by John Burchfield
When we are tasked with analysis of highly sensitive materials from some of the most regulated industries in the country, strong security is absolutely essential.
Before you choose an eDiscovery partner for your next case, be sure to ask these five questions about the company’s protocols and compliance with ISO 17799 standards to ensure that its people, technology and facilities are capable of protecting your most sensitive data.
1. What are the standards for maintaining custody records?
An eDiscovery company is responsible for maintaining comprehensive and detailed chain of custody records. Media should be tracked from the initial collection and custodian, alleviating any question about evidence alteration.
Physical media should be bar-coded and labeled, and kept in a secure data and storage facility.
2. Do you have a highly secure facility that stores all data?
All company data and critical systems should be constantly backed up to a highly secure co-location facility in order to mitigate any problems, loss of time or loss of data should servers go offline for any reason.
Ask about the security measures at the facility, such as 24/7/365 security guards, visitor escorts, night-vision video cameras, biometric locks and battery backups.
3. How current are the technologies being used?
eDiscovery is a technology-driven industry, and keeping up with the latest technology to provide the best solutions to clients is important. New tools are constantly replacing the status quo and a company must be able to offer the best technology.
Some technology security measures to look for include:
- Kaseya IT monitoring
- GFI Events Manager for log monitoring, management and archiving
- Tenable Nessus for network security
- Symantec Backup Exec
- Trend Micro Officescan Security for guarding against viruses and spyware
- Kerberos Active Directory Authentication for users
- Clustered VMWare
- Image-based OS-level back ups
- IT software license management
- Data encryption in place for all critical systems
- An SSL VPN is required for remote access to systems
- Cryptographic keys are stored on a protected file share system
- Data egress controls and network monitoring protect against information leakage
All of these systems and protocols should be regularly audited and reviewed by management, and company laptops, tablets and phones should be able to be blanked remotely.
4. How reliable is your staff?
Does the company rigorously screen employees so that you can trust your data will be safe? Make sure the staff has undergone background checks and is periodically reviewed and audited.
All employees should also sign written policies that govern data handling, employee conduct, confidentiality and information security awareness, education and training.
Employee use of Internet resources and outside hardware, such as smart phones and laptops, should be limited and monitored.
5. Will my data be accessible should your servers go offline for any reason?
The continuity of your business during an emergency should be a high priority. Should the servers go offline for any reason, your data should be backed up to a secure co-location facility, as previously stated in No. 2.
Are there protocols in place to allow technicians to work remotely if the headquarters become inaccessible? How long will it take to transfer systems and data back to headquarters once the problem is solved? Has the company ever lost data due to an outside cyberattack?
DSi has implemented all of these physical and technical security measures and more to prevent unauthorized access to critical information, protect the integrity of data and hardware and ensure information and systems are available at all times.
Photo Credit: Scott Schiller