOTNOTE 8] In addition to the key players, the preservation obligation must be communicated to any IT personnel (internal or outsourced) who could prevent destruction of relevant data.[FOOTNOTE 9] One area where IT personnel is critical is in the suspension of any auto-delete features that would otherwise lead to destruction of relevant data.[FOOTNOTE 10]
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Farrah Pepper
Timing is everything. For litigation hold notices, as in love, timing is important. If Romeo waits too long to ask Juliet out, he may find that the object of his affection has moved on to another suitor. A litigation hold notice issued too late -- or not at all -- can lead to similarly tragic results, in this case in the form of spoliation and sanctions.[FOOTNOTE 3] The first step for a preserving party is to assess the "trigger date" for its preservation obligation. The duty to preserve attaches at the time that litigation is reasonably anticipated -- in other words, when a party knew or should have known that evidence may be relevant to future litigation.[FOOTNOTE 4] The trigger date can be no later than the start of the litigation, but may also be sooner.[FOOTNOTE 5] Whether a preservation obligation has been triggered depends on the facts and requires careful analysis.[FOOTNOTE 6]
Get to know each other. Early courtship is a time for extended candlelit conversations to aid the process of getting to know each other. These early conversations are crucial in evaluating whether to take things to the next level -- or whether to leave a suitor standing at the curb without even a good night kiss to show for their efforts. Document preservation requires getting to know the preserving party, so as to determine who should receive the litigation hold notice. These key players are the individuals who are "likely to have information relevant to the events that underlie the litigation."[FOOTNOTE 7] The preserving party should not overlook support staff or others who have access to key players’ information and, consequently, should also receive the litigation hold notice.[FOOTNOTE 8] In addition to the key players, the preservation obligation must be communicated to any IT personnel (internal or outsourced) who could prevent destruction of relevant data.[FOOTNOTE 9] One area where IT personnel is critical is in the suspension of any auto-delete features that would otherwise lead to destruction of relevant data.[FOOTNOTE 10]
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Farrah Pepper
Tuesday, December 15, 2009
Deal involves 22 million Bush e-mails
Watchdog groups say a deal reached with the Obama administration will allow the restoration of e-mail from former President George W. Bush's administration.
Under Monday's settlement, e-mail traffic selected from days between January 2003 and April 2005 -- a period covering 22 million e-mails -- will be restored from backup tapes, CNN reported Tuesday. Of the 94 days, 40 were picked by statistical sample, 21 were suggested by the White House and 33 were days the groups deemed "historically significant" from before the start of the Iraq war to when the dismissal of several U.S. attorneys was being planned.
Also requested were several days of e-mails sent about the time it was announced a criminal investigation was under way into the disclosure of then-CIA agent Valerie Plame Wilson's identity.
To Continue Reading: Click Here
-----------------------------------------------
Source: upi.com
Under Monday's settlement, e-mail traffic selected from days between January 2003 and April 2005 -- a period covering 22 million e-mails -- will be restored from backup tapes, CNN reported Tuesday. Of the 94 days, 40 were picked by statistical sample, 21 were suggested by the White House and 33 were days the groups deemed "historically significant" from before the start of the Iraq war to when the dismissal of several U.S. attorneys was being planned.
Also requested were several days of e-mails sent about the time it was announced a criminal investigation was under way into the disclosure of then-CIA agent Valerie Plame Wilson's identity.
To Continue Reading: Click Here
-----------------------------------------------
Source: upi.com
The five technologies that CEOs will spend money on next year
While the economic gloom may be far from over, companies believe technology will be key to their post-recession future.
According to a survey of CEOs and other senior business execs by analyst house Gartner, nearly two-thirds (62 per cent) see IT as playing a crucial role in their post-recession strategy.
The survey also found that nearly half of the execs (43 per cent) plan to increase IT investment levels next year and that only 13 per cent are planning cuts.
Next year business chiefs will be looking to IT systems to help them cut costs and increase revenues, Mark Raskino, research VP at Gartner, said.
"CEOs are looking forward to a period that is difficult and that is characterised by slow, grinding growth.
"In these circumstances there is a need for a continued focus on improving inefficiencies and that is what technology has always been used for.
"The other area they are interested in is using tech as a way of driving revenue growth, which is a relatively new idea that has come about recently in the era of CRM and the internet," he told silicon.com.
With most corporate IT departments ripe for fresh investment after relatively low levels of IT funding during the economic boom of 2005 to 2007, here are the five technologies that CEOs are likely to invest in next year, according to Raskino.
Better data collection and retrieval systems
"These systems make a lot of sense in this climate as the CEOs are looking at growth but it will be grinding - it will not be strong or easy.
"Companies have already done a lot of emergency cost cutting and it will be important that they have the data to find those places in the company where inefficiencies still exist.
"It is about saying 'let's X-ray the business to find more savings and business opportunities'."
To Continue Reading: Click Here
-----------------------------------------------
Source: silicon.com
By: Nick Heath
According to a survey of CEOs and other senior business execs by analyst house Gartner, nearly two-thirds (62 per cent) see IT as playing a crucial role in their post-recession strategy.
The survey also found that nearly half of the execs (43 per cent) plan to increase IT investment levels next year and that only 13 per cent are planning cuts.
Next year business chiefs will be looking to IT systems to help them cut costs and increase revenues, Mark Raskino, research VP at Gartner, said.
"CEOs are looking forward to a period that is difficult and that is characterised by slow, grinding growth.
"In these circumstances there is a need for a continued focus on improving inefficiencies and that is what technology has always been used for.
"The other area they are interested in is using tech as a way of driving revenue growth, which is a relatively new idea that has come about recently in the era of CRM and the internet," he told silicon.com.
With most corporate IT departments ripe for fresh investment after relatively low levels of IT funding during the economic boom of 2005 to 2007, here are the five technologies that CEOs are likely to invest in next year, according to Raskino.
Better data collection and retrieval systems
"These systems make a lot of sense in this climate as the CEOs are looking at growth but it will be grinding - it will not be strong or easy.
"Companies have already done a lot of emergency cost cutting and it will be important that they have the data to find those places in the company where inefficiencies still exist.
"It is about saying 'let's X-ray the business to find more savings and business opportunities'."
To Continue Reading: Click Here
-----------------------------------------------
Source: silicon.com
By: Nick Heath
Top 10 new features in Exchange Server 2010
Microsoft recently released Exchange Server 2010, and it’s chockfull of new features. This article will introduce you to a few of my personal favorites.
1: Legal Hold
Over the last several years, it has become increasingly more common for an organization’s email messages to be subpoenaed as part of the litigation process. The problem is that email is dynamic in nature. Messages are constantly being sent, received, and deleted. Likewise, messages in the archives are often set to expire after a specific length of time. All of these factors have made it difficult to comply with litigation-related message retention requirements.
Exchange 2010 offers a new legal hold feature. This feature allows you to preserve the contents of an Exchange mailbox. Users can still use their mailbox in the usual manner, but copies of all items are retained, even if they delete them or if archived content would otherwise have expired.
2: Multi mailbox search
A complementary feature to legal hold is the new multi mailbox search feature. This feature makes it a lot easier for organizations to perform E-discovery. As the name implies, multi mailbox search allows a designated person to perform organization-level searches across users’ mailboxes. The search interface is designed to allow administrators to search for multiple keywords or phrases simultaneously.
3: Exchange Control Panel
The Exchange Control Panel is a new management tool built into Exchange 2010. While the Exchange Control Panel isn’t designed to take the place of the Exchange Management Console or the Exchange Management Shell, it is definitely a welcome addition.
The Exchange Control Panel is integrated into OWA. It allows users to perform a few basic self-service tasks, such as changing their contact information. For administrators, the Exchange Control Panel provides a way of performing some of the more common management tasks remotely using a Web interface.
To Continue Reading: Click Here
-----------------------------------------------
Source: blogs.techrepublic.com
By: Jody Gilbert
1: Legal Hold
Over the last several years, it has become increasingly more common for an organization’s email messages to be subpoenaed as part of the litigation process. The problem is that email is dynamic in nature. Messages are constantly being sent, received, and deleted. Likewise, messages in the archives are often set to expire after a specific length of time. All of these factors have made it difficult to comply with litigation-related message retention requirements.
Exchange 2010 offers a new legal hold feature. This feature allows you to preserve the contents of an Exchange mailbox. Users can still use their mailbox in the usual manner, but copies of all items are retained, even if they delete them or if archived content would otherwise have expired.
2: Multi mailbox search
A complementary feature to legal hold is the new multi mailbox search feature. This feature makes it a lot easier for organizations to perform E-discovery. As the name implies, multi mailbox search allows a designated person to perform organization-level searches across users’ mailboxes. The search interface is designed to allow administrators to search for multiple keywords or phrases simultaneously.
3: Exchange Control Panel
The Exchange Control Panel is a new management tool built into Exchange 2010. While the Exchange Control Panel isn’t designed to take the place of the Exchange Management Console or the Exchange Management Shell, it is definitely a welcome addition.
The Exchange Control Panel is integrated into OWA. It allows users to perform a few basic self-service tasks, such as changing their contact information. For administrators, the Exchange Control Panel provides a way of performing some of the more common management tasks remotely using a Web interface.
To Continue Reading: Click Here
-----------------------------------------------
Source: blogs.techrepublic.com
By: Jody Gilbert
Cloudy with a chance of non-compliance
Compliance, along with security and privacy, is a big topic when firms consider cloud services. I recently did a Forrester Webinar on the topic of compliance for cloud computing. You can access the recording here. This blog entry is a recap of the Webinar.
In terms of compliance for cloud services, there are four categories of issues of concern:
• Where: Geographically-related issues
• How: This is about operational details that affect compliance
• Audit: Show me evidence that you can help me achieve compliance
• Others: Everything that doesn’t fit into the above categories
For the “where” category, you need to be conscientious of the following aspects:
• Datacenter locations
• Implications of local laws and regulations (where the datacenters are operating)
• Third-party access: Does the vendor use any “third-party” resources that may affect the locations of relevant data?
We recently helped a client evaluate the business suitability of a SaaS provider. In the course of doing so, we discovered that the SaaS vendor used a third-party backup service to back up their logs. Although the SaaS provider is located entirely in the US, the backup service provider is not. Therefore there is a question of whether my client’s logs will get stored in a datacenter outside the country. This made my client uneasy.
To Continue Reading: Click Here
-----------------------------------------------
Source: computerworlduk.com
By: Chenxi Wang
In terms of compliance for cloud services, there are four categories of issues of concern:
• Where: Geographically-related issues
• How: This is about operational details that affect compliance
• Audit: Show me evidence that you can help me achieve compliance
• Others: Everything that doesn’t fit into the above categories
For the “where” category, you need to be conscientious of the following aspects:
• Datacenter locations
• Implications of local laws and regulations (where the datacenters are operating)
• Third-party access: Does the vendor use any “third-party” resources that may affect the locations of relevant data?
We recently helped a client evaluate the business suitability of a SaaS provider. In the course of doing so, we discovered that the SaaS vendor used a third-party backup service to back up their logs. Although the SaaS provider is located entirely in the US, the backup service provider is not. Therefore there is a question of whether my client’s logs will get stored in a datacenter outside the country. This made my client uneasy.
To Continue Reading: Click Here
-----------------------------------------------
Source: computerworlduk.com
By: Chenxi Wang
The Million-Dollar Words of E-Discovery
Throughout history, humans have had miscommunications and misunderstandings. Some are comical like Abbott and Costello's "Who's On First?"; others can be tragic like "Romeo and Juliet." Most of the time, a misunderstood word here or there doesn't have far-reaching implications, but in the legal profession a misunderstood word or instruction can cost millions.
In today's litigious environment, attorneys and IT professionals frequently find themselves in the midst of an e-discovery project that requires the team to quickly find information, which can reside on computers and smartphones, within applications such as e-mail, or on backup tapes stored in the closet of someone's home. Put these challenges together and the stage is set for expensive, complex, and sometimes frustrating, e-discovery projects.
THE BILLION-DOLLAR MARKET
E-discovery is among the fastest growing segments in the IT industry. Spending for EDD software and services will reach an estimated $1 billion by year-end according to Gartner. A survey of medium-sized U.S. companies conducted by Kroll Ontrack found that, on average, companies will spend $1.29 million to manage electronic data in 2009 compared with $437,000 last year.
