Managing Ediscovery In The Cloud: Essential Questions to Ask Potential Providers | Nextpoint, Inc.
As we explained in our last post, managing e-discovery in the cloud is the only viable one solution for handling the massive amount of electronically data involved in litigation today. Next point was an advocate for cloud-based ediscovery for 20 years, but the industry’s transition to the cloud was slow In 2022, less than half of ediscovery professionals surveyed agreed that the cloud is now the norm, but the vast majority believe it will become the norm within the next two years.
It means a lot firms and legal teams will look into make the switch after the cloud in the near future. When any new is adopted technologyis important to know the right questions to ask and the criteria to look for in a seller. In this excerpt from our white paper on managing ediscovery in the cloudWe cover these questions and share tips to help legal teams make the transition after the cloud. click here to download the full white paper.
Cloud computing in Ediscovery – is it ethical?
Everyone businesses have to worry about placing customer data in the hands of a third party. Lawyers have reason to be particularly concerned about these types of transactions, since they are special ethical obligations absolutely maintain client confidentiality.
To maintain customer confidence and to the inadvertent disclosure of data, law firms caution must be exercised to understand how they data is stored. Below the comments ABA Model Rule 1.1 regarding competencemust lawyers now consider the “risks and benefits of technology.” It means for competency purposeslawyers technology must understandmuch as they do the substantive areas of law.
Given this fact, ediscovery providers in the cloud should be treated as partners, not just a software provider. The right partner will make sure that your customers’ data is private and secure – in fact, rightfully so security measures, hosting data in the cloud is much more safe as hosting it on site.
In this paper you will a checklist of questions a cloud provider must answer to data storage, security protocolsand data export restrictions before a law firm they can perform data to them. Before entrusting the client data to a third party, the ethical implications of that relationship must be considered and all doubts and questions resolved before information is transmitted.
What are your options for a cloud-based platform?
The range of options for cloud-based ediscovery run from old fashioned client-server software that require an experienced, in-house IT staff, to services that provide some infrastructure, up to Software-as-a-service (SaaS). SaaS should not require any maintenance, updates or hardware other than your connection to the online service you purchased.
Some ediscovery providers existing locally installed relaunch software to take advantage of the cloud environment. Unfortunately installed locally software is not designed to dynamically allocate resources or effectively take advantage cloud computing architecture. Often these efforts are referred to as a “private cloud,” which a cloud infrastructure operated only for a single organization. These products are most times housed and management by internal IT staff or in other cases by an external third party.
Note that a private cloud is often just a re-burned version of software which was created for an on-site computer model. It often offer none of the benefits of a true cloud environment while retaining many of the disadvantages of on-premises software. Even those Wikipedia entry describes this model noting that “Enterprise of a private cloud project requires a significant level and degree of involvement to virtualize the business environment, and requires the organization to reevaluate decisions about existing resources. It can improve business but increase every step in the project security issues that need to be addressed to prevent serious vulnerabilities.”
When considering s solutionsee where it fits on the continuum between on-site, private cloudor Software-as-a-service.
Questions to ask a Cloud Ediscovery vendor
What type cloud or SaaS service they claim to provide? Are they offering a real cloud applicationor is it called a housed service? a privatecloud‘? Only a full-fledged cloud computing platform can provide all the benefits described in our last post.
do you supplier Have a Service Level Agreement (SLA) and a response time that will be acceptable to your stakeholders? Ask the supplier how highly available the cloud platform will be. Investigate the aspects that give it high availability. What will you have to do yourself to achieve the degree of availability that you think is yours applications will need?
Is data 24 x 7 accessible? Some cloud providers not deliver 24 hours a day data access.
How do they guarantee that their service will experience only minimal levels of service interruptions? The most companies claim to have virtually no downtime. This may be true, but only if data are stored in paired but geographically distributed data centers. Suppliers that host data in their own data centers are unlikely to be able to guarantee service.
Can they stamp and produce your data to third parties electronically through the cloud? They limit your ability to perform data? Can you you data back without any complications? How is data delivered, and how quickly can they get it back to you? Do the seller charge additional fees for stamping, produceand export data or to leave the service? is there a feature which allows you to see when someone has opened and viewed you production?
Is professional services available to assist with complex import and management of data? Is there going on services provided to customers for data export? Almost every company will have some form of will technology supportbut in many cases it exists only for solving problems with the software. A supplier which offers authority ediscovery support will be able to help with matters such as data collection and processing and help your team meet strict deadlines when necessary. Be sure to determine whether your supplier presentations “technology support” or where litigation support.
Ban them data mixing with other customers? Can they guarantee you? data is kept in a virtual workspace that no one else has access to? What access controls do they offer? Can they guarantee that only trusted users can access you data?
Make sure that the supplier you choose have strong data security characteristicsinclusive:
Firewall to prevent outsiders from breaking into a closed computer system.
Encryption to protect data as it is transmitted, and while it is at rest.
Intrusion detection to identify potential threats.
Geographic redundancy from everyone data for disaster recovery and backup
In addition, companies can obtain certificates from outside parties to verify the effectiveness of them data security measures. This includes Soc 2 Compliance, FISMA Certification, SAS 70 – Type IIand SSAE-16.
Can the cloud provider offer location insurance? Is data always be upheld in the jurisdiction specified by the customer (eg USA, Canadaor EMEA)? Consumer data privacy has come under deeper scrutiny in recent years, and many jurisdictions are in the process of introducing stricter data privacy laws. Legal teams may face restrictions on the geographical location data can be stored in, which is why Next point recently launched new AWS environments in California and Canada. Make sure you’re talking to prospects suppliers to make sure they keep up with changes in data privacy laws.
Some ediscovery applications must download an ActiveX installer or an applet to your system to work. This is a sign that the software is built with licensed technology. The best applications is built from the ground up by a dedicated team of in-house developers, and is not a grab bag of licensed software beaten together. Is the software built and maintained by in-house developers?
Most importantly – do the service provider proved e-discovery and litigation support experience? Did they customer references and industry belief?