SlideShare a Scribd company logo

e-Discovery Cloud Benefits and Concerns

Download as PPT, PDF
Steve Markey
Steve Markey

This document summarizes two case studies on using cloud technologies for e-discovery. Case study 1 involved using a SaaS solution for discovery within a financial services firm. It faced challenges from lack of planning, training, and discovery expertise. Case study 2 involved discovery from cloud email archives at a capital management firm. It highlighted complications from journaling cloud email and the need to test disaster recovery. The document also reviews benefits and concerns of cloud e-discovery, including cost, flexibility, and vendor management issues. It provides examples of SaaS, PaaS and IaaS solutions for e-discovery in the cloud.

1 of 33
e-Discovery 2.0: In the Cloud Wednesday, November 16, 2011 9:45 AM - 10:45 AM Steven C. Markey, MSIS, PMP, CISSP, CIPP, CISM, CISA, STS-EV, CCSK Founder/Principal, nControl, LLC; Adjunct Professor; President, Cloud Security Alliance – Delaware Valley Chapter (CSA-DelVal)
• Presentation Overview – Technology • Case Study 1: IN the Cloud • Case Study 2: FROM the Cloud • e-Discovery Cloud Benefits • e-Discovery Cloud Concerns • e-Discovery Cloud Solutions – Process • Electronic Discovery Reference Model (EDRM) • Information Governance Reference Model (IGRM)
• Technology
• Case Study 1: IN the Cloud – Background – Drivers – Technologies – Limitations – Risks – Lessons Learned
• Case Study 1: IN the Cloud (Continued) – Background • A Fortune 1000 Financial Services Firm – Investment Management (PA) – Life Insurance (CT) – Annuities (IN) • Legacy Project: 2005/2006 • In-House, Mature IT Team – Drivers • Efficiency/GUI Availability • Compliance • Cost
• Case Study 1: IN the Cloud (Continued) – Technologies • Email: In-House Exchange/IXOS – Recently Transitioned from GroupWise in CT • Discovery: Zantaz (SaaS) – Limitations • De-Centralized Back Office (IT, Compliance, HR) – No Formal Records & Info Mgmt (RIM) Function/Role • Lack of Enterprise Project Mgmt Office (PMO) • Lack of Discovery Specialists
• Case Study 1: IN the Cloud (Continued) – Risks • Data Loss – Tape Conversion – Large Result-Set Delivery » CD-ROMs via Snail Mail » Hourly Vendor Processing Fee • Vendor Management: Contractual/SLA Omissions • Search/Result-Set False Positives/Negatives • BCP/DR: Datacom • Poor Usability • Scope Creep
• Case Study 1: IN the Cloud (Continued) – Lessons Learned • Schedule/Effort Underestimated – Uploading Email on Tape to Zantaz » Transitioned Legacy GroupWise Data to Exchange • Not Enough On-Site Training – Compliance, HR Not Technical • Discovery Support Resource Limitations – Budget Was Not There • Testing Plans – Incident Response – BCP/DR
• Case Study 2: FROM the Cloud – Background – Drivers – Technologies – Limitations – Risks – Lessons Learned – Next Steps
• Case Study 2: FROM the Cloud (Continued) – Background • Financial Services SMB – Capital Management (PA) • Recent Project: 2010 • IT: Managed Service Provider/Operations, Director – Drivers • Cost • Compliance – Technologies • Email: Exchange Server ‘07/Online/BPOS/Office 365
• Case Study 2: FROM the Cloud (Continued) – Limitations • Budget • Skill-Sets • Resources – Risks • Software/System Interoperability • Vendor Management: Contractual/SLA Omissions • BCP/DR: Datacom • Legacy Email Availability • Scope Creep
• Case Study 2: FROM the Cloud (Continued) – Lessons Learned • Limited Cost Savings – On-Site Exchange Box for Journaling – Upgrade to EV v9.0 to Support Exchange 2010 • Exchange Journaling From the Cloud, Complicated • Leverage Interim Solution for BlackBerry Services – Shutdown BlackBerry Enterprise Server (BES) – Leverage AstraSync (Exchange ActiveSync)
• Case Study 2: FROM the Cloud (Continued) – Next Steps • Upgrade to EV v10.0 – Incorporate Social Media • Test BCP/DR e-Discovery Functionality • BlackBerry Office 365/BES Express – Looking at BES Balance (“Data Boxing”) • Reviewing Cloud e-Discovery SaaS Solutions – Symantec Enterprise Vault.cloud – Microsoft EOA/EHA
• e-Discovery Cloud Benefits – Generic (Across SPI Stack) – SaaS Specific – PaaS Specific – IaaS Specific
• e-Discovery Cloud Benefits (Continued) – Generic (Across SPI Stack) • Cost – More Quantifiable Return on Investment (ROI)….? – Total Cost of Ownership (TCO) Savings » Operating Expense versus Capital Expense » Variable Expense versus Fixed Expense • Core Competency Focus – Vendor Has Skill-Set » Configuration Management » Tie-In 3rd Party Products – Legal/Litigation Support – Cross-Platform Support
• e-Discovery Cloud Benefits (Continued) – Generic (Across SPI Stack) • Core Competency Focus – Processing » Retention » Disposition – Compliance Best Practices – System Criticality » Vendor/Provider Configuration Management » BCP/DR • Supports Distributed Enterprises – Distributed Parties (Internal/External Counsel, Plaintiffs) – Satisfy Different Jurisdictional Requirements » e.g. AWS Zones
• e-Discovery Cloud Benefits (Continued) – SaaS Specific • “Turn-Key” – PaaS/IaaS Specific • Flexibility – Tie-In Best Practices » EDRM » IGRM » Generally Accepted Privacy Principles, GAPP » Generally Accepted Recordkeeping Principles, GARP • Control – Configuration Management
• e-Discovery Cloud Concerns – Generic (Across SPI Stack) – SaaS Specific – PaaS/IaaS Specific
• e-Discovery Cloud Concerns (Continued) – Generic (Across SPI Stack) • Cost – Data Transfer – Storage – Third Party Connectors/Extra License for Journaling • Loss of Additional Functionality/Scalability/Features – PST Collectors – Additional Archival Artifacts/System Integration » File Share(s) » Content Management System (CMS: SharePoint, Quickr) » Mobile/PC Social Media » Mobile/PC Instant Messaging (IM) » Mobile/VoIP PBX: Phone Calls, Voicemail (VM), SMS/Texts
• e-Discovery Cloud Concerns (Continued) – Generic (Across SPI Stack) • Vendor Management – Viability/Long Term Market Prospects – Portability/Interoperability (“Lock-In”) – Vendor’s Vendors • BCP/DR • IAM – Federated Identities for Services/Users? » SAML » OAuth » OpenID » WS-Trust
• e-Discovery Cloud Concerns (Continued) – Generic (Across SPI Stack) • Privacy/Compliance Jurisdiction • Usability (GUI) • RIM – Conversion Effort/Project/Task » Platforms: GroupWise/Lotus/Squirrel Mail/Exchange » Hard-Copy Files: Optical Character Recognition (OCR) • Compatibility – May Force Upgrade • Incident Response – Vendor’s CompSec Incident Response Team (CSIRT) » Criminal Investigations
• e-Discovery Cloud Concerns (Continued)
• e-Discovery Cloud Concerns (Continued) – SaaS Specific • AppSec • RIM – Classification – Retention – PaaS/IaaS Specific • Skill-Set • Control – Multi-Tenancy • Cost Effectiveness – Volume/Block-Level Storage
• e-Discovery Cloud Concerns (Continued) – PaaS/IaaS Specific • Justification – Deal With Software Vendor & Cloud Service Provider • Third-Party Products – Long-Term Strategy/Viability
• e-Discovery Cloud Solutions – SaaS – PaaS – IaaS
• e-Discovery Cloud Solutions – SaaS • Social Media-Centric – Arkovi – Archive-It – LiveOffice SocialArchive • Comprehensive – Zantaz – Proofpoint Enterprise Archive – Microsoft EOA – Symantec Enterprise Vault.cloud – EMC SourceOne – VARs/Resellers – Google Message Discovery (GMD)
• e-Discovery Cloud Solutions – SaaS (Continued) • Comprehensive – Sonian – Smarsh
• e-Discovery Cloud Solutions – PaaS • Various Platform Vendors – Build e-Discovery Modules Leveraging Existing Platform » Not Much of a Market/Business Model » Re-Create the Wheel – IaaS • Various Cloud Vendors – Build e-Discovery Solution on IaaS Instance » Leverage Existing Licensing » Analogous to Hosting
• Processes – EDRM – IGRM
• Questions? • Contact – Email: smarkey@ncontrol-llc.com – Twitter: markes1 – LI: http://www.linkedin.com/in/smarkey – CSA-DelVal: http://www.csadelval.org/

Recommended

E discovery 2-cloud_v5
E discovery 2-cloud_v5E discovery 2-cloud_v5
E discovery 2-cloud_v5scm24
 
(ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014
(ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014(ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014
(ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014Amazon Web Services
 
Cloud enablement
Cloud enablementCloud enablement
Cloud enablementTom Tsongas, PMP, CSM
 
[SummerSoc 2014] Monitoring Elastic Cloud Services
[SummerSoc 2014] Monitoring Elastic Cloud Services[SummerSoc 2014] Monitoring Elastic Cloud Services
[SummerSoc 2014] Monitoring Elastic Cloud ServicesDemetris Trihinas
 
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Chad Lawler
 
Adopting the open group cloud eco system reference model
Adopting the open group cloud eco system reference modelAdopting the open group cloud eco system reference model
Adopting the open group cloud eco system reference modelKrishna-Kumar
 
Applications in the Cloud - Architecture, Operations, and more
Applications in the Cloud - Architecture, Operations, and moreApplications in the Cloud - Architecture, Operations, and more
Applications in the Cloud - Architecture, Operations, and moreJohn Treadway
 
Developing a cloud strategy - Presentation Nexon ABC Event
Developing a cloud strategy - Presentation Nexon ABC EventDeveloping a cloud strategy - Presentation Nexon ABC Event
Developing a cloud strategy - Presentation Nexon ABC EventNexon Asia Pacific
 

Recommended

E discovery 2-cloud_v5
E discovery 2-cloud_v5E discovery 2-cloud_v5
E discovery 2-cloud_v5scm24
 
(ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014
(ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014(ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014
(ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014Amazon Web Services
 
Cloud enablement
Cloud enablementCloud enablement
Cloud enablementTom Tsongas, PMP, CSM
 
[SummerSoc 2014] Monitoring Elastic Cloud Services
[SummerSoc 2014] Monitoring Elastic Cloud Services[SummerSoc 2014] Monitoring Elastic Cloud Services
[SummerSoc 2014] Monitoring Elastic Cloud ServicesDemetris Trihinas
 
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Chad Lawler
 
Adopting the open group cloud eco system reference model
Adopting the open group cloud eco system reference modelAdopting the open group cloud eco system reference model
Adopting the open group cloud eco system reference modelKrishna-Kumar
 
Applications in the Cloud - Architecture, Operations, and more
Applications in the Cloud - Architecture, Operations, and moreApplications in the Cloud - Architecture, Operations, and more
Applications in the Cloud - Architecture, Operations, and moreJohn Treadway
 
Developing a cloud strategy - Presentation Nexon ABC Event
Developing a cloud strategy - Presentation Nexon ABC EventDeveloping a cloud strategy - Presentation Nexon ABC Event
Developing a cloud strategy - Presentation Nexon ABC EventNexon Asia Pacific
 
Intelligent Cloud Enablement
Intelligent Cloud EnablementIntelligent Cloud Enablement
Intelligent Cloud EnablementDocuLynx
 
CloudExpo NY 2014: Moving Mission Critical Applications to the Cloud
CloudExpo NY 2014: Moving Mission Critical Applications to the CloudCloudExpo NY 2014: Moving Mission Critical Applications to the Cloud
CloudExpo NY 2014: Moving Mission Critical Applications to the CloudKacy Clarke
 
Boot camp - Migration to AWS
Boot camp - Migration to AWSBoot camp - Migration to AWS
Boot camp - Migration to AWSAmazon Web Services
 
Chapter 1 Introduction to Cloud Computing
Chapter 1 Introduction to Cloud ComputingChapter 1 Introduction to Cloud Computing
Chapter 1 Introduction to Cloud Computingnewbie2019
 
Six Steps to Private Cloud
Six Steps to Private CloudSix Steps to Private Cloud
Six Steps to Private CloudLogicalis Australia
 
Applying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migrationApplying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migrationKacy Clarke
 
Translating from legacy to cloud
Translating from legacy to cloudTranslating from legacy to cloud
Translating from legacy to cloudManikandan Sekar
 
Logicalis Cloud Briefing
Logicalis Cloud BriefingLogicalis Cloud Briefing
Logicalis Cloud BriefingLogicalis Australia
 
Cloud Enablement - IT Services Model
Cloud Enablement - IT Services Model Cloud Enablement - IT Services Model
Cloud Enablement - IT Services Model Vishal Sharma
 
Cloud Migration: Moving to the Cloud
Cloud Migration: Moving to the CloudCloud Migration: Moving to the Cloud
Cloud Migration: Moving to the CloudDr.-Ing. Michael Menzel
 
RightScale Webinar: Key Considerations For Cloud Migration and Portability
RightScale Webinar: Key Considerations For Cloud Migration and PortabilityRightScale Webinar: Key Considerations For Cloud Migration and Portability
RightScale Webinar: Key Considerations For Cloud Migration and PortabilityRightScale
 
Cloud Migration
Cloud MigrationCloud Migration
Cloud MigrationJolyne Marie
 
Pragmatic Enterprise Application Migration to AWS
Pragmatic Enterprise Application Migration to AWSPragmatic Enterprise Application Migration to AWS
Pragmatic Enterprise Application Migration to AWSKacy Clarke
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...EuroCloud
 
AWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAmazon Web Services
 
Cloud Strategy
Cloud StrategyCloud Strategy
Cloud StrategyRichard Harvey
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...Amazon Web Services
 
Feasibility of cloud migration for large enterprises
Feasibility of cloud migration for large enterprisesFeasibility of cloud migration for large enterprises
Feasibility of cloud migration for large enterprisesAnant Damle
 
Planning A Cloud Implementation
Planning A Cloud ImplementationPlanning A Cloud Implementation
Planning A Cloud ImplementationRex Wang
 
Webinar CRUI Dell: flexilab, computer classroom made flexible
Webinar CRUI Dell: flexilab, computer classroom made flexible Webinar CRUI Dell: flexilab, computer classroom made flexible
Webinar CRUI Dell: flexilab, computer classroom made flexible Jürgen Ambrosi
 
ERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China TripERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China TripERAUWebinars
 
Securing_Medical_Devices_v5
Securing_Medical_Devices_v5Securing_Medical_Devices_v5
Securing_Medical_Devices_v5Steve Markey
 

More Related Content

What's hot

Intelligent Cloud Enablement
Intelligent Cloud EnablementIntelligent Cloud Enablement
Intelligent Cloud EnablementDocuLynx
 
CloudExpo NY 2014: Moving Mission Critical Applications to the Cloud
CloudExpo NY 2014: Moving Mission Critical Applications to the CloudCloudExpo NY 2014: Moving Mission Critical Applications to the Cloud
CloudExpo NY 2014: Moving Mission Critical Applications to the CloudKacy Clarke
 
Chapter 1 Introduction to Cloud Computing
Chapter 1 Introduction to Cloud ComputingChapter 1 Introduction to Cloud Computing
Chapter 1 Introduction to Cloud Computingnewbie2019
 
Applying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migrationApplying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migrationKacy Clarke
 
Translating from legacy to cloud
Translating from legacy to cloudTranslating from legacy to cloud
Translating from legacy to cloudManikandan Sekar
 
Cloud Enablement - IT Services Model
Cloud Enablement - IT Services Model Cloud Enablement - IT Services Model
Cloud Enablement - IT Services Model Vishal Sharma
 
RightScale Webinar: Key Considerations For Cloud Migration and Portability
RightScale Webinar: Key Considerations For Cloud Migration and PortabilityRightScale Webinar: Key Considerations For Cloud Migration and Portability
RightScale Webinar: Key Considerations For Cloud Migration and PortabilityRightScale
 
Pragmatic Enterprise Application Migration to AWS
Pragmatic Enterprise Application Migration to AWSPragmatic Enterprise Application Migration to AWS
Pragmatic Enterprise Application Migration to AWSKacy Clarke
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...EuroCloud
 
AWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAmazon Web Services
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...Amazon Web Services
 
Feasibility of cloud migration for large enterprises
Feasibility of cloud migration for large enterprisesFeasibility of cloud migration for large enterprises
Feasibility of cloud migration for large enterprisesAnant Damle
 
Planning A Cloud Implementation
Planning A Cloud ImplementationPlanning A Cloud Implementation
Planning A Cloud ImplementationRex Wang
 
Webinar CRUI Dell: flexilab, computer classroom made flexible
Webinar CRUI Dell: flexilab, computer classroom made flexible Webinar CRUI Dell: flexilab, computer classroom made flexible
Webinar CRUI Dell: flexilab, computer classroom made flexible Jürgen Ambrosi
 

What's hot (20)

Intelligent Cloud Enablement
Intelligent Cloud EnablementIntelligent Cloud Enablement
Intelligent Cloud Enablement
 
CloudExpo NY 2014: Moving Mission Critical Applications to the Cloud
CloudExpo NY 2014: Moving Mission Critical Applications to the CloudCloudExpo NY 2014: Moving Mission Critical Applications to the Cloud
CloudExpo NY 2014: Moving Mission Critical Applications to the Cloud
 
Boot camp - Migration to AWS
Boot camp - Migration to AWSBoot camp - Migration to AWS
Boot camp - Migration to AWS
 
Chapter 1 Introduction to Cloud Computing
Chapter 1 Introduction to Cloud ComputingChapter 1 Introduction to Cloud Computing
Chapter 1 Introduction to Cloud Computing
 
Six Steps to Private Cloud
Six Steps to Private CloudSix Steps to Private Cloud
Six Steps to Private Cloud
 
Applying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migrationApplying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migration
 
Translating from legacy to cloud
Translating from legacy to cloudTranslating from legacy to cloud
Translating from legacy to cloud
 
Logicalis Cloud Briefing
Logicalis Cloud BriefingLogicalis Cloud Briefing
Logicalis Cloud Briefing
 
Cloud Enablement - IT Services Model
Cloud Enablement - IT Services Model Cloud Enablement - IT Services Model
Cloud Enablement - IT Services Model
 
Cloud Migration: Moving to the Cloud
Cloud Migration: Moving to the CloudCloud Migration: Moving to the Cloud
Cloud Migration: Moving to the Cloud
 
RightScale Webinar: Key Considerations For Cloud Migration and Portability
RightScale Webinar: Key Considerations For Cloud Migration and PortabilityRightScale Webinar: Key Considerations For Cloud Migration and Portability
RightScale Webinar: Key Considerations For Cloud Migration and Portability
 
Cloud Migration
Cloud MigrationCloud Migration
Cloud Migration
 
Pragmatic Enterprise Application Migration to AWS
Pragmatic Enterprise Application Migration to AWSPragmatic Enterprise Application Migration to AWS
Pragmatic Enterprise Application Migration to AWS
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
 
AWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWS
 
Cloud Strategy
Cloud StrategyCloud Strategy
Cloud Strategy
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
 
Feasibility of cloud migration for large enterprises
Feasibility of cloud migration for large enterprisesFeasibility of cloud migration for large enterprises
Feasibility of cloud migration for large enterprises
 
Planning A Cloud Implementation
Planning A Cloud ImplementationPlanning A Cloud Implementation
Planning A Cloud Implementation
 
Webinar CRUI Dell: flexilab, computer classroom made flexible
Webinar CRUI Dell: flexilab, computer classroom made flexible Webinar CRUI Dell: flexilab, computer classroom made flexible
Webinar CRUI Dell: flexilab, computer classroom made flexible
 

Viewers also liked

ERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China TripERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China TripERAUWebinars
 
Securing_Medical_Devices_v5
Securing_Medical_Devices_v5Securing_Medical_Devices_v5
Securing_Medical_Devices_v5Steve Markey
 
Securing_Dbs_in_Cloud_v12
Securing_Dbs_in_Cloud_v12Securing_Dbs_in_Cloud_v12
Securing_Dbs_in_Cloud_v12Steve Markey
 
Secure_Development_ISSA_v4
Secure_Development_ISSA_v4Secure_Development_ISSA_v4
Secure_Development_ISSA_v4Steve Markey
 
Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Steve Markey
 
FOJ Marketing 2015
FOJ Marketing 2015FOJ Marketing 2015
FOJ Marketing 2015Erin Perkins
 
Passion, Persistence, and Patience: The Search for Amelia Earhart
Passion, Persistence, and Patience: The Search for Amelia EarhartPassion, Persistence, and Patience: The Search for Amelia Earhart
Passion, Persistence, and Patience: The Search for Amelia EarhartERAUWebinars
 
Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Steve Markey
 
Webinar Slides-Three Knows to Great Writing Nov 4 2014
Webinar Slides-Three Knows to Great Writing Nov 4 2014Webinar Slides-Three Knows to Great Writing Nov 4 2014
Webinar Slides-Three Knows to Great Writing Nov 4 2014ERAUWebinars
 
Alpha and Omega: Program Outcomes to the Capstone
Alpha and Omega: Program Outcomes to the CapstoneAlpha and Omega: Program Outcomes to the Capstone
Alpha and Omega: Program Outcomes to the CapstoneERAUWebinars
 
Maotchitim
MaotchitimMaotchitim
Maotchitimjoliff
 
Safety webinar with mark friend
Safety webinar with mark friendSafety webinar with mark friend
Safety webinar with mark friendERAUWebinars
 
Vendor_Mgmt_101_IIMC_v2
Vendor_Mgmt_101_IIMC_v2Vendor_Mgmt_101_IIMC_v2
Vendor_Mgmt_101_IIMC_v2Steve Markey
 
Reverse_Engineering_Thick-clients
Reverse_Engineering_Thick-clientsReverse_Engineering_Thick-clients
Reverse_Engineering_Thick-clientsSteve Markey
 
Presentatie hrm inspiratiedag
Presentatie hrm inspiratiedagPresentatie hrm inspiratiedag
Presentatie hrm inspiratiedagEsther Mallant
 
Na it infographic_fnl
Na it infographic_fnlNa it infographic_fnl
Na it infographic_fnlThuyly Vu
 
ICS_Cybersecurity_FINAL
ICS_Cybersecurity_FINALICS_Cybersecurity_FINAL
ICS_Cybersecurity_FINALSteve Markey
 

Viewers also liked (20)

ERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China TripERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China Trip
 
Securing_Medical_Devices_v5
Securing_Medical_Devices_v5Securing_Medical_Devices_v5
Securing_Medical_Devices_v5
 
Securing_Dbs_in_Cloud_v12
Securing_Dbs_in_Cloud_v12Securing_Dbs_in_Cloud_v12
Securing_Dbs_in_Cloud_v12
 
Secure_Development_ISSA_v4
Secure_Development_ISSA_v4Secure_Development_ISSA_v4
Secure_Development_ISSA_v4
 
SSO_Good_Bad_Ugly
SSO_Good_Bad_UglySSO_Good_Bad_Ugly
SSO_Good_Bad_Ugly
 
Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1
 
FOJ Marketing 2015
FOJ Marketing 2015FOJ Marketing 2015
FOJ Marketing 2015
 
Passion, Persistence, and Patience: The Search for Amelia Earhart
Passion, Persistence, and Patience: The Search for Amelia EarhartPassion, Persistence, and Patience: The Search for Amelia Earhart
Passion, Persistence, and Patience: The Search for Amelia Earhart
 
Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5
 
Cryptov2 v1
Cryptov2 v1Cryptov2 v1
Cryptov2 v1
 
Webinar Slides-Three Knows to Great Writing Nov 4 2014
Webinar Slides-Three Knows to Great Writing Nov 4 2014Webinar Slides-Three Knows to Great Writing Nov 4 2014
Webinar Slides-Three Knows to Great Writing Nov 4 2014
 
Alpha and Omega: Program Outcomes to the Capstone
Alpha and Omega: Program Outcomes to the CapstoneAlpha and Omega: Program Outcomes to the Capstone
Alpha and Omega: Program Outcomes to the Capstone
 
MARIA AUXILIADORA
MARIA AUXILIADORAMARIA AUXILIADORA
MARIA AUXILIADORA
 
Maotchitim
MaotchitimMaotchitim
Maotchitim
 
Safety webinar with mark friend
Safety webinar with mark friendSafety webinar with mark friend
Safety webinar with mark friend
 
Vendor_Mgmt_101_IIMC_v2
Vendor_Mgmt_101_IIMC_v2Vendor_Mgmt_101_IIMC_v2
Vendor_Mgmt_101_IIMC_v2
 
Reverse_Engineering_Thick-clients
Reverse_Engineering_Thick-clientsReverse_Engineering_Thick-clients
Reverse_Engineering_Thick-clients
 
Presentatie hrm inspiratiedag
Presentatie hrm inspiratiedagPresentatie hrm inspiratiedag
Presentatie hrm inspiratiedag
 
Na it infographic_fnl
Na it infographic_fnlNa it infographic_fnl
Na it infographic_fnl
 
ICS_Cybersecurity_FINAL
ICS_Cybersecurity_FINALICS_Cybersecurity_FINAL
ICS_Cybersecurity_FINAL
 

Similar to e-Discovery Cloud Benefits and Concerns

Cloud computing arma_nnj
Cloud computing arma_nnjCloud computing arma_nnj
Cloud computing arma_nnjscm24
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeCloudHesive
 
Securing your esi_piedmont
Securing your esi_piedmontSecuring your esi_piedmont
Securing your esi_piedmontscm24
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Tudor Damian
 
Declare Victory with Big Data
Declare Victory with Big DataDeclare Victory with Big Data
Declare Victory with Big DataJ On The Beach
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computingikanow
 
Securing_Native_Big_Data_v1
Securing_Native_Big_Data_v1Securing_Native_Big_Data_v1
Securing_Native_Big_Data_v1Steve Markey
 
Integrating garp e_discovery
Integrating garp e_discoveryIntegrating garp e_discovery
Integrating garp e_discoveryscm24
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing OverviewManju Srinivas
 
Data Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcData Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcDataTactics
 
CSCMP 2014: End to End SCM In The Cloud - Supply Chain Exchange II Track 13 -...
CSCMP 2014: End to End SCM In The Cloud - Supply Chain Exchange II Track 13 -...CSCMP 2014: End to End SCM In The Cloud - Supply Chain Exchange II Track 13 -...
CSCMP 2014: End to End SCM In The Cloud - Supply Chain Exchange II Track 13 -...InterimONE
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computingkrisbliesner
 
Application Portfolio Migration v1
Application Portfolio Migration v1Application Portfolio Migration v1
Application Portfolio Migration v1Arthur Ching
 
Archiving, E-Discovery, and Supervision with Spark and Hadoop with Jordan Volz
Archiving, E-Discovery, and Supervision with Spark and Hadoop with Jordan VolzArchiving, E-Discovery, and Supervision with Spark and Hadoop with Jordan Volz
Archiving, E-Discovery, and Supervision with Spark and Hadoop with Jordan VolzDatabricks
 
The 2014 AWS Enterprise Summit - Where to Begin
The 2014 AWS Enterprise Summit - Where to BeginThe 2014 AWS Enterprise Summit - Where to Begin
The 2014 AWS Enterprise Summit - Where to BeginAmazon Web Services
 
Scim2012 q1update chrisphillips
Scim2012 q1update chrisphillipsScim2012 q1update chrisphillips
Scim2012 q1update chrisphillipsChris Phillips
 
Kubernetes - Container Management PaaS Journey
Kubernetes - Container Management PaaS JourneyKubernetes - Container Management PaaS Journey
Kubernetes - Container Management PaaS JourneyUladzimir Palkhouski
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudCloudHesive
 

Similar to e-Discovery Cloud Benefits and Concerns (20)

Cloud computing arma_nnj
Cloud computing arma_nnjCloud computing arma_nnj
Cloud computing arma_nnj
 
Rubik cloud risks-jun2012
Rubik cloud risks-jun2012Rubik cloud risks-jun2012
Rubik cloud risks-jun2012
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our Time
 
Securing your esi_piedmont
Securing your esi_piedmontSecuring your esi_piedmont
Securing your esi_piedmont
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]
 
Declare Victory with Big Data
Declare Victory with Big DataDeclare Victory with Big Data
Declare Victory with Big Data
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
 
Securing_Native_Big_Data_v1
Securing_Native_Big_Data_v1Securing_Native_Big_Data_v1
Securing_Native_Big_Data_v1
 
Integrating garp e_discovery
Integrating garp e_discoveryIntegrating garp e_discovery
Integrating garp e_discovery
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
 
Data Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcData Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtc
 
CSCMP 2014: End to End SCM In The Cloud - Supply Chain Exchange II Track 13 -...
CSCMP 2014: End to End SCM In The Cloud - Supply Chain Exchange II Track 13 -...CSCMP 2014: End to End SCM In The Cloud - Supply Chain Exchange II Track 13 -...
CSCMP 2014: End to End SCM In The Cloud - Supply Chain Exchange II Track 13 -...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computing
 
Application Portfolio Migration v1
Application Portfolio Migration v1Application Portfolio Migration v1
Application Portfolio Migration v1
 
Archiving, E-Discovery, and Supervision with Spark and Hadoop with Jordan Volz
Archiving, E-Discovery, and Supervision with Spark and Hadoop with Jordan VolzArchiving, E-Discovery, and Supervision with Spark and Hadoop with Jordan Volz
Archiving, E-Discovery, and Supervision with Spark and Hadoop with Jordan Volz
 
The 2014 AWS Enterprise Summit - Where to Begin
The 2014 AWS Enterprise Summit - Where to BeginThe 2014 AWS Enterprise Summit - Where to Begin
The 2014 AWS Enterprise Summit - Where to Begin
 
Scim2012 q1update chrisphillips
Scim2012 q1update chrisphillipsScim2012 q1update chrisphillips
Scim2012 q1update chrisphillips
 
Kubernetes - Container Management PaaS Journey
Kubernetes - Container Management PaaS JourneyKubernetes - Container Management PaaS Journey
Kubernetes - Container Management PaaS Journey
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
 

e-Discovery Cloud Benefits and Concerns

  • 1. e-Discovery 2.0: In the Cloud Wednesday, November 16, 2011 9:45 AM - 10:45 AM Steven C. Markey, MSIS, PMP, CISSP, CIPP, CISM, CISA, STS-EV, CCSK Founder/Principal, nControl, LLC; Adjunct Professor; President, Cloud Security Alliance – Delaware Valley Chapter (CSA-DelVal)
  • 2. • Presentation Overview – Technology • Case Study 1: IN the Cloud • Case Study 2: FROM the Cloud • e-Discovery Cloud Benefits • e-Discovery Cloud Concerns • e-Discovery Cloud Solutions – Process • Electronic Discovery Reference Model (EDRM) • Information Governance Reference Model (IGRM)
  • 4. • Case Study 1: IN the Cloud – Background – Drivers – Technologies – Limitations – Risks – Lessons Learned
  • 5. • Case Study 1: IN the Cloud (Continued) – Background • A Fortune 1000 Financial Services Firm – Investment Management (PA) – Life Insurance (CT) – Annuities (IN) • Legacy Project: 2005/2006 • In-House, Mature IT Team – Drivers • Efficiency/GUI Availability • Compliance • Cost
  • 6. • Case Study 1: IN the Cloud (Continued) – Technologies • Email: In-House Exchange/IXOS – Recently Transitioned from GroupWise in CT • Discovery: Zantaz (SaaS) – Limitations • De-Centralized Back Office (IT, Compliance, HR) – No Formal Records & Info Mgmt (RIM) Function/Role • Lack of Enterprise Project Mgmt Office (PMO) • Lack of Discovery Specialists
  • 7. • Case Study 1: IN the Cloud (Continued) – Risks • Data Loss – Tape Conversion – Large Result-Set Delivery » CD-ROMs via Snail Mail » Hourly Vendor Processing Fee • Vendor Management: Contractual/SLA Omissions • Search/Result-Set False Positives/Negatives • BCP/DR: Datacom • Poor Usability • Scope Creep
  • 8. • Case Study 1: IN the Cloud (Continued) – Lessons Learned • Schedule/Effort Underestimated – Uploading Email on Tape to Zantaz » Transitioned Legacy GroupWise Data to Exchange • Not Enough On-Site Training – Compliance, HR Not Technical • Discovery Support Resource Limitations – Budget Was Not There • Testing Plans – Incident Response – BCP/DR
  • 9. • Case Study 2: FROM the Cloud – Background – Drivers – Technologies – Limitations – Risks – Lessons Learned – Next Steps
  • 10. • Case Study 2: FROM the Cloud (Continued) – Background • Financial Services SMB – Capital Management (PA) • Recent Project: 2010 • IT: Managed Service Provider/Operations, Director – Drivers • Cost • Compliance – Technologies • Email: Exchange Server ‘07/Online/BPOS/Office 365
  • 11. • Case Study 2: FROM the Cloud (Continued) – Limitations • Budget • Skill-Sets • Resources – Risks • Software/System Interoperability • Vendor Management: Contractual/SLA Omissions • BCP/DR: Datacom • Legacy Email Availability • Scope Creep
  • 12. • Case Study 2: FROM the Cloud (Continued) – Lessons Learned • Limited Cost Savings – On-Site Exchange Box for Journaling – Upgrade to EV v9.0 to Support Exchange 2010 • Exchange Journaling From the Cloud, Complicated • Leverage Interim Solution for BlackBerry Services – Shutdown BlackBerry Enterprise Server (BES) – Leverage AstraSync (Exchange ActiveSync)
  • 13. • Case Study 2: FROM the Cloud (Continued) – Next Steps • Upgrade to EV v10.0 – Incorporate Social Media • Test BCP/DR e-Discovery Functionality • BlackBerry Office 365/BES Express – Looking at BES Balance (“Data Boxing”) • Reviewing Cloud e-Discovery SaaS Solutions – Symantec Enterprise Vault.cloud – Microsoft EOA/EHA
  • 14. • e-Discovery Cloud Benefits – Generic (Across SPI Stack) – SaaS Specific – PaaS Specific – IaaS Specific
  • 15. • e-Discovery Cloud Benefits (Continued) – Generic (Across SPI Stack) • Cost – More Quantifiable Return on Investment (ROI)….? – Total Cost of Ownership (TCO) Savings » Operating Expense versus Capital Expense » Variable Expense versus Fixed Expense • Core Competency Focus – Vendor Has Skill-Set » Configuration Management » Tie-In 3rd Party Products – Legal/Litigation Support – Cross-Platform Support
  • 16. • e-Discovery Cloud Benefits (Continued) – Generic (Across SPI Stack) • Core Competency Focus – Processing » Retention » Disposition – Compliance Best Practices – System Criticality » Vendor/Provider Configuration Management » BCP/DR • Supports Distributed Enterprises – Distributed Parties (Internal/External Counsel, Plaintiffs) – Satisfy Different Jurisdictional Requirements » e.g. AWS Zones
  • 17. • e-Discovery Cloud Benefits (Continued) – SaaS Specific • “Turn-Key” – PaaS/IaaS Specific • Flexibility – Tie-In Best Practices » EDRM » IGRM » Generally Accepted Privacy Principles, GAPP » Generally Accepted Recordkeeping Principles, GARP • Control – Configuration Management
  • 18. • e-Discovery Cloud Concerns – Generic (Across SPI Stack) – SaaS Specific – PaaS/IaaS Specific
  • 19. • e-Discovery Cloud Concerns (Continued) – Generic (Across SPI Stack) • Cost – Data Transfer – Storage – Third Party Connectors/Extra License for Journaling • Loss of Additional Functionality/Scalability/Features – PST Collectors – Additional Archival Artifacts/System Integration » File Share(s) » Content Management System (CMS: SharePoint, Quickr) » Mobile/PC Social Media » Mobile/PC Instant Messaging (IM) » Mobile/VoIP PBX: Phone Calls, Voicemail (VM), SMS/Texts
  • 20. • e-Discovery Cloud Concerns (Continued) – Generic (Across SPI Stack) • Vendor Management – Viability/Long Term Market Prospects – Portability/Interoperability (“Lock-In”) – Vendor’s Vendors • BCP/DR • IAM – Federated Identities for Services/Users? » SAML » OAuth » OpenID » WS-Trust
  • 21. • e-Discovery Cloud Concerns (Continued) – Generic (Across SPI Stack) • Privacy/Compliance Jurisdiction • Usability (GUI) • RIM – Conversion Effort/Project/Task » Platforms: GroupWise/Lotus/Squirrel Mail/Exchange » Hard-Copy Files: Optical Character Recognition (OCR) • Compatibility – May Force Upgrade • Incident Response – Vendor’s CompSec Incident Response Team (CSIRT) » Criminal Investigations
  • 22. • e-Discovery Cloud Concerns (Continued)
  • 23.
  • 24. • e-Discovery Cloud Concerns (Continued) – SaaS Specific • AppSec • RIM – Classification – Retention – PaaS/IaaS Specific • Skill-Set • Control – Multi-Tenancy • Cost Effectiveness – Volume/Block-Level Storage
  • 25. • e-Discovery Cloud Concerns (Continued) – PaaS/IaaS Specific • Justification – Deal With Software Vendor & Cloud Service Provider • Third-Party Products – Long-Term Strategy/Viability
  • 26. • e-Discovery Cloud Solutions – SaaS – PaaS – IaaS
  • 27. • e-Discovery Cloud Solutions – SaaS • Social Media-Centric – Arkovi – Archive-It – LiveOffice SocialArchive • Comprehensive – Zantaz – Proofpoint Enterprise Archive – Microsoft EOA – Symantec Enterprise Vault.cloud – EMC SourceOne – VARs/Resellers – Google Message Discovery (GMD)
  • 28. • e-Discovery Cloud Solutions – SaaS (Continued) • Comprehensive – Sonian – Smarsh
  • 29. • e-Discovery Cloud Solutions – PaaS • Various Platform Vendors – Build e-Discovery Modules Leveraging Existing Platform » Not Much of a Market/Business Model » Re-Create the Wheel – IaaS • Various Cloud Vendors – Build e-Discovery Solution on IaaS Instance » Leverage Existing Licensing » Analogous to Hosting
  • 31.
  • 32.
  • 33. • Questions? • Contact – Email: smarkey@ncontrol-llc.com – Twitter: markes1 – LI: http://www.linkedin.com/in/smarkey – CSA-DelVal: http://www.csadelval.org/

Editor's Notes

  1. MS Exchange Online Connector (MEOC) Exchange 2007
  2. BES 4.0 for 2007 BES 5.0 for 2010
  3. BES v5.0.3 for Balancing