To try and manage time and expenses, Brian Babineau, senior consulting analyst for the Enterprise Strategy Group, says that a growing proportion of annual e-discovery spending is spent proactively, rather than waiting for litigation to drive investment. "We believe that organizations are bringing a portion of the electronic discovery process in-house, especially in the early steps such as identification, collection and initial analysis that indicates a move to a more proactive approach. The rationalization for this assumption is that organizations are recognizing electronic discovery is a formal business process and are using technology to automate it."
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Kevin Woo
In today's litigious environment, attorneys and IT professionals frequently find themselves in the midst of an e-discovery project that requires the team to quickly find information, which can reside on computers and smartphones, within applications such as e-mail, or on backup tapes stored in the closet of someone's home. Put these challenges together and the stage is set for expensive, complex, and sometimes frustrating, e-discovery projects.
THE BILLION-DOLLAR MARKET
E-discovery is among the fastest growing segments in the IT industry. Spending for EDD software and services will reach an estimated $1 billion by year-end according to Gartner. A survey of medium-sized U.S. companies conducted by Kroll Ontrack found that, on average, companies will spend $1.29 million to manage electronic data in 2009 compared with $437,000 last year.
To try and manage time and expenses, Brian Babineau, senior consulting analyst for the Enterprise Strategy Group, says that a growing proportion of annual e-discovery spending is spent proactively, rather than waiting for litigation to drive investment. "We believe that organizations are bringing a portion of the electronic discovery process in-house, especially in the early steps such as identification, collection and initial analysis that indicates a move to a more proactive approach. The rationalization for this assumption is that organizations are recognizing electronic discovery is a formal business process and are using technology to automate it."
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Kevin Woo
Proposed Rules for Electronic Discovery
In January, the Wisconsin Supreme Court will hold a public hearing to consider proposed amendments to the Wisconsin Rules of Civil Procedure to address electronic discovery. Here’s an overview of what the proposed amendments entail.
The age of electronic discovery is upon us. The vast majority of documents created in the United States are never reduced to pieces of paper. Billions of emails are exchanged daily. Approximately 92 percent of all data is currently stored in electronic form.1 According to Wisconsin Supreme Court Chief Justice Shirley Abrahamson, “Most information is kept in digital form, and discovery, preservation and production of electronic information is one of the leading issues facing not only corporate America, but also government.”2 In recognition of this reality, the drafters of the Federal Rules of Civil Procedure have enacted amendments to the federal discovery rules that address issues concerning the discovery of electronically stored information.3
Wisconsin has followed suit. On April 23, 2009, the Evidence and Civil Procedure Committee of the Wisconsin Judicial Council proposed amendments to Wisconsin’s discovery rules that specifically pertain to electronic discovery. On Jan. 21, 2010, the Wisconsin Supreme Court will hold a public hearing regarding the proposed amendments, with the court’s conference in the matter to immediately follow. The amendments are adapted from the Uniform Rules on the Discovery of Electronically Stored Information and the 2006 amendments to the Federal Rules of Civil Procedure. The new rules are “intended to provide consistency and predictability in the discovery of electronically stored information.” In addition, the rules “are intended to reduce the economic burden that can result from the discovery involving the enormous volume of electronically stored information.”4
To Continue Reading: Click Here
-----------------------------------------------
Source: wisbar.org
By: Timothy D. Edwards & Matthew Stippich
The age of electronic discovery is upon us. The vast majority of documents created in the United States are never reduced to pieces of paper. Billions of emails are exchanged daily. Approximately 92 percent of all data is currently stored in electronic form.1 According to Wisconsin Supreme Court Chief Justice Shirley Abrahamson, “Most information is kept in digital form, and discovery, preservation and production of electronic information is one of the leading issues facing not only corporate America, but also government.”2 In recognition of this reality, the drafters of the Federal Rules of Civil Procedure have enacted amendments to the federal discovery rules that address issues concerning the discovery of electronically stored information.3
Wisconsin has followed suit. On April 23, 2009, the Evidence and Civil Procedure Committee of the Wisconsin Judicial Council proposed amendments to Wisconsin’s discovery rules that specifically pertain to electronic discovery. On Jan. 21, 2010, the Wisconsin Supreme Court will hold a public hearing regarding the proposed amendments, with the court’s conference in the matter to immediately follow. The amendments are adapted from the Uniform Rules on the Discovery of Electronically Stored Information and the 2006 amendments to the Federal Rules of Civil Procedure. The new rules are “intended to provide consistency and predictability in the discovery of electronically stored information.” In addition, the rules “are intended to reduce the economic burden that can result from the discovery involving the enormous volume of electronically stored information.”4
To Continue Reading: Click Here
-----------------------------------------------
Source: wisbar.org
By: Timothy D. Edwards & Matthew Stippich
Monday, December 14, 2009
Commentary: Give EDD a Chance to Grow Up
"I see no hope for the future of our people if they are dependent on the frivolous youth of today, for certainly all youth are reckless beyond words. When I was a boy, we were taught to be discreet and respectful of elders, but the present youth are exceedingly wise and impatient of restraint." -- Hesiod, 8 B.C.
Discovery, like teenagers, is an easy and timeless target about which to complain. Dissatisfaction with the way discovery works is not quite as old as dissatisfaction with the younger generation, but recently it has been as direly worded. Electronic discovery, that frivolous, ne'er-do-well teenager of our justice system, is a ripe target for attorneys whose attitudes mirror that of the Greek poet. E-discovery is often referred to in vaguely threatening terms: "blackmail," a "storm" or combat on the "front lines." See M.H. Gruenglas, Robert A. Fumerton and Patrick G. Rideout, "A Proposal to Prevent Blackmail at the Pleading Stage," New York Law Journal, Oct. 5, 2009, at S8; Canaan E. Himmelbaum and Leyda F. Mata, "Surviving the Perfect E-Discovery Storm," 28 No. 5 Legal Mgmt. 26 (2009); "Electronic Discovery: A View From the Front Lines," Inst. Advancement Am. Legal Sys., 5 (2008).
In March, through the collaboration of seasoned attorneys (with an average of 38 years of experience), the American College of Trial Lawyers Task Force on Discovery and the Institute for the Advancement of the American Legal System went so far as to release a report recommending radical changes to the Federal Rules of Civil Procedure, including eliminating depositions of experts when their testimony is limited to their report, cost-shifting and submission of a discovery budget for court and client approval. See Final Report on the Joint Project of the American College of Trial Lawyers' Task Force on Discovery and Institute for the Advancement of American Legal System.
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Megan Jones
Discovery, like teenagers, is an easy and timeless target about which to complain. Dissatisfaction with the way discovery works is not quite as old as dissatisfaction with the younger generation, but recently it has been as direly worded. Electronic discovery, that frivolous, ne'er-do-well teenager of our justice system, is a ripe target for attorneys whose attitudes mirror that of the Greek poet. E-discovery is often referred to in vaguely threatening terms: "blackmail," a "storm" or combat on the "front lines." See M.H. Gruenglas, Robert A. Fumerton and Patrick G. Rideout, "A Proposal to Prevent Blackmail at the Pleading Stage," New York Law Journal, Oct. 5, 2009, at S8; Canaan E. Himmelbaum and Leyda F. Mata, "Surviving the Perfect E-Discovery Storm," 28 No. 5 Legal Mgmt. 26 (2009); "Electronic Discovery: A View From the Front Lines," Inst. Advancement Am. Legal Sys., 5 (2008).
In March, through the collaboration of seasoned attorneys (with an average of 38 years of experience), the American College of Trial Lawyers Task Force on Discovery and the Institute for the Advancement of the American Legal System went so far as to release a report recommending radical changes to the Federal Rules of Civil Procedure, including eliminating depositions of experts when their testimony is limited to their report, cost-shifting and submission of a discovery budget for court and client approval. See Final Report on the Joint Project of the American College of Trial Lawyers' Task Force on Discovery and Institute for the Advancement of American Legal System.
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Megan Jones
COFEE loses some of its impact thanks to DECAF (Update)
The Computer Online Forensic Evidence Extractor (COFEE) is a tool created by Microsoft to help law enforcement with forensic investigations. It has caused its share of privacy fear, and when it was leaked to the web, Microsoft wasn’t too worried. However, for those who have the shakes over COFEE, there is a tool to help, DECAF.
COFEE has been available to law enforcement agencies since 2007. Microsoft describes it as a USB-based tool that provides investigators with a means to extract live data from a suspect’s computer at the point of seizure, before turning it off.
“Prior to COFEE the equivalent work would require a computer forensics expert to enter 150 complex commands manually through a process that could take three to four hours. With COFEE, you simply plug into a running computer to extract the data with the click of one button completing the work in about 20 minutes,” Microsoft explained at the time.
COFEE isn’t something Microsoft created. They packaged some 150 tools, and created a launcher script that allows the investigator ease of use, and then handed it out to law enforcement agencies.
In November, COFEE ended up leaking to the web, and one of the sites hosting it was issued a takedown notice. In the end, the notice was pointless, as Wikileaks is now hosting downloads of COFEE, so if you want a copy head here. It is a useful tool, but in our opinion BackTrack is the tool of choice.
To Continue Reading: Click Here
-----------------------------------------------
Source: thetechherald.com
By: Steve Ragan
COFEE has been available to law enforcement agencies since 2007. Microsoft describes it as a USB-based tool that provides investigators with a means to extract live data from a suspect’s computer at the point of seizure, before turning it off.
“Prior to COFEE the equivalent work would require a computer forensics expert to enter 150 complex commands manually through a process that could take three to four hours. With COFEE, you simply plug into a running computer to extract the data with the click of one button completing the work in about 20 minutes,” Microsoft explained at the time.
COFEE isn’t something Microsoft created. They packaged some 150 tools, and created a launcher script that allows the investigator ease of use, and then handed it out to law enforcement agencies.
In November, COFEE ended up leaking to the web, and one of the sites hosting it was issued a takedown notice. In the end, the notice was pointless, as Wikileaks is now hosting downloads of COFEE, so if you want a copy head here. It is a useful tool, but in our opinion BackTrack is the tool of choice.
To Continue Reading: Click Here
-----------------------------------------------
Source: thetechherald.com
By: Steve Ragan
Storage predictions for 2010
What does 2010 hold for storage? Symantec has come up with a list of trends for the coming year.
What does 2010 hold for storage? Symantec lists the trends for the coming year.
The year of deletion
The struggle to keep up with the growth of information on shrinking IT budgets will continue. The last time storage technology kept up with information growth was 2002 so, to keep up, storage admins need to lose the ‘pack rat’ mentality and start deleting information. The ‘delete’ mentality will lead to a shift from using backup as the long term storage location. Backup will return to its intended use and recovery while archiving will step in to manage the long term retention and disposition of information.
The end of the backup tape stockpile
Backup is the wrong application for information retention because it is organised around information islands — systems — rather than information. An active, deduplicated archive with automated retention and deletion dramatically reduces the cost and time of long term information storage and retrieval. In 2010, the role of backup changes to focus on short-term recovery: Fast deduplicated backups and rapid, granular recovery with built-in replication to disaster recovery sites.
Deduplication everywhere
Symantec has been telling the duplication for a few years now. But in 2010, the vendor says it will become widely deployed as a feature, rather than a standalone technology. According to Symantec, about 70 per cent of enterprises still have not deployed deduplication, but will leverage easier deployments next year as it becomes built into most storage offerings, including backup software, primary storage, replication and archiving software. As more enterprises reap the benefits of deduplication and the gap it bridges with information management, the primary issue will become management of storage resources. The demand will be for simplified and cross-platform deduplication management that save time and money.
To Continue Reading: Click Here
-----------------------------------------------
Source: computerworld.com.au
By: Computerworld Staff
What does 2010 hold for storage? Symantec lists the trends for the coming year.
The year of deletion
The struggle to keep up with the growth of information on shrinking IT budgets will continue. The last time storage technology kept up with information growth was 2002 so, to keep up, storage admins need to lose the ‘pack rat’ mentality and start deleting information. The ‘delete’ mentality will lead to a shift from using backup as the long term storage location. Backup will return to its intended use and recovery while archiving will step in to manage the long term retention and disposition of information.
The end of the backup tape stockpile
Backup is the wrong application for information retention because it is organised around information islands — systems — rather than information. An active, deduplicated archive with automated retention and deletion dramatically reduces the cost and time of long term information storage and retrieval. In 2010, the role of backup changes to focus on short-term recovery: Fast deduplicated backups and rapid, granular recovery with built-in replication to disaster recovery sites.
