Many proactive eDiscovery strategies revolve around preparing your data estate – through strategic information management – to enable a faster, more efficient (and therefore more cost-effective) response to eDiscovery requirements.
If you’re setting out on this journey, we’d suggest starting by answering these three questions, in order to focus your efforts where they can deliver the greatest returns.
Where is the data?
Today’s “hybrid” workspace includes more data repositories than ever before. Shared technology like Dropbox, personal mobile phones, tablets, external storage devices, has also blurred the lines between corporate and personal data.
As a result, it’s very common for organisations to have an incomplete picture (to put it mildly) of where their data lives. That makes identification and collection for eDiscovery (as well as compliance with regulations like GDPR and POPIA) a much more complicated – and less certain – prospect.
The best way around this problem is to build a data map with all the locations and types of data stored in your organisation, along with the processes used to create and dispose of them (i.e., data lineage). Your data map should include on- and off-premises locations, Cloud platforms, corporate and personal devices (where applicable) as well as any other hidey-holes that may be harbouring corporate data.
Done strategically, a good data map can be used again and again to prevent over- or under-collection and vastly reduce the timeline for identification and collection in future investigations. This is important not only from a cost-reduction perspective, but also for ensuring defensibility – not to mention avoiding sanctions for late disclosure.
How is the data stored?
With a range of data sources in play, how you store your data can be just as important as where you store it. Depending on where you are in your Cloud journey, there may well be an opportunity to streamline and consolidate your data storage in the Cloud.
This is beneficial from an overall compliance perspective, enabling a more confident compliance posture with a single security perimeter to maintain. It can also create much faster (and cheaper) searchability by extending the reach of eDiscovery tools like Microsoft Purview.
Microsoft Purview’s ability to preserve and review data in place is one of our favourite tools for speeding up searches and minimising duplicates. Purview eDiscovery (Premium) also adds the ability to OCR and re-index data in place, taking search accuracy to the next level while simultaneously reducing blind spots.
Pro tip: Not all data needs to be stored within Microsoft 365 in order to use Purview. Purview eDiscovery (Premium) allows non-Microsoft 365 data (in supported file types) to be manually imported into a review set. External data can also be ingested directly from supported third-party sources using Microsoft Graph connectors.
What are you keeping?
The Association for Intelligent Information Management (AIIM) has estimated that as much as half of organisations’ data has no business value. That’s a lot of unnecessary information to store and secure – not to mention search, collect and process during eDiscovery.
As such, identifying and reducing ROT (redundant, outdated and/or trivial information) is a very effective way to lower several costs, including eDiscovery.
You can start the process by clarifying (from a compliance perspective) exactly what you’re keeping, why, and for how long. From there, you can explore automated policies to trigger and/or enforce the necessary retention and disposition protocols.
Remember, disposition is just as important as retention. Holding onto data longer than necessary not only increases your potential exposure during a breach but can also leave you in contravention of data protection regulations and at risk of litigation.
Despite the risks, many organisations remain reticent to delete data. If you’re looking for more motivation to secure approval (and budget) for this type of project, you may want to highlight a few of the other benefits good retention/disposition practices can bring.
These include lower storage costs, more confident security and compliance, lower business risk, improved productivity, and even the potential to undertake in-place EDA.
Whilst it’s easy to say, getting consensus on setting retention and disposition policies isn’t always easy and can be a protracted process. So whilst that’s underway, in the meantime you could move the data you’re considering for deletion into a far more economic preservation lake, based, for example, on Microsoft Azure BLOB storage. Not only does this reduce the storage costs, but it removes aged data from operational systems which may yield further benefits such as reducing licencing costs, improving performance or simply ‘unclogging’ systems and making user navigation easier.
At Salient Discovery we know from real-world experience how eDiscovery can be improved by having some clear and documented answers to the above questions. Talk to us about our eDiscovery maturity assessment to find out how your organisation could reduce eDiscovery costs with good information governance.