Digital Forensics, eDiscovery & Technology Risks for HR Executives


Published on

HR Executives are faced with greater risks than ever before when it comes to data security and employee behaviors. This is an overview of processes and emerging risks. Presentation Highlights:
KEEP passwords and data private
Greatest risk is from the inside
Spoliation risks in legal matters
Security Analytics and Employee Monitoring

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Digital Forensics, eDiscovery & Technology Risks for HR Executives

  1. 1. Digital Forensics, eDiscovery,& other Technology Risks for the HR Executive The Lorenzi Group
  2. 2. p@SSw0rDz Facebook LinkedIn• Less is More, hire a professionalThis line of questioning could open discrimination issues
  3. 3. Concepts of Security are Changing• The only thing you should be secure about is that nothing is secure• Organized Crime• Random• Employees• Hacktivists
  4. 4. Greatest Risk to Business?• Employees, Contractors, Vendors & Partners• Inside vs. Outside• Don’t stop protecting outside…..
  5. 5. Virtual Machines & Child Porn• The virtual world is going virtual• CP (or CSAI – See-S-eye) is an addiction• Pirated media a (profitable) hobby• High bandwidth, “ghost” (vmware) The only thing you need to know: Liability is HUGE.
  6. 6. Digital Forensics & eDiscovery• 2 Step Process • Capturing and preserving everything • Preparing the “Useful” information
  7. 7. SMILE! Digital ForensicsDigital Forensics Using a 35mm CameraCreate a Forensic Image (Preserve Data) Take a PictureRestore the Forensic Image Develop the FilmAnalyze the Information Choose the Pictures you wantReport (and Testify) as necessary Build a Scrapbook
  8. 8. E-Z eDiscovery1. Convert paper to electronic images2. Combine images with Digital Forensics results3. Filter out Unnecessary Info4. Review Results5. Submit
  9. 9. SPOLIATION• The alteration and/or destruction of data• Examples: • Resending an email • Opening a Word document • Deleting a picture • Turning on a computer
  10. 10. Litigation Hold Legal Notice Starts the moment litigation becomes reasonably possible Requires parties to preserve all potential evidenceFailure to abide could bring sanctions, fines, dismissal of case, & criminal charges
  11. 11. The IT Department – Your BEST Friend… and WORST Enemy• Digital Forensics is all about 3 things: • Process • Experience • Defensibility• CAN IT do some/all of it? Maybe.• SHOULD IT do some/all of it? NO.
  12. 12. Any time… You think internal is better/cheaper/faster…• Remember: • Legal, Financial, & Criminal Liability • IT fear of public speaking • Interpersonal relationships…… (ask about this)
  13. 13. Employee Monitoring• It’s not Big Brother, it’s SMART Business• Improves Data Security Exponentially • Mistakes • Desperate • Criminal• Makes Compliance Easier• Can provide Productivity metrics • Termination Justification • Training Needs • Resource Allocation • Cost Saving OpportunitiesExamples:Lockheed, Fidelity, USPS, Kaiser Permanente
  14. 14. BYOD• Stored Communications Act• Employee Owned/Company Paid• Company Owned
  15. 15. EADVElectronic Devices and Social Media Misuse Major initiative for 2012
  16. 16. ADA• EU says websurfing is an addiction• What does the US say?• REALLY????
  17. 17. Thoughts Social Media is good Acceptable Use Policies are requiredDetailed Background Checks are better than FB pages Ongoing Training & Reminders are critical
  18. 18. Thank You Rob Fitzgerald The Lorenzi Group 866-632-9880