Deduplication everywhere
Symantec has been telling the duplication for a few years now. But in 2010, the vendor says it will become widely deployed as a feature, rather than a standalone technology. According to Symantec, about 70 per cent of enterprises still have not deployed deduplication, but will leverage easier deployments next year as it becomes built into most storage offerings, including backup software, primary storage, replication and archiving software. As more enterprises reap the benefits of deduplication and the gap it bridges with information management, the primary issue will become management of storage resources. The demand will be for simplified and cross-platform deduplication management that save time and money.
To Continue Reading: Click Here
-----------------------------------------------
Source: computerworld.com.au
By: Computerworld Staff
Sunday, December 13, 2009
Will Smarter TIFFs from Microsoft Change E-Discovery?
I trust you know, dear reader, that the only thing dumber than a TIFF file is converting your entire e-discovery collection to TIFF images for review. But, while wholesale TIFF conversion will forever be monumentally stupid and profligate, it appears TIFF files just acquired a few brain cells.
At risk of being revealed as the last kid on the block to figure this out, I learned today that Microsoft offers a way to smarten up TIFF images such that load files--those hinky, stinky electronic bills of lading that must accompany TIFF image productions to make them usable--may no longer be needed.
For those new to this topic, TIFF stands for Tagged Image File Format. Think of a TIFF as a still photo of a document, either one snapshot per page (single page TIFF) or a snapshot of all the pages laid out on the floor (multipage TIFF). I call TIFFs "dumb" because, unlike the native electronic versions of the documents they replace, TIFFs can't be searched electronically and don't function like native files. To anthropomorphize, TIFFs are so dumb, they don't know what they say. They're especially brain dead when used to replace spreadsheets or other formats which wither on the printed page. To offset their low IQ, TIFFs need literate escorts in the form of load files carrying the document's textual content and metadata.
To Continue Reading: Click Here
-----------------------------------------------
Source: eddupdate.com
By: Craig Ball
At risk of being revealed as the last kid on the block to figure this out, I learned today that Microsoft offers a way to smarten up TIFF images such that load files--those hinky, stinky electronic bills of lading that must accompany TIFF image productions to make them usable--may no longer be needed.
For those new to this topic, TIFF stands for Tagged Image File Format. Think of a TIFF as a still photo of a document, either one snapshot per page (single page TIFF) or a snapshot of all the pages laid out on the floor (multipage TIFF). I call TIFFs "dumb" because, unlike the native electronic versions of the documents they replace, TIFFs can't be searched electronically and don't function like native files. To anthropomorphize, TIFFs are so dumb, they don't know what they say. They're especially brain dead when used to replace spreadsheets or other formats which wither on the printed page. To offset their low IQ, TIFFs need literate escorts in the form of load files carrying the document's textual content and metadata.
To Continue Reading: Click Here
-----------------------------------------------
Source: eddupdate.com
By: Craig Ball
Friday, December 11, 2009
Court Rules Mistaken Transmission of Privileged Email Due to Use of "Autofill" Function in Email Did Not Result in Waiver
Multiquip, Inc. v. Water Mgmt. Systs., LLC, 2009 WL 4261214 (D. Idaho Nov. 23, 2009)
When responding to an email communication from his attorney, defendant mistakenly sent his message to a third party. As a result, the email was eventually provided to opposing counsel in the litigation. Plaintiff’s counsel refused to return the email upon defense counsel’s request and filed a motion for a protective order to which the email was attached. Defendants then filed a motion to exclude plaintiff’s use of the email. Defendant David Muhs explained that the mistaken transmission occurred when the autofill feature on his email program supplied the wrong address in place of that of the intended recipient. Conducting its analysis pursuant to Fed. R. Evid. 502, the court determined that privilege had not been waived.
While responding to an email from one of his attorneys, defendant Muhs sought to include his other attorneys in the communication. When typing the name of one such attorney, however, the autofill function in his email system supplied the address of a third party unrelated to the relevant litigation. Mr. Muhs failed to notice the error prior to sending his message. Upon receipt of the email, the third party forwarded the message, which was forwarded again, and was eventually sent to opposing counsel in Mr. Muhs’ ongoing litigation. Plaintiff’s counsel immediately notified defense counsel of his receipt of the privileged email, but refused to return it, arguing that FRCP 26(b)(5)(B) only applied to documents disclosed in discovery. Plaintiff then sought a protective order and attached the email as an exhibit. Defendants moved to exclude the email from evidence.
To Continue Reading: Click Here
-----------------------------------------------
Source: ediscoverylaw.com
When responding to an email communication from his attorney, defendant mistakenly sent his message to a third party. As a result, the email was eventually provided to opposing counsel in the litigation. Plaintiff’s counsel refused to return the email upon defense counsel’s request and filed a motion for a protective order to which the email was attached. Defendants then filed a motion to exclude plaintiff’s use of the email. Defendant David Muhs explained that the mistaken transmission occurred when the autofill feature on his email program supplied the wrong address in place of that of the intended recipient. Conducting its analysis pursuant to Fed. R. Evid. 502, the court determined that privilege had not been waived.
While responding to an email from one of his attorneys, defendant Muhs sought to include his other attorneys in the communication. When typing the name of one such attorney, however, the autofill function in his email system supplied the address of a third party unrelated to the relevant litigation. Mr. Muhs failed to notice the error prior to sending his message. Upon receipt of the email, the third party forwarded the message, which was forwarded again, and was eventually sent to opposing counsel in Mr. Muhs’ ongoing litigation. Plaintiff’s counsel immediately notified defense counsel of his receipt of the privileged email, but refused to return it, arguing that FRCP 26(b)(5)(B) only applied to documents disclosed in discovery. Plaintiff then sought a protective order and attached the email as an exhibit. Defendants moved to exclude the email from evidence.
To Continue Reading: Click Here
-----------------------------------------------
Source: ediscoverylaw.com
Google and the Privacy of the Cloud
There has been a bit of an uproar about a recent quote by Google CEO Eric Schmidt. While talking to CNBC, Schmidt remarked that, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. If you really need that kind of privacy, the reality is that search engines–including Google–do retain this information for some time and it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.”
