Data Security And Electronic Disclosure:

By Author: Nathan Wilson
Total Articles: 8
Comment this article

A brief look at the way in which e-disclosure is currently delivered, and whether it is compatible with data security best practice and data protection law.

The last two years have been punctuated with examples of where corporate data security has failed. We are living in a world where any device connected to the internet is a potential target for attack. The more valuable the data contained within it, the more of a target it becomes. It is no longer just socially alienated teenagers sitting in their darkened bedrooms who are wreaking havoc on the World Wide Web; it has become both a corporate and government tool of espionage. A recent conversation with one of our clients revealed that they counted the number of weekly unauthorised attempts to access their network in the thousands.

Thankfully, organisations appear to be waking up to this growing threat and many are taking steps to protect themselves, their infrastructure and their information. In many cases this is not simply born out of a desire to do right by their customers, or protect their information, but instead to avoid the publicity of being the next high-profile ...
... casualty.

It is very easy in the panic and melee of an investigation (or litigation) to forget the importance of data security. When electronic disclosure of documents is required, it is not uncommon to copy great chunks of data and ship it off to a law firm or third party to wade through. Historically, this was often done with little consideration of data security, but corporate are again waking up to the risks that this presents.

As a third party that regularly hosts this valuable data, we are often asked questions on our security. We, of course, have the layers of security one would expect to minimise the risk from ‘hackers’, but we go further and provide physical security that goes beyond that of other e-disclosure suppliers. We provide a GPS-tracked courier service with a security cleared driver using a specially equipped van. We have a purpose-built laboratory, which is accredited to handle information up to ‘Restricted’ and most importantly, every CCL employee is security vetted.

These are all good things, but we still find that in some cases our clients are unwilling to agree for their data to leave the safety of their building. To accommodate for this we have developed an on-site deployment model, which allows us to deploy technology and to run an e-disclosure exercise from the client’s premises, giving them confidence on their data security. It is essential to have this infrastructure and flexibility, in order to provide effective electronic disclosure services, whilst keeping data security at the top of the agenda and giving clients the reassurance that their data are l in safe hands in these uncertain times.

For more information on electronic disclosure, digital forensics, or CCL’s other products and services, call us on 01789 261200, email edisclosure@cclgroupltd.com, visit www.cclgroupltd.com, or check out http://www.cclgroupltd.com/e-disclosure

Author:
Nathan is an e-disclosure specialist at CCL Group - the UK’s leading supplier of electronic disclosure and digital forensics consultancy, including: computer forensics, mobile phone forensics and digital investigation services, for more information visit www.cclgroupltd.com