ESI Sources

Aryaka Global WAN Report Take-Aways

What can a 1,350 global enterprise survey tell us about the evolving composition and location of ESI? Although Araka’s fifth annual survey is focused on WAN and security infrastructure, it contains nuggets with eDiscovery impact. Over 80% of respondents expect more than 25% of workers to remain remote, confirming that the hybrid work environment is here to stay. 46% of respondents have deployed over [...]

By |2021-03-23T15:30:21-05:00March 23rd, 2021|Essay, Global, ESI Sources, Architecture|0 Comments

Enterprise Classification – Minimizing the Impact of Data Breaches

Typical Response Tasks ·   Preservation ·   Forensics ·   Log analysis ·   Malware reverse engineering ·   Surveillance ·   Remediation ·   Endpoint detection & response ·   Exfiltration – eDiscovery ·   Physical security ·   Regulatory compliance ·   Consumer notification ·   Legal response ·   Law enforcement liaison The latest Microsoft Exchange breach moved downstream to 60,000+ SMB victims from the Solar Wind’s hack that targeted Microsoft and government [...]

Handling M365 AED Unindexed Content

A question to the eDiscovery Facebook group asked how others were handling the unindexed items reported in M365 core and AED searches. If you have not run M365 eDiscovery searches yet or not noticed the Status section of the search detail page, it provides the item count and volume of ‘unsearchable items’ in the sources that your search. In my recent legal hold validation [...]

By |2021-03-03T18:04:28-06:00March 3rd, 2021|Essay, ESI Sources, Architecture, Search|0 Comments

Hackers Targeting M365 eDiscovery Services

Thanks to my friend Jason Velasco for drawing my attention to the article Hidden Dangers of Microsoft 365’s Power Automate and eDiscovery Tools. Hitesh Sheth at DarkReading.com is extrapolating from a massive data collection study from 4 million Cognito Detect for Office 365 customers by Vectra. I am not sure that I agree with his red flag alert that hackers are actively using Power [...]

By |2021-02-10T10:29:24-06:00February 10th, 2021|Essay, Security, ESI Sources, Architecture|0 Comments

IM eDiscovery: Resurrecting the 5000:1 Rule

One of my Litsupport team wearing the departmental t-shirts. Used with permission Blame Jonathan Maas for reminding me of my 5000:1 rule from the Enron email review. “For every 5,000 emails we review someone gets fired.” To put that rule in late 1990’s context, everyone having a corporate email account was still a relatively new thing. Just like the pandemic driven adoption [...]

By |2021-01-12T12:38:17-06:00January 12th, 2021|Essay, Compliance, Collectors, Legal Holds, Privacy, ESI Sources|0 Comments

What is Your Messaging App Tracking?

In the days of on-site policy assessment engagements, I loved asking random attendees to step away from their laptops so that I could ‘compliance check’ them. For new or stuffy clients I would ask the MIS/Security stakeholder to pick some random ‘safe’ machines on the floor for the check. Inevitably, every poor admin chosen had stashes of PSTs/MSGs, private gmail mailboxes open, various chat [...]

It’s a Jump to the Left – Relativity Acquires VerQu

Relativity’s acquisition of VerQu makes a lot of sense from the corporate RelativityOne customer perspective. Once integrated, the VerQu Hydra connectors have the potential to dramatically expand the scope of holds, in-place searches and collections. The pandemic has escalated adoption of Teams, video conferencing and a myriad of collaboration platforms that Hydra already gives customers access to. In a happy coincidence, VerQu was on [...]

Unlimited Mailboxes = Email Hoarding?

The pace of corporate migrations to Microsoft 365 (the new name for Office 365) has accelerated over the last nine years (2011 launch). I have supported these migrations of most of my long term clients with policy reviews, preservation audits, workflow adaptions and more. Two to five years post-migration my health checks and annual discovery metrics reports tell a universal tale of bloated mailboxes. [...]

Rapid Changes to Microsoft AED2 UI

Even though Microsoft just released their new version of the Advanced eDiscovery (AED2) interface, they seem to be releasing UI changes in relatively short development cycles. That is good if you are waiting for the Graph API functions to integrate with AED2, but bad if you already updated your protocols and documentation. This update changes the workflow for adding a Custodian or Data Source [...]

By |2020-11-20T16:46:38-06:00November 20th, 2020|Preservation, News, Legal Holds, ESI Sources, Architecture|0 Comments

The Civil Discovery Impact of 50,000+ Smart Phone Extractions

Good find by Doug (who credits his wife) on Upturn.org’s new report on the widespread use of Mobile Device Forensic Toolkits like Cellebrite or Access Data by law enforcement. Aside from the civil liberties issues, I want to draw corporate litsupport/compliance/security attention to the logical progression that looms. The latest Gallup poll shows that 58% of employees work remote sometimes or always. I can [...]

Go to Top