Not surprisingly, the familiar pro-surveillance slogan of, “if you’ve got nothing to hide, you’ve got nothing to worry about,” raises the hackles of privacy advocates, and especially so coming this time from someone like Schmidt who has, theoretically at least, more access to users’ information than just about anybody else in the private sector. And Schmidt is not the first Silicon Valley executive to say disturbing things about privacy in the digital age, as the former Sun CEO ScottMcNealy once said, “You already have zero privacy. Get over it.” While not disagreeing with the current state of the situation, noted security expert BruceSchneier despairs of just this kind of attitude, that clashes so strongly with his own principle of how privacy corresponds with fundamental human rights, preserving internal domains from prying eyes, even if nothing nefarious is occurring.
To Continue Reading: Click Here
-----------------------------------------------
Source: zeropaid.com
By: Bruce Lidl
Not surprisingly, the familiar pro-surveillance slogan of, “if you’ve got nothing to hide, you’ve got nothing to worry about,” raises the hackles of privacy advocates, and especially so coming this time from someone like Schmidt who has, theoretically at least, more access to users’ information than just about anybody else in the private sector. And Schmidt is not the first Silicon Valley executive to say disturbing things about privacy in the digital age, as the former Sun CEO ScottMcNealy once said, “You already have zero privacy. Get over it.” While not disagreeing with the current state of the situation, noted security expert BruceSchneier despairs of just this kind of attitude, that clashes so strongly with his own principle of how privacy corresponds with fundamental human rights, preserving internal domains from prying eyes, even if nothing nefarious is occurring.
To Continue Reading: Click Here
-----------------------------------------------
Source: zeropaid.com
By: Bruce Lidl
GRC Roll Up: Technology Improvements, Impacts and Social Media Compliance
As we inch closer to 2010, resolutions and predictions for the New Year are not uncommon. Many companies are addressing hot topics with webinars or at conferences. Even the legal industry and the companies that serve them are making lists. Let’s take a look.
Three Legal Technology Trends That Will Impact Law Firms
Epiq Systems, providers of integrated eDiscovery software for those in the legal profession, think that technology developments will impact the way business is being done at law firms in the coming year.
Epiq is weary of in-house eDiscovery platforms, for though they may lower costs and save time, they may limit a firm’s ability to take advantage of continuing cost-saving improvements in technology. Taking a DIY approach is great for crafts, but not for eDiscovery.
In addition, in an effort to distinguish eDiscovery vendors in a growing industry, companies that use proprietary software will fare better in 2010. Because they will be able to better control ongoing investments in their technology they can leverage their product with cost-savings and time efficiencies, which will ring melodically in the ears of firms looking to buy.
To Continue Reading: Click Here
-----------------------------------------------
Source: cmswire.com
By: Marisa Peacock
Three Legal Technology Trends That Will Impact Law Firms
Epiq Systems, providers of integrated eDiscovery software for those in the legal profession, think that technology developments will impact the way business is being done at law firms in the coming year.
Epiq is weary of in-house eDiscovery platforms, for though they may lower costs and save time, they may limit a firm’s ability to take advantage of continuing cost-saving improvements in technology. Taking a DIY approach is great for crafts, but not for eDiscovery.
In addition, in an effort to distinguish eDiscovery vendors in a growing industry, companies that use proprietary software will fare better in 2010. Because they will be able to better control ongoing investments in their technology they can leverage their product with cost-savings and time efficiencies, which will ring melodically in the ears of firms looking to buy.
To Continue Reading: Click Here
-----------------------------------------------
Source: cmswire.com
By: Marisa Peacock
Cyber Crime Hits Businesses Through Social Media
As more organizations are realizing the value of social networks, online criminals are increasingly taking advantage of social-media networks to access and exploit businesses' vulnerabilities.
The complexity and variety of cyber-security threats are daunting, particularly due to the rapid rate at which new risks develop as well as the increasingly sophisticated methods of cyber criminals. Now, we can add the most popular social-networking Web sites to the ever-evolving means of cyber crime.
In its annual report on network security, Cisco Systems Inc. states that the impact of social media on network security "cannot be overstated."
Social media sites, particularly Facebook, experienced explosive growth in 2009, and adoption of such resources will likely continue to grow into 2010.
"It is now routine for workers of all generations to interact with colleagues, customers or partners using social networks that, a few years ago, would have been populated mostly by computer users in their teens and twenties," according to the report, released this week. "In addition, it is common for workers to blend business and personal communications on these social networks, further blurring the network perimeter."
Although some companies have adopted outright bans on the use of these sites in the workplace, the blurring of personal and business communications makes this strategy impractical.
Likewise, the Ponemon Institute, an information-security research center, believes that social networking can be valuable. It is "a useful and powerful tool for individuals and organizations who consider their strategic value and take thoughtful, necessary precautions to their use," Susan Jayson, executive director and cofounder of the Ponemon Institute, writes at her blog.
To Continue Reading: Click Here
-----------------------------------------------
Source: news.thomasnet.com
By: David R. Butcher
The complexity and variety of cyber-security threats are daunting, particularly due to the rapid rate at which new risks develop as well as the increasingly sophisticated methods of cyber criminals. Now, we can add the most popular social-networking Web sites to the ever-evolving means of cyber crime.
In its annual report on network security, Cisco Systems Inc. states that the impact of social media on network security "cannot be overstated."
Social media sites, particularly Facebook, experienced explosive growth in 2009, and adoption of such resources will likely continue to grow into 2010.
"It is now routine for workers of all generations to interact with colleagues, customers or partners using social networks that, a few years ago, would have been populated mostly by computer users in their teens and twenties," according to the report, released this week. "In addition, it is common for workers to blend business and personal communications on these social networks, further blurring the network perimeter."
Although some companies have adopted outright bans on the use of these sites in the workplace, the blurring of personal and business communications makes this strategy impractical.
Likewise, the Ponemon Institute, an information-security research center, believes that social networking can be valuable. It is "a useful and powerful tool for individuals and organizations who consider their strategic value and take thoughtful, necessary precautions to their use," Susan Jayson, executive director and cofounder of the Ponemon Institute, writes at her blog.
To Continue Reading: Click Here
-----------------------------------------------
Source: news.thomasnet.com
By: David R. Butcher
E-Discovery Case Analysis Shows No Tolerance for Failures
If there’s one things companies should takeaway from the flock of decisions related to electronic discovery issues in 2009, it’s that they won’t get a pass from the courts for e-discovery failures.
Among 108 significant opinions representing e-discovery rulings between Jan. 1 and Oct. 31, 2009, 39 percent addressed sanctions, 27 percent of cases addressed various production considerations, 12 percent of cases addressed privilege considerations and waivers and the same percentage addressed various procedural issues (such as searching protocol), according to an analysis by Kroll Ontrack.
