Close
Enter your
text here

eDiscoveryDaily

Here is Where You Can Catch Last Week’s ACEDS Webinar: eDiscovery Trends

Our webinar panel discussion conducted by ACEDS last week was highly attended, well reviewed and generated some interesting discussion (more on that soon).  Were you unable to attend last week’s webinar?  Good news, we have it for you here, on demand, whenever you want to check it out.

The webinar panel discussion, titled How Automation is Revolutionizing eDiscovery was sponsored by CloudNine.  Our panel discussion provided an overview of eDiscovery automation technologies and we took a hard look at the technology and definition of TAR and potential limitations associated with both.  Mary Mack, Executive Director of ACEDS moderated the discussion and I was one of the panelists, along with Bill Dimm, CEO of Hot Neuron and Bill Speros, Evidence Consulting Attorney with Speros & Associates, LLC.

Thanks to our friends at ACEDS for presenting the webinar and to Bill Dimm and Bill Speros for participating in an interesting and thought-provoking discussion.  Hope you enjoy the presentation!

So, what do you think?  Do you think automation is revolutionizing eDiscovery?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Happy Anniversary to my wife (and the love of my life), Paige!  I’m very lucky to be married to such a wonderful woman!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Daily Has a New Look!: eDiscovery Redesign

If you’ve been reading our blog the past couple of days, you may have noticed that our blog has a new look.

After nearly 6 years and over 1,450 posts, we decided it’s time to freshen our look.  So, our new site has a fresher look, larger fonts for easier reading of the posts, even easier to read than our last redesign back in January 2015.  We hope you like it!

Though we’ve updated the look, we’ve maintained the overall functionality within the blog to preserve the easy ability to look up topics by category or by month and we’ve preserved the search box to enable you to search for any topic you desire to find.  Most importantly, we’ve preserved the entire catalog of posts so that the entire knowledge base that we have built over the last 5 years, 10 months and 25 days (but who’s counting) is still available.  It’s all still there for you, including the almost 500 eDiscovery case law posts covering over 330 cases.

Naturally, when you migrate posts and change layouts, there are going to be a few hiccups.  So, if you see a page that has formatting issues, missing images or get an error when trying to navigate to a particular page, please feel free to drop me a line at daustin@cloudnine.com and let me know about it.  I would appreciate it.

By the way, this redesign is part of a larger redesign of our overall company site at CloudNine to better align our message with the offerings we provide (don’t worry, those haven’t changed).  We’ve redesigned our site to make it easier to get information about us, with a lot more information accessible from the main page.  So, whether you want to understand what we do, understand the professional services we provide, get a sense of some of the clients we’ve assisted and supported, find out about our news and events, find out what clients are saying to us or get to our blog (obviously!), you can get that information from the main page.  Of course, you can also get a free trial of our software.  Navigation to other areas is more intuitive as well.

Even our default domain has changed!  Our new site is cloudnine.com/ – we’re The eDiscovery Automation Company! (our old url – www.cloudnincloudnine.comm – still works too).  And, it looks sharp!  (at least we think so…)

A lot of hard work has gone into the site over the past several months from strategic planning to design to creating a pilot site for demonstration at the ACEDS conference this year to actual development of the new site.  Thanks to all who helped make this site happen and provided feedback along the way, from media members to clients, friends and other advocates.  We also want to thank industry analysts like Gartner, Blue Hill Research, Inside Counsel, 451 Research and KM World for their coverage this year as well – we really appreciate it!

So, what do you think?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thanks to EDRM, There Will Be a Way to Assess the Data Security of Your Providers: eDiscovery Best Practices

Do you ever wonder or worry about how securely your providers and partners handle your sensitive data during the discovery process?  Then, this latest project from EDRM will help address those worries.

As they announced earlier this week, EDRM has established a new project to develop and provide a security survey. A team of experienced and qualified EDRM members will be working to develop and publish a “straightforward and easy tool for evaluating the security capabilities of corporations, law firms, cloud providers and third parties offering electronic discovery or managed services”.

The goal of the security survey project is to provide organizations with an overview of the critical questions to ask when assessing the data security of an eDiscovery vendor or partner. The overview includes specific sections on risk management, asset security, communications and networking security and identity and access management. The evaluation allows the assessor to determine the level of risk the organization may be assuming by engaging the vendor or partner and to make suggestions to improve security practices and enhance the service provided.

Once created, the security survey will be intended to evaluate an organization’s data security and practices, allowing potential customers to assess the risk of entrusting their sensitive data to the vendor. The tool will also be able to be used to assess data protection from destruction or unauthorized access, as well as to assure regulatory compliance with data-related legislation such as HIPAA, the Sarbanes-Oxley Act and security breach notification laws.

Project leads for this new EDRM project are Julie Hackler, regional sales manager at Avansic, and Amy Sellars, senior litigation attorney with The Williams Companies. As you can guess, project deliverables are in the development stage. If you’re a professional in eDiscovery, data management or security and interested in joining and contributing to the project, you can direct questions or volunteer interest by email to Tom Gelbmann: mail@edrm.net.

So, what do you think?  Do you worry about how securely your providers and partners handle your sensitive data during the discovery process?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Don’t Miss Today’s Webinar – How Automation is Revolutionizing eDiscovery!: eDiscovery Trends

Today is your chance to catch a terrific discussion about automation in eDiscovery and, particularly an in-depth discussion about technology assisted review (TAR) and whether it lives up to the current hype!

Today, ACEDS will be conducting a webinar panel discussion, titled How Automation is Revolutionizing eDiscovery, sponsored by CloudNine.  Our panel discussion will provide an overview of the eDiscovery automation technologies and we will really take a hard look at the technology and definition of TAR and the limitations associated with both.  This time, Mary Mack, Executive Director of ACEDS will be moderating and I will be one of the panelists, along with Bill Dimm, CEO of Hot Neuron and Bill Speros, Evidence Consulting Attorney with Speros & Associates, LLC.

The webinar will be conducted at 1:00 pm ET (which is 12:00 pm CT, 11:00 am MT and 10:00 am PT).  Oh, and 5:00 pm GMT (Greenwich Mean Time).  If you’re in any other time zone, you’ll have to figure it out for yourself.  Click on the link here to register.

If you’re interested in learning about various ways in which automation is being used in eDiscovery and getting a chance to look at the current state of TAR, possible warts and all, I encourage you to sign up and attend.  It should be an enjoyable and educational hour.  Thanks to our friends at ACEDS for presenting today’s webinar!

So, what do you think?  Do you think automation is revolutionizing eDiscovery?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

English Court Rules that Respondents Can Use Predictive Coding in Contested Case: eDiscovery Case Law

In Brown v BCA Trading, et. al. [2016] EWHC 1464 (Ch), Mr. Registrar Jones ruled that, with “nothing, as yet, to suggest that predictive coding will not be able to identify the documents which would otherwise be identified through, for example, keyword search”, “predictive coding must be the way forward” in this dispute between parties as to whether the Respondents could use predictive coding to respond to eDisclosure requests.

The May 17 order began by noting that “the question whether or not electronic disclosure by the Respondents should be provided, as they ask, using predictive coding or via a more traditional keyword approach instead” was “contested”.  With the “majority of the documents that may be relevant for the purposes of trial…in the hands of the First Respondent”, the order noted that fact is “relevant to take into account when considering the Respondents’ assertion, presented from their own view and on advice received professionally, that they think predictive coding will be the most reasonable and proportionate method of disclosure.”  The cost for predictive coding was estimated “in the region of £132,000” whereas the costs for a key word search approach was estimated to be “at least £250,000” and could “even reach £338,000 on a worst case scenario” (emphasis added).  In the order, it was acknowledged that the cost “is relevant and persuasive only to the extent that predictive coding will be effective and achieve the disclosure required.”

With that in mind, Mr. Registrar Jones stated the following: “I reach the conclusion based on cost that predictive coding must be the way forward. There is nothing, as yet, to suggest that predictive coding will not be able to identify the documents which would otherwise be identified through, for example, keyword search and, more importantly, with the full cost of employees/agents having to carry out extensive investigations as to whether documents should be disclosed or not. It appears from the information received from the Respondents that predictive coding will be considerably cheaper than key word disclosure.”

The order also referenced the ten factors set out by Master Matthews in the Pyrrho Investments case (the first case in England to approve predictive coding) to help determine that predictive coding was appropriate for that case, with essentially all factors applying to this case as well, except for factor 10 (the parties have agreed on the use of the software, and also how to use it).

So, what do you think?  Do you think parties should always have the right to use predictive coding to support their production efforts absence strong evidence that it is not as effective as other means?  Please share any comments you might have or if you’d like to know more about a particular topic.

For more reading about this case, check out Chris Dale’s post here and Adam Kuhn’s post here.

Don’t forget that tomorrow at 1:00pm ET, ACEDS will be conducting a webinar panel discussion, titled How Automation is Revolutionizing eDiscovery, sponsored by CloudNine.  Our panel discussion will provide an overview of the eDiscovery automation technologies and we will really take a hard look at the technology and definition of TAR and the limitations associated with both.  This time, Mary Mack, Executive Director of ACEDS will be moderating and I will be one of the panelists, along with Bill Dimm, CEO of Hot Neuron and Bill Speros, Evidence Consulting Attorney with Speros & Associates, LLC.  Click on the link here to register.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests

Judge Peck Refuses to Order Defendant to Use Technology Assisted Review: eDiscovery Case Law

We’re beginning to see more disputes between parties regarding the use of technology assisted review (TAR) in discovery.  Usually in these disputes, one party wants to use TAR and the other party objects.  In this case, the dispute was a bit different…

In Hyles v. New York City, No. 10 Civ. 3119 (AT)(AJP) (S.D.N.Y. Aug. 1, 2016), New York Magistrate Judge Andrew J. Peck, indicating that the key issue before the court in the discovery dispute between parties was whether (at the plaintiff’s request) the defendants can be forced to use technology assisted review, refused to force the defendant to do so, stating “The short answer is a decisive ‘NO.’”

Case Background

In this discrimination case by a former employee of the defendant, after several delays in discovery, the parties had several discovery disputes.  They filed a joint letter with the court, seeking rulings as to the proper scope of ESI discovery (mostly issues as to custodians and date range) and search methodology – whether to use keywords (which the defendants wanted to do) or TAR (which the plaintiff wanted the defendant to do).

With regard to date range, the parties agreed to a start date for discovery of September 1, 2005 but disagreed on the end date.  In the discovery conference held on July 27, 2016, Judge Peck ruled on a date in between what the plaintiff and defendants – April 30, 2010, without prejudice to the plaintiff seeking documents or ESI from a later period, if justified, on a more targeted inquiry basis.  As to custodians, the City agreed to search the files of nine custodians, but not six additional custodians that the plaintiff requested.  The Court ruled that discovery should be staged, by starting with the agreed upon nine custodians. After reviewing the production from the nine custodians, if the plaintiff could demonstrate that other custodians had relevant, unique and proportional ESI, the Court would consider targeted searches from those custodians.

After the parties had initial discussions about the City using keywords, the plaintiff’s counsel consulted an ediscovery vendor and proposed that the defendants should use TAR as a “more cost-effective and efficient method of obtaining ESI from Defendants.”  The defendants declined, both because of cost and concerns that the parties, based on their history of scope negotiations, would not be able to collaborate to develop the seed set for a TAR process.

Judge’s Ruling

Judge Peck noted that “Hyles absolutely is correct that in general, TAR is cheaper, more efficient and superior to keyword searching” and referenced his “seminal” DaSilva Moore decision and also his 2015 Rio Tinto decision where he wrote that “the case law has developed to the point that it is now black letter law that where the producing party wants to utilize TAR for document review, courts will permit it.”  Judge Peck also noted that “Hyles’ counsel is correct that parties should cooperate in discovery”, but stated that “[c]ooperation principles, however, do not give the requesting party, or the Court, the power to force cooperation or to force the responding party to use TAR.”

Judge Peck, while acknowledging that he is “a judicial advocate for the use of TAR in appropriate cases”, also noted that he is also “a firm believer in the Sedona Principles, particularly Principle 6, which clearly provides that:

Responding parties are best situated to evaluate the procedures, methodologies, and technologies appropriate for preserving and producing their own electronically stored information.”

Judge Peck went on to state: “Under Sedona Principle 6, the City as the responding party is best situated to decide how to search for and produce ESI responsive to Hyles’ document requests. Hyles’ counsel candidly admitted at the conference that they have no authority to support their request to force the City to use TAR. The City can use the search method of its choice. If Hyles later demonstrates deficiencies in the City’s production, the City may have to re-do its search.  But that is not a basis for Court intervention at this stage of the case.”  As a result, Judge Peck denied the plaintiff’s application to force the defendants to use TAR.

So, what do you think?  Are you surprised by that ruling?  Please share any comments you might have or if you’d like to know more about a particular topic.

Don’t forget that next Wednesday at 1:00pm ET, ACEDS will be conducting a webinar panel discussion, titled How Automation is Revolutionizing eDiscovery, sponsored by CloudNine.  Our panel discussion will provide an overview of the eDiscovery automation technologies and we will really take a hard look at the technology and definition of TAR and the limitations associated with both.  This time, Mary Mack, Executive Director of ACEDS will be moderating and I will be one of the panelists, along with Bill Dimm, CEO of Hot Neuron and Bill Speros, Evidence Consulting Attorney with Speros & Associates, LLC.  Click on the link here to register.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests

Court Compels Plaintiff to Provide Social Media Account and Activity Data: eDiscovery Case Law

In Waters v. Union Pacific Railroad Co., No. 15-1287-EFM-KGG (D. Kan. June 21, 2016), Kansas Magistrate Judge Kenneth G. Gale granted the defendant’s motion to compel the plaintiff to produce account information associated with his social media accounts as well as postings from the dates he missed work in conjunction with his injury claims against the defendant.  Judge Gale also granted most of the components of the plaintiff’s motion to compel against the defendant for various discovery requests.

Case Background

In this personal injury case against the plaintiff’s former employer, both parties filed motions to compel against the other.  The defendant asked for the plaintiff to list the names/account names “associated with [his] Facebook and Twitter accounts” and also initially asked for a broad category of information relating to the plaintiff’s social media presence.  After the plaintiff objected, the parties conferred and the defendant limited the scope of its requests to “all social network postings, messages, and photographs that he sent or received” on the work dates he claims he missed as a result of his injuries.  The plaintiff argued that the defendant’s requests for social media data were overly broad, irrelevant, and not proportional to needs of the case.

The plaintiff’s motion to compel related to discovery requests regarding prior injuries suffered by the defendant’s employees, notifications regarding defects or hazards on the defendant’s locomotives, prior notification of safety hazards or injuries relating to water on walkways, statements regarding the plaintiff’s claims, photos of the locomotive in question, and inspection and maintenance reports for the subject locomotive.  The defendant logged various objections to those requests.

Judge’s Ruling

In addressing the defendant’s motion to compel, Judge Gale stated:

“The Court finds that Defendant’s requests are relevant on their face. As stated above, unless a request is improper on its face, ‘the party asserting the objection has the duty to support its objections.’  Plaintiff has failed in this regard. To the contrary, the Court finds that the requests are highly relevant on their face as they seek evidence which could be germane to the extent of Plaintiff’s injuries and damages and state of mind.

Plaintiff has also failed to establish the overbreadth of Defendant’s requests. Following attempts to confer with Plaintiff, Defendant willingly narrowed the scope of the requests at issue. The Court does not agree that the access Defendant seeks to Plaintiff’s social media postings and messages is ‘unfettered’ when Defendant has limited the temporal (i.e. days Plaintiff missed work) and/or substantive subject matter scope of the requests”.

As a result, Judge Gale granted the defendant’s motion to compel.

Not all news was bad for the plaintiff; however, as Judge Gale granted his motion to compel regarding prior injuries and notifications, statements regarding the plaintiff’s claims and inspection and maintenance reports for the subject locomotive.  Only the plaintiff’s request for photos of the locomotive in question was denied.

So, what do you think?  Was the scope of the defendant’s request appropriate or was it overbroad?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

ACEDS Adds its Weight to the eDiscovery Business Confidence Survey: eDiscovery Trends

We’ve covered two rounds of the quarterly eDiscovery Business Confidence Survey created by Rob Robinson and conducted on his terrific Complex Discovery site (previous results are here and here).  It’s time for the Summer 2016 Survey.  Befitting of the season, the survey has a HOT new affiliation with the Association of Certified eDiscovery Specialists (ACEDS).

As before, the eDiscovery Business Confidence Survey is a non-scientific survey designed to provide insight into the business confidence level of individuals working in the eDiscovery ecosystem. The term ‘business’ represents the economic factors that impact the creation, delivery, and consumption of eDiscovery products and services.  The purpose of the survey is to provide a subjective baseline for understanding the trajectory of the business of eDiscovery through the eyes of industry professionals.

Also as before, the survey asks questions related to how you rate general business conditions for eDiscovery in your segment of the eDiscovery market, both current and six months from now, a general sense of where you think revenue and profits will be for your segment of the market in six months and which issue do you think will most impact the business of eDiscovery over the next six months, among other questions.  It’s a simple nine question survey that literally takes about a minute to complete.  Who hasn’t got a minute to provide useful information?

Individual answers are kept confidential, with the aggregate results to be published on the ACEDS website (News & Press), on the Complex Discovery blog, and on selected ACEDS Affiliate websites and blogs (we’re one of those and we’ll cover the results as we have for the first two surveys) upon completion of the response period, which started on August 1 and goes through Wednesday, August 31.

What are experts saying about the survey?  Here are a couple of notable quotes:

Mary Mack, Executive Director of ACEDS stated: “The business of eDiscovery is an ever-present and important variable in the equation of legal discovery.  As financial factors are a primary driver in eDiscovery decisions ranging from sourcing and staffing to development and deployment, ACEDS sees value in regularly checking the business pulse of eDiscovery professionals. The eDiscovery Business Confidence Survey provides a tool to help take that pulse on a systematic basis and ACEDS looks forward to sponsoring, participating, and reporting on the results of this salient survey each quarter.”

George Socha, Co-Founder of EDRM and Managing Director of Thought Leadership of BDO stated: “In my experience, the successful conduct of eDiscovery is comprised of a balance of in-depth education, practical execution, and experience-based excellence.  The eDiscovery Business Confidence survey being highlighted by ACEDS is one of many industry surveys that positively contributes to this balance, as it provides a quarterly snapshot into the business of discovery. I highly encourage serious eDiscovery professionals to complete and consider this survey as a key tool for understanding the business challenges and opportunities in our profession.”

The more respondents there are, the more useful the results will be!  What more do you need?  Click here to take the survey yourself.  Don’t forget!

So, what do you think?  Are you confident in the state of business within the eDiscovery industry?  Share your thoughts in the survey and, as always, please share any comments you might have with us or let us know if you’d like to know more about a particular topic.

Don’t forget that next Wednesday at 1:00pm ET, ACEDS will be conducting a webinar panel discussion, titled How Automation is Revolutionizing eDiscovery, sponsored by CloudNine.  Our panel discussion will provide an overview of the eDiscovery automation technologies and we will really take a hard look at the technology and definition of TAR and the limitations associated with both.  This time, Mary Mack, Executive Director of ACEDS will be moderating and I will be one of the panelists, along with Bill Dimm, CEO of Hot Neuron and Bill Speros, Evidence Consulting Attorney with Speros & Associates, LLC.  Click on the link here to register.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

How Automation is Revolutionizing eDiscovery: eDiscovery Trends

I thought about titling this post “Less Than Half of Automation is Revolutionizing eDiscovery” to keep the streak alive, but (alas) all good streaks must come to an end… :o)

If you missed our panel session last month in New York City at The Masters Conference, you missed a terrific discussion about automation in eDiscovery and, particularly an in-depth discussion about technology assisted review (TAR) and whether it lives up to the current hype.  Now, you get another chance to check it out, thanks to ACEDS.

Next Wednesday, ACEDS will be conducting a webinar panel discussion, titled How Automation is Revolutionizing eDiscovery, sponsored by CloudNine.  Our panel discussion will provide an overview of the eDiscovery automation technologies and we will really take a hard look at the technology and definition of TAR and the limitations associated with both.  This time, Mary Mack, Executive Director of ACEDS will be moderating and I will be one of the panelists, along with Bill Dimm, CEO of Hot Neuron and Bill Speros, Evidence Consulting Attorney with Speros & Associates, LLC.

The webinar will be conducted at 1:00 pm ET (which is 12:00 pm CT, 11:00 am MT and 10:00 am PT).  Oh, and 5:00 pm GMT (Greenwich Mean Time).  If you’re in any other time zone, you’ll have to figure it out for yourself.  Click on the link here to register.

If you’re interested in learning about various ways in which automation is being used in eDiscovery and getting a chance to look at the current state of TAR, possible warts and all, I encourage you to sign up and attend.  It should be an enjoyable and educational hour.  Thanks to our friends at ACEDS for conducting the session!

So, what do you think?  Do you think automation is revolutionizing eDiscovery?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Less Than Half of Cloud Users Have a Proactive Approach to Security: eDiscovery Trends

How many blog posts in a row can start with the phrase “less than half”?  At least two… :o)

We’ve covered the growth of cloud adoption several times, especially in eDiscovery, including here and here.  However, according to a new survey from Ponemon, organizations apparently aren’t adopting appropriate governance and security measures to protect sensitive data in the cloud.

In the article Ponemon: Cloud Adoption Grows as Security Lags (written by Tara Seals), 73% of respondents to the survey indicated that cloud-based services and platforms are important to their organization’s operations, and 81% of respondents said they will be more so over the next two years.  Not only that, but 36% of respondents said their companies’ total IT and data processing needs were met using cloud resources today and that number is expected to rise to 45% over the next two years!

Unfortunately, 54% of the respondents said their companies do not have a proactive approach to managing security and complying with privacy and data protection regulations in cloud environments, indicating that their organizations are not careful about sharing sensitive information in the cloud with third parties such as business partners, contractors and vendors.  Challenges identified by survey respondents include:

  • Difficulty in controlling or restricting end-user access, which increased from 48% in 2014 to 53% of respondents in 2016;
  • Inability to apply conventional information security in cloud environments (70% of respondents);
  • Inability to directly inspect cloud providers for security compliance (69% of respondents);
  • Shadow IT is also a problem – nearly half (49%) of cloud services are deployed by departments other than corporate IT and an average of 47% of corporate data stored in cloud environments is not managed or controlled by the IT department.

“Cloud security continues to be a challenge for companies, especially in dealing with the complexity of privacy and data protection regulations,” said Larry Ponemon, chairman and founder, Ponemon Institute.

At least there is intent: 65% of respondents said their organizations are committed to protecting confidential or sensitive information in the cloud.

This isn’t the first study we’ve covered by the Ponemon Institute – click here and here for others.  Go Ponemon Go! (see what I did there?)… :o)

By the way, not all cloud solutions are created equal when it comes to security.  Here’s how we do it.

So, what do you think?  How does your organization handle security for cloud based solutions?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.