Alongside the digitization of discovery, essential questions around the access, control, and security of data began to crop up among legal counsel and their supporting staff. Today, how an organization manages e-discovery directly impacts more fundamental decisions in the business—namely, how to operate during an era of cloud transformation that is global and predicted to grow 20.7 percent in spend in 2023 alone, according to a recent report by Gartner report.
Within the broader legal and compliance spheres, people are responsible for making decisions with more factors, and more risk, than ever before. One of these decisions is how to collect, store, and access data potentially subject to regulatory requirements or litigation, or in response to a data breach. And this decision is often not a local one. We are being asked to think on a global level, across jurisdictions, technologies, and people.
Luckily, our friends at Control Risks have a lot of experience helping clients make informed choices about where and how to manage discovery data. We asked Lucas Clair, head of forensic technology for the EU, and Jed Baxter, principal, technology and operations, some questions, and we think their insight could help you do the same.
Can you both tell us who you are and what you do?
Lucas: I am the head of our forensic technology practice in the EU, where I specialise in investigations and technology. I work with clients during all stages of their projects. Utilising my Linux system engineer and forensic technology background, my areas of expertise include digital forensics, e-discovery, and forensic data analytics, as well as complex data protection issues.
Jed: I am a principal in Control Risks’ compliance, forensics and intelligence practice, based in Denver, Colorado, where I oversee technology, development, and operations for our global technology team. I ensure that the firm and technology operations teams adopt and utilize the most comprehensive technology while partnering with the best vendors to remain at the forefront of consulting. I am tightly involved in all aspects of information security, providing guidance within contracts and MSA negotiations, as well as being a designated subject matter expert for global information governance.
We know that most organizations’ data footprints include the cloud, but some of them are hesitant to move their discovery away from on-premises platforms. What’s been your experience with this?
Lucas: Conversations regarding technology in legal, compliance, or investigations matters in regions with more conservative approach to cloud adoption often gravitate around data protection, information, and IT security.
We regularly encounter clients who host their data in a cloud solution. Nevertheless, we are sometimes asked if it would be possible to host the data in an on-prem environment. Given that on-prem solutions usually come with limited functionality as well as additional costs and increased effort for support and maintenance, hosting on-prem starts to look like a contradiction.
Jed: That increased effort to support and maintain on-prem environment also comes with added, non-trivial complexity and significant cost. It is another environment needing to be patched, another solution needing contextualized monitoring around it, and another administrative burden to operate it all in a secure manner.
The pressure to resolve compliance related matters quickly, securely, and with proportionate effort is only going to increase—and technology plays an important role to achieve that goal. Some of the great advantages of RelativityOne are the proactive security approach that Relativity takes and the information provided to customers through the Security Center, which address the most common security concerns we hear from clients.
For those organizations that do have data in systems like Microsoft 365, Slack, Google, and so on, what’s the benefit of opting for a cloud platform for discovery?
Lucas: The data source being in the cloud provides a great opportunity to cut time to review and strain on a client’s resources. For example, Collect in RelativityOne can connect directly to data sources and provide a unified and fast data collection mechanism.
In most cases, it is also a simple reality that inter-cloud bandwidth exceeds local bandwidth by far. Additionally, Collect can pull the data to where it is needed for processing directly which can be challenging on-prem due to capsulation, data structure, and formats.
Jed: True, and it is not only about the performance and bandwidth. Collecting at the source is always going to limit attack surface and keep the number of steps where human error can be introduced to a minimum.
After all, when data is shared directly cloud-to-cloud, we do not need any complex intermediary systems converting, storing, and making the data available to be ingested.
Lucas: We’ve also found that when time is of the essence, opting for a cloud-based solution is usually the better choice. There are several on-prem factors that extend time to review, including:
- Data collection from cloud sources
- Processing speeds
- Support tasks such as indexing and analytics
On top of performance and timing considerations, RelativityOne provides certain functionalities that are not available on-prem. Some of the current features clients using RelativityOne enjoy include:
- Redact: Automate document redactions across entire data sets, reducing or eliminating the need to perform manual redactions.
- Automated Workflows: Orchestrate workflows across your documents and cases without needing to press go. This cuts the time to review further, as the system does not need to wait for user input to perform basic operations after data ingestion.
- Mobile: Access your documents on the go, with the ability to tag and code.
- And, of course, cloud collection capabilities.
Lucas, Control Risks operates several Relativity Server (on-prem) instances around the globe in addition to their RelativityOne deployments. From your experience, what’s it like to keep the Server instances secure?
Lucas: The secure operation and maintenance of on-prem tools requires experts in several areas—including the data centre, network, operating system, applications, and IT security—working together.
We find that an approach regularly taken by our clients to secure an on-prem review platform is capsulating it from the internet. Of course, this provides a certain layer of security, but it also comes with significant downsides around client accessibility. Additional infrastructure is required to access those platforms, like a VDI environment or similar. At the beginning of the pandemic, we saw that, in some instances, clients needed to provide remote access quickly and opened up previously isolated platforms, which increases risk significantly and requires a lot of care.
For those platforms that are exposed to the internet, a huge focus needs to be on regular updates on all levels of the technology stack as well as employing security best practices, periodic penetration testing, and, ideally, proactive threat monitoring. To match Relativity’s cybersecurity efforts—which have independently achieved various compliance certifications, such as ISO 27001, SOC-2 Type II, FedRAMP authorization, IRAP assessment, and HIPAA—for an online, on-prem instance, significant resources would need to be mobilized.
While it still can sometimes be necessary to go for an on-prem solution (based on the scope, location, or requirements of a matter or client), the benefits and drawbacks of both approaches should be clearly understood and weighed before a decision is made.
What other ways can organizations set themselves up to move faster with greater flexibility and functionality?
Lucas: Ideally, a litigation or investigation readiness program would allow for quick and lightweight legal hold and data collection workflows to be ready to go when the need arises. Drawing from our extensive experience supporting clients in their most challenging moments, we have developed a knack for bringing order to chaos and reassurance to anxiety. We have seen that clients who built a plan to address and work through litigation and investigations, consistently respond to those events more professionally and do it all with less anxiety, leading to better results and more cost efficiency.
Jed: On the tech side, looking proactively at how to get most out of the tools on hand is key to staying ahead of growing scale and complexity. Leveraging both familiarity and innovation—well known and dependable workflows, blended with trying new features as they come—is a great position to enable success in the fast-paced e-discovery market.
Graphics for this post were created by Kael Rose.