"Courts are far less tolerant of corporations that make missteps and claim ignorance with respect to their duty to preserve and the cases reflect that,” says Regina Jytyla, managing staff attorney for Kroll Ontrack. “The lesson to be learned is that companies must work to put in place the proper safeguards to preserve evidence that may be responsive to litigation or regulatory requirements.”
Other issues addressed included cost considerations, computer forensics protocols and experts, preservation and spoliation issues (but not sanctions) and discoverability and admissibility issues.
Among the cases that addressed sanctions, two-thirds of sanctions involved preservation and spoliation issues, while roughly 17 percent involved production disputes and the same percentage involved other discovery abuses.
To Continue Reading: Click Here
-----------------------------------------------
Source: complianceweek.com
By: Melissa Klein Aguilar
Among 108 significant opinions representing e-discovery rulings between Jan. 1 and Oct. 31, 2009, 39 percent addressed sanctions, 27 percent of cases addressed various production considerations, 12 percent of cases addressed privilege considerations and waivers and the same percentage addressed various procedural issues (such as searching protocol), according to an analysis by Kroll Ontrack.
"Courts are far less tolerant of corporations that make missteps and claim ignorance with respect to their duty to preserve and the cases reflect that,” says Regina Jytyla, managing staff attorney for Kroll Ontrack. “The lesson to be learned is that companies must work to put in place the proper safeguards to preserve evidence that may be responsive to litigation or regulatory requirements.”
Other issues addressed included cost considerations, computer forensics protocols and experts, preservation and spoliation issues (but not sanctions) and discoverability and admissibility issues.
Among the cases that addressed sanctions, two-thirds of sanctions involved preservation and spoliation issues, while roughly 17 percent involved production disputes and the same percentage involved other discovery abuses.
To Continue Reading: Click Here
-----------------------------------------------
Source: complianceweek.com
By: Melissa Klein Aguilar
Thursday, December 10, 2009
Analysis: TSA document release show pitfalls of electronic redaction
TSA woes serve as reminder to companies that still make basic mistakes, analysts say
The inadvertent exposure of a sensitive Transportation Security Administration (TSA) security manual earlier this week serves as a sobering reminder to enterprises that often overlook pitfalls of electronic document redaction security, analysts said.
The lapse occurred when a contract employee posted an improperly redacted TSA Standard Operations Procedure manual on the publicly accessible Federal Business Opportunities Web site. The document was posted as part of a TSA contract solicitation bid and contained detailed information on the screening procedures and protocols used by a TSA officials at 450 U.S. airports.
The manual was discovered on Sunday by people at The Wandering Aramean blog, which recovered the redacted portions and sent the document to anti-secrecy site Cryptome.org. Though the TSA has insisted that the document was outdated, the incident has stirred widespread concern among lawmakers, with some calling the gaffe "shocking" and "reckless."
To Continue Reading: Click Here
-----------------------------------------------
Source: computerworld.com
By: Jaikumar Vijayan
The inadvertent exposure of a sensitive Transportation Security Administration (TSA) security manual earlier this week serves as a sobering reminder to enterprises that often overlook pitfalls of electronic document redaction security, analysts said.
The lapse occurred when a contract employee posted an improperly redacted TSA Standard Operations Procedure manual on the publicly accessible Federal Business Opportunities Web site. The document was posted as part of a TSA contract solicitation bid and contained detailed information on the screening procedures and protocols used by a TSA officials at 450 U.S. airports.
The manual was discovered on Sunday by people at The Wandering Aramean blog, which recovered the redacted portions and sent the document to anti-secrecy site Cryptome.org. Though the TSA has insisted that the document was outdated, the incident has stirred widespread concern among lawmakers, with some calling the gaffe "shocking" and "reckless."
To Continue Reading: Click Here
-----------------------------------------------
Source: computerworld.com
By: Jaikumar Vijayan
Why You Shouldn’t Take it Hard If a Judge Rejects Your Friend Request
We’re not sure how many judges out there are avid Facebook users. But those that are might want to think twice before hitting the “confirm” button on all those friend requests from lawyers in your districts. At least, we should add, in Florida.
Late last month, the Florida Judicial Ethics Advisory Committee issued an advisory opinion on the use of social networking sites by Florida judges. (Hat tip: Legal Profession Blog.)
This little rhetorical appears early in the opinion:
Whether a judge may add lawyers who may appear before the judge as “friends” on a social networking site, and permit such lawyers to add the judge as their “friend.”
ANSWER: No.
Interesting, no? When I first signed up for Facebook, back in the fall of 2007, “friending” someone seemed to equate to a sort of confirmation of a pre-existing friendship. But since then, it’s taken on a different meaning. I’ve friended friends, friends of friends, acquaintances, work colleagues, people who claim to know me, people from my past I barely remember, and people who probably requested my “friendship” completely by mistake or through some sort of elaborate spam ruse that I’m not smart enough to figure out. I routinely “confirm” them all. While I suspect that I’m a bit lazier managing my Facebook page than others, I also suspect there are others in my boat. Lots of others.
To Continue Reading: Click Here
-----------------------------------------------
Source: blogs.wsj.com
By: Ashby Jones
Late last month, the Florida Judicial Ethics Advisory Committee issued an advisory opinion on the use of social networking sites by Florida judges. (Hat tip: Legal Profession Blog.)
This little rhetorical appears early in the opinion:
Whether a judge may add lawyers who may appear before the judge as “friends” on a social networking site, and permit such lawyers to add the judge as their “friend.”
ANSWER: No.
Interesting, no? When I first signed up for Facebook, back in the fall of 2007, “friending” someone seemed to equate to a sort of confirmation of a pre-existing friendship. But since then, it’s taken on a different meaning. I’ve friended friends, friends of friends, acquaintances, work colleagues, people who claim to know me, people from my past I barely remember, and people who probably requested my “friendship” completely by mistake or through some sort of elaborate spam ruse that I’m not smart enough to figure out. I routinely “confirm” them all. While I suspect that I’m a bit lazier managing my Facebook page than others, I also suspect there are others in my boat. Lots of others.
To Continue Reading: Click Here
-----------------------------------------------
Source: blogs.wsj.com
By: Ashby Jones
Social Networks and Terms of Service Agreements. Read the Intellectual Property Clause Before Clicking Yes!
Every time we join a new social network, there is always a page or pop-up that requires us to read, acknowledge, and accept the network’s Terms of Service Agreement. Unfortunately, most of us never take the time to read the Terms of Service Agreement. As a result we agree to terms that we may not be comfortable with.
There are several key components of Terms of Service Agreements that all users of social networks should understand before joining a site. They are:
1. An outline the services provided.
2. An explanation of what type of content the user can download and share on the site.
3. A statement regarding who owns content provided by the user on the site.
4. An outline of the required conduct of users of the site.
5. A requirement that users comply with applicable laws and regulations.
To Continue Reading: Click Here
-----------------------------------------------
Source: blackweb20.com
By: Latoicha Givens
There are several key components of Terms of Service Agreements that all users of social networks should understand before joining a site. They are:
1. An outline the services provided.
2. An explanation of what type of content the user can download and share on the site.
3. A statement regarding who owns content provided by the user on the site.
4. An outline of the required conduct of users of the site.
5. A requirement that users comply with applicable laws and regulations.
To Continue Reading: Click Here
-----------------------------------------------
Source: blackweb20.com
By: Latoicha Givens
Wednesday, December 09, 2009
Supreme Court Rejects Early Appeals of Attorney-Client Privilege Determinations
Federal court orders requiring litigants to disclose information that they believe is protected by the attorney-client privilege do not qualify for immediate appeal, the U.S. Supreme Court ruled Tuesday.
In her first opinion since joining the Court, Justice Sonia Sotomayor wrote that permitting successive, piecemeal appeals of all adverse attorney-client privilege rulings "would unduly delay the resolution of district court litigation and needlessly burden the Courts of Appeals."
The Court's unanimous ruling in Mohawk Industries v. Carpenter (pdf) stemmed from a suit filed in 2007 by Norman Carpenter, a former shift supervisor at Mohawk, who claimed he was fired by the Georgia-based flooring company in violation of state and federal laws because he complained to company officials that several temporary workers were illegal aliens.
At the time of Carpenter's complaint, Mohawk was the defendant in a class action charging the company with hiring undocumented workers in order to drive down wages of its legal employees. After Carpenter made his complaint, Mohawk directed him to speak with the company's retained counsel in the class action. That lawyer allegedly pressured Carpenter to recant his statements. When he refused, Carpenter alleges, Mohawk fired him.
In his employment suit, Carpenter sought to compel Mohawk to produce information about his meeting with retained counsel and the firing decision. Mohawk argued that the information was protected by attorney-client privilege.
The district court concluded that Mohawk had waived the privilege because of representations in the class action. Mohawk appealed under the so-called collateral order doctrine, but the 11th U.S. Circuit Court of Appeals held that the district court's order did not qualify.
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Marcia Coyle
In her first opinion since joining the Court, Justice Sonia Sotomayor wrote that permitting successive, piecemeal appeals of all adverse attorney-client privilege rulings "would unduly delay the resolution of district court litigation and needlessly burden the Courts of Appeals."
The Court's unanimous ruling in Mohawk Industries v. Carpenter (pdf) stemmed from a suit filed in 2007 by Norman Carpenter, a former shift supervisor at Mohawk, who claimed he was fired by the Georgia-based flooring company in violation of state and federal laws because he complained to company officials that several temporary workers were illegal aliens.
At the time of Carpenter's complaint, Mohawk was the defendant in a class action charging the company with hiring undocumented workers in order to drive down wages of its legal employees. After Carpenter made his complaint, Mohawk directed him to speak with the company's retained counsel in the class action. That lawyer allegedly pressured Carpenter to recant his statements. When he refused, Carpenter alleges, Mohawk fired him.
In his employment suit, Carpenter sought to compel Mohawk to produce information about his meeting with retained counsel and the firing decision. Mohawk argued that the information was protected by attorney-client privilege.
The district court concluded that Mohawk had waived the privilege because of representations in the class action. Mohawk appealed under the so-called collateral order doctrine, but the 11th U.S. Circuit Court of Appeals held that the district court's order did not qualify.
To Continue Reading: Click Here
-----------------------------------------------
Source: law.com
By: Marcia Coyle
Palm sured over Pre data loss
Palm and US mobile network provider Sprint are facing legal action from a single user who claims that the two companies are responsible for the loss of personal data from his Palm Pre.
Palm faced a backlash in November after it admitted a small group of Pre users had been experiencing problems with their cloud computing-based back-up system, called the Palm Profile.
Users were apparently unable to transfer their personal data, including contacts and memos. The data had been stored on one Palm device running the webOS platform and was supposed to be transferred to another Pre.
The Palm Profile service relies entirely on a remote back-up system which runs daily to ensure that data is protected. There is no option for users to back-up their data to a local PC.
The lawsuit has been filed by Jason Standiford of San Francisco, California. Mr Standiford claims that he returned his Pre to a Sprint outlet store due to a defect and expected to have a working device returned to him, complete with all of his backed-up contacts.
Mr Standiford claims that the replacement Pre that he synchronised with his Palm Profile could only retrieve four contacts in total, effectively erasing the hundreds that he had previously stored on his faulty device. Memos and bookmarks were also all but gone, he has state
To Continue Reading: Click Here
-----------------------------------------------
Source: top10.co.uk
By: Matt Dixon
Palm faced a backlash in November after it admitted a small group of Pre users had been experiencing problems with their cloud computing-based back-up system, called the Palm Profile.
Users were apparently unable to transfer their personal data, including contacts and memos. The data had been stored on one Palm device running the webOS platform and was supposed to be transferred to another Pre.
The Palm Profile service relies entirely on a remote back-up system which runs daily to ensure that data is protected. There is no option for users to back-up their data to a local PC.
The lawsuit has been filed by Jason Standiford of San Francisco, California. Mr Standiford claims that he returned his Pre to a Sprint outlet store due to a defect and expected to have a working device returned to him, complete with all of his backed-up contacts.
Mr Standiford claims that the replacement Pre that he synchronised with his Palm Profile could only retrieve four contacts in total, effectively erasing the hundreds that he had previously stored on his faulty device. Memos and bookmarks were also all but gone, he has state
To Continue Reading: Click Here
-----------------------------------------------
Source: top10.co.uk
By: Matt Dixon
Subscribe to:
Posts (Atom)
