Migrated from eDJGroupInc.com. Author: Greg Buckles. Published: 2011-09-23 11:40:32Format, images and links may no longer function correctly. The eDJ Group’s corporate consulting does not usually touch tactical matters. Most corporate clients already have good service provider relationships or we partner up with a local provider to keep our role clearly on the strategic requirements, goals, technology and workflow. Despite our best intentions, you sometimes have to jump into the fray when a client says jump. That was how I found myself once more elbow deep in batch scripts on a large preservation collection project with a looming deadline. Every time we tried to transfer executables, .BAT files, or anything except normal MS Office files we ran into security system blocks. It quickly became apparent that even with administrator rights, we could not run or move the remote collection packages or scripts within their environment. I try sending zips via email. They never arrive. Next I dust of my FTP site and get everything uploaded. Their firewall blocks all FTP connections. Final resolution? We had to resort to a freemail account. Success!
With everything finally staged, we run tests and quickly figure out that some of the corporate desktop/laptops are locked down so hard that even an IT admin cannot run the collection software on them. The saga continued, but that is probably enough back story to make my point. Security is always a balancing act aimed at lowering risk while allowing users to do their jobs. Unfortunately, normal litigation collections of live files typically require more access than modern IT really wants to give a typical user. This is not an issue with physical forensic imaging, but who has the budget or the time to perform full images on hundreds of custodians for every legal hold?
As preservation/collection evolves from a manual process conducted by a specialist to a standard, self-serve business process, we are going to run into the security straight jacket with increasing frequency. In my recent matter, we even briefed security on the chosen software and got the thumbs up to use it. Every enterprise IT environment is unique. So add in security rights testing to your discovery plan before you lock down your due dates and remember to test across a representative sample of potential target hardware, OS configurations and physical locations before you commit to a schedule. Do you have an anonymous security nightmare story? Share it in a comment or send it to me at Greg@eDiscoveryJournal.com.