Simplifying data management, compliance and governance at ILTACON 2015
Let me know if this situation sounds familiar: in an attempt to decrease security risks in your IT environment, you set guidelines for employees that prevent them from downloading unauthorized apps. You know that this kind of software can tap into private data, like contact lists and intellectual property, and that when employees share files, they create digital content trails that may be tracked by an interested third party.
Then, your employees find a way around your restrictions, and their apps have gained access to your company’s sensitive information. Worse, a dedicated hacker has accessed this path to your confidential information. For him, the content path was as clear as the condensation trails, or contrails, that follow airplanes and leave white streaks in the sky.
Now, imagine you’re a prosecuting attorney in the middle of a case, and this path is exposing public access to your files. Worse, you stand to lose your case because of the information hidden in a rat’s nest of data on your servers. The clock is ticking and the defense is gaining strength in its position.
In any industry, securing your private data is critical to maintaining a stable IT environment and reducing security risks. For technology professionals in law firms and legal departments, it can mean the success or failure of every matter, or case, you approach. This week, our team headed to Las Vegas for the International Legal Technology Association Conference (ILTACON) to meet with legal industry tech experts and learn the pain points that plague their data management and security initiatives. The demographics of the attendees were divided neatly between people who manage infrastructure and virtualization, and people who manage the data housed in that infrastructure. Overall, it was one of the most qualified and expert audiences that I’ve met in all of the years I have been doing this work.
Below are two initial lessons learned and observations made during the event. In the week to come, our team will continue sharing our reflections.
Law firms live and die by their ability to find answers in their data.
When a company enters into litigation, two things are clear and present. One, building a logical, credible and reasonable case is of the utmost importance; two, time is money. A case gone wrong can cost millions in damages, compromised brand perceptions and lost jobs. The old saying that money is no object gets expensive, fast.
Matter numbers are the organization system for legal data. When the matter, or case, is active, a legal team’s ability to quickly locate insights and apply relevant evidence can lead to the success or failure of a hearing. Then, when the matter closes, its data needs to be preserved for an extended period of time or defensively deleted. As companies move from boxes of physical files to digital content in directory structures, the ability to preserve and secure that data directly impacts the firm’s credibility and business success.
Digital forensics is the new normal, so you better have the tools for the trade.
Historically, people have spent millions on crawler software that carves its way through dark data, looking for keywords, relationships and events that can build a story. This rather antiquated and complex software is a mere Band-Aid in the context of the workflows that confluence products like DataGravity routinely ingest.
When IT people purchase technology to solve a problem that has been building in their data, they move ahead fueled by the hope that their new software can solve the problem at hand. This is what fuels proof of concepts (PoCs). Sometimes, these projects work, and sometimes they don’t. A data-aware processing engine provides value as it stores data, and not years later, and this value should not be underestimated or taken for granted. After all, 100 percent of DataGravity customers have discovered sensitive elements in their data that had previously gone undetected.
During ILTACON, nearly every conversation I had with an IT leader – meaning a director of IT or chief information officer (CIO) – had the same forensic signature. I would hear that the IT leader’s company had “a lot” of data in file shares, and while he didn’t know the value of that data, he hoped that data-aware storage could solve this problem. Our team would migrate that data over and share a previous of its potential value. In response, every IT leader who participated in this type of demo was astounded by the power of the solution and how easily it could identify both risks and rewards in their dark data.
Follow DataGravity on LinkedIn, and look out for part two of John’s reflections on ILTACON.3 Likes