CONSULTING
|
DIGITAL FORENSICS
|
E-DISCLOSURE
LEGAL NEWS Issue 13
www.cclgroupltd.com
DATA SECURITY AND ELECTRONIC DISCLOSURE A BRIEF LOOK AT THE WAY IN WHICH E-DISCLOSURE IS CURRENTLY DELIVERED, AND WHETHER IT IS COMPATIBLE WITH DATA SECURITY BEST PRACTICE AND DATA PROTECTION LAW by Rob Savage
2013 was, like 2012, punctuated with examples of where corporate data security has failed. We are living in a world where any device connected to the internet is a potential target for attack and the more valuable the data contained within it, the more of a target it becomes. It is no longer just socially alienated teenagers sitting in their darkened bedrooms who are wreaking havoc on the world wide web; it has become both a corporate and government tool of espionage. A recent conversation with one of our clients revealed that they counted the number of weekly unauthorised attempts to access their network in the thousands. Thankfully, organisations appear to be waking up to this growing threat and many are taking steps to protect themselves, their infrastructure and their information. In many cases this is not simply born out of a desire to do right by their customers, or protect
their information, but instead to avoid the publicity of being the next highprofile casualty. It is very easy in the panic and melee of an investigation (or litigation) to forget the importance of data security. When disclosure of documents is required, it is not uncommon to copy great chunks of data and ship it off to a law firm or third party to wade through. Historically, this was often done with little consideration of data security, but corporates are again waking up to the risks that this presents. As a third party that regularly host this valuable data, we are often asked questions on our security. We, of course, have the layers of security one would expect to minimise the risk from ‘hackers’, but we go further and provide physical security that goes beyond that of other e-disclosure suppliers. We provide a GPS-tracked
IN THIS ED
ITION...
> Data se curity electronic d and isclosure > Though ts for the month > Challen ging other side’s the EDQ > Where’s my data? > CPD co urse > About C CL
courier service with a security cleared driver using a specially equipped van. We have a purpose-built laboratory, which is accredited to handle information up to ‘Restricted’ and most importantly, every CCL employee is security vetted. These are all good things, but we still find that in some cases our clients are unwilling to agree for their data to leave the safety of their building. To accommodate for this we have developed an on-site deployment model, which allows us to deploy technology and run a disclosure exercise from the client’s premises, giving them confidence on their data security. It is essential to have this infrastructure and flexibility, in order to provide effective e-disclosure services, whilst keeping data security at the top of the agenda and giving clients the reassurance that their data is in safe hands in these uncertain times.
1