This article can also be found in the Premium Editorial Download "Storage magazine: How to plan for a disaster before a software upgrade."
Download it now to read this article plus other related content.
"If you don't have experience in ediscovery, EDRM is useful. It is good for showing what the issues are," says Mark Brennan, counsel at Bryan Cave LLP in Kansas City.
"For an IT person faced with finding ediscovery tools, the first thing I would do is take the EDRM diagram and go talk with your legal counsel," says Matthew Todd, CISO and VP of risk and technical operations at Palo Alto, CA-based Financial Engines Inc. The legal counsel should tell you which functions the IT group should do in-house. Then you can start looking at tools.
Where EDRM breaks down is with naming tools. "It's very useful, except it doesn't name tools," says Lance Rea, CIO at New York City law firm Davis & Gilbert LLP. Actual products tend to overlap EDRM areas. For example, an archiving tool from the information management area will also perform search, making it useful for identification.
| Rea performs ediscovery searches with Microsoft Outlook and the firm's archiving tool, EMC EmailXtender.
The areas of ediscovery that involve storage the most include information management, identification and preservation/collection. Information management covers those things the storage group already handles, such as content management, records management, document management, CRM, email archiving and data archiving.
"Even with all these systems, it's hard to get to unified content management, which is where you ideally want to be. It takes several years to get to that point, and you still face fire drills when an ediscovery request comes in," says Jason Priebe, of counsel at the Chicago-based law firm Seyfarth Shaw LLP, and formerly the ediscovery practice manager at a major property and casualty insurance company. "Even with tools like Oracle Content Server or Documentum, it still takes years to sweep up all the unstructured data," he adds.
Just getting the data unified and into one place isn't enough. Every company needs a data-retention policy it actively follows and enforces. "The best thing the storage people can do is to support the email retention policy," says Jack Hupper, CIO at the New York City Law Department. In terms of tools, that means deploying email archiving applications, such as Symantec Corp.'s Enterprise Vault, and tools for classification and categorization like those from Autonomy (which owns Zantaz Inc.) or Recommind Inc.
Identification is the process of determining the scope, breadth and depth of the electronic information that might be needed in litigation. You should start by identifying the largest pool of potentially relevant data, which requires search tools. For the purposes of identification, the search tools don't even have to be that good. "You could use Outlook or even Google," says Rea at Davis & Gilbert. At subsequent stages, when culling the data to zero in on the exact documents you need to turn over, you'll need more sophisticated search tools like Kazeon System Inc.'s Kazeon Information Server or even forensