Go Ahead, Be Obscene in that Teams Meeting

The Obscenity list was one of the first automatic classification lists my team built into our Summation databases back in the bad old Enron days. We were one of the first defendants forced to search and review native raw email from the Exchange journal. Energy traders had filthy mouths and it was an easy way to spot heightened emotions. We also learned to route [...]

Teams Workspace Hubs = ESI Evolution

Microsoft and Google are busy re-inventing how knowledge workers collaborate. Many of us have stumbled onto complex sets of interdependent Excel workbooks being shared by accounting, sales and other teams. With good chain-of-custody procedures, I have reconfigured environments so that counsel or experts could manually review these ‘semi-structured’ file sets to extract potentially relevant snapshots. The breadth of sources simultaneously touched by Teams and [...]

Teams Collections Complications – MC261534

M365 Teams collections are already challenging corporate eDiscovery and provider teams with hidden SharePoint and OneDrive sites. Today’s Major Change Update Notification (MC261534 - reproduced at end for non-admins) covers the June-July roll out of Roadmap ID 81945 that dramatically expands custodian’s ability to associate existing/other Teams sites and automatically create private channel sites. More importantly, non-admin custodians are losing the ability to manually [...]

M365 Advanced eDiscovery Spring Update

Microsoft’s Information & Protection teams are rolling out Advanced eDiscovery(AED) updates at a remarkable rate. The product team’s April 7th webinar and presentation deck has not yet been published, but I wanted to share some perspectives on how these updates may impact AED users. The pandemic has driven E5 license upgrades and features to support remote employees, which makes AED usage more practical for [...]

Aryaka Global WAN Report Take-Aways

What can a 1,350 global enterprise survey tell us about the evolving composition and location of ESI? Although Araka’s fifth annual survey is focused on WAN and security infrastructure, it contains nuggets with eDiscovery impact. Over 80% of respondents expect more than 25% of workers to remain remote, confirming that the hybrid work environment is here to stay. 46% of respondents have deployed over [...]

By |2021-03-23T15:30:21-05:00March 23rd, 2021|Essay, Global, ESI Sources, Architecture|0 Comments

M365 AED Collections – Not Actually Collected

The latest update to the M365 Advanced eDiscovery console is on their way to your or your client’s tenant. While this change seems to be primarily cosmetic (renaming Searches to Collections tab), there are some important things going on under the surface. In my recent blog on Handling M365 Unindexed Content I explained how AED automatically processes and reindexes partially or unindexed items placed [...]

eDJ Brief: ZyLab ONE

Slowly but surely I am resuming regular briefings with providers. I remember when ZyLab first jumped into the US eDiscovery market with their hybrid archive/investigation tool. Thanks to Scott Hunter for walking me through their most recent release. In my not-always humble opinion, ZyLab always reminded me of Nuix. An innovative, independent architecture paired with a techie GUI that lagged the US market leader’s [...]

Enterprise Classification – Minimizing the Impact of Data Breaches

Typical Response Tasks ·   Preservation ·   Forensics ·   Log analysis ·   Malware reverse engineering ·   Surveillance ·   Remediation ·   Endpoint detection & response ·   Exfiltration – eDiscovery ·   Physical security ·   Regulatory compliance ·   Consumer notification ·   Legal response ·   Law enforcement liaison The latest Microsoft Exchange breach moved downstream to 60,000+ SMB victims from the Solar Wind’s hack that targeted Microsoft and government [...]

Handling M365 AED Unindexed Content

A question to the eDiscovery Facebook group asked how others were handling the unindexed items reported in M365 core and AED searches. If you have not run M365 eDiscovery searches yet or not noticed the Status section of the search detail page, it provides the item count and volume of ‘unsearchable items’ in the sources that your search. In my recent legal hold validation [...]

By |2021-03-03T18:04:28-06:00March 3rd, 2021|Essay, ESI Sources, Architecture, Search|0 Comments

Hackers Targeting M365 eDiscovery Services

Thanks to my friend Jason Velasco for drawing my attention to the article Hidden Dangers of Microsoft 365’s Power Automate and eDiscovery Tools. Hitesh Sheth at DarkReading.com is extrapolating from a massive data collection study from 4 million Cognito Detect for Office 365 customers by Vectra. I am not sure that I agree with his red flag alert that hackers are actively using Power [...]

By |2021-02-10T10:29:24-06:00February 10th, 2021|Essay, Security, ESI Sources, Architecture|0 Comments
Go to Top