Data breaches are on the rise, with more than 300 identified breaches this year, according to the Privacy Rights Clearinghouse. The breaches are evenly split between hackers and malware, experts say; 90 percent are targeted at databases that may contain caches of valuable data, reports USA Today's Technology Live. The good news: Most breaches could have been avoided with good security practices.
But these breaches raise issues for electronic data discovery, particularly for practitioners who use web-based ("cloud") review services. Care must be taken when evaluating and choosing vendors to be sure data is protected throughout the EDD process. When sensitive intellectual property leaves the firewall of an organization, corporate legal has both an ethical and legal obligation to zealously protect client confidences and secrets. This can be a daunting task -- security risk points include the cloud storage server, review workstations, the pipeline between the review workstation, and the servers -- and access control and security credentials of employees and reviewers.
For starters, thoroughly review the security protocols that are used to determine access rights and the credentials of all personnel who will be exposed to sensitive data. Many recent security incidences involved use of weak or stolen credentials or passwords, so require that systems have limited logon attempts, and that they hide access credentials. Consider also requiring two-factor authentication.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Albert Barsocchini
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment