What can a 1,350 global enterprise survey tell us about the evolving composition and location of ESI? Although Araka’s fifth annual survey is focused on WAN and security infrastructure, it contains nuggets with eDiscovery impact. Over 80% of respondents expect more than 25% of workers to remain remote, confirming that the hybrid work environment is here to stay. 46% of respondents have deployed over [...]
Typical Response Tasks · Preservation · Forensics · Log analysis · Malware reverse engineering · Surveillance · Remediation · Endpoint detection & response · Exfiltration – eDiscovery · Physical security · Regulatory compliance · Consumer notification · Legal response · Law enforcement liaison The latest Microsoft Exchange breach moved downstream to 60,000+ SMB victims from the Solar Wind’s hack that targeted Microsoft and government [...]
A question to the eDiscovery Facebook group asked how others were handling the unindexed items reported in M365 core and AED searches. If you have not run M365 eDiscovery searches yet or not noticed the Status section of the search detail page, it provides the item count and volume of ‘unsearchable items’ in the sources that your search. In my recent legal hold validation [...]
Thanks to my friend Jason Velasco for drawing my attention to the article Hidden Dangers of Microsoft 365’s Power Automate and eDiscovery Tools. Hitesh Sheth at DarkReading.com is extrapolating from a massive data collection study from 4 million Cognito Detect for Office 365 customers by Vectra. I am not sure that I agree with his red flag alert that hackers are actively using Power [...]
One of my Litsupport team wearing the departmental t-shirts. Used with permission Blame Jonathan Maas for reminding me of my 5000:1 rule from the Enron email review. “For every 5,000 emails we review someone gets fired.” To put that rule in late 1990’s context, everyone having a corporate email account was still a relatively new thing. Just like the pandemic driven adoption [...]
In the days of on-site policy assessment engagements, I loved asking random attendees to step away from their laptops so that I could ‘compliance check’ them. For new or stuffy clients I would ask the MIS/Security stakeholder to pick some random ‘safe’ machines on the floor for the check. Inevitably, every poor admin chosen had stashes of PSTs/MSGs, private gmail mailboxes open, various chat [...]
Relativity’s acquisition of VerQu makes a lot of sense from the corporate RelativityOne customer perspective. Once integrated, the VerQu Hydra connectors have the potential to dramatically expand the scope of holds, in-place searches and collections. The pandemic has escalated adoption of Teams, video conferencing and a myriad of collaboration platforms that Hydra already gives customers access to. In a happy coincidence, VerQu was on [...]
The pace of corporate migrations to Microsoft 365 (the new name for Office 365) has accelerated over the last nine years (2011 launch). I have supported these migrations of most of my long term clients with policy reviews, preservation audits, workflow adaptions and more. Two to five years post-migration my health checks and annual discovery metrics reports tell a universal tale of bloated mailboxes. [...]
Even though Microsoft just released their new version of the Advanced eDiscovery (AED2) interface, they seem to be releasing UI changes in relatively short development cycles. That is good if you are waiting for the Graph API functions to integrate with AED2, but bad if you already updated your protocols and documentation. This update changes the workflow for adding a Custodian or Data Source [...]
Good find by Doug (who credits his wife) on Upturn.org’s new report on the widespread use of Mobile Device Forensic Toolkits like Cellebrite or Access Data by law enforcement. Aside from the civil liberties issues, I want to draw corporate litsupport/compliance/security attention to the logical progression that looms. The latest Gallup poll shows that 58% of employees work remote sometimes or always. I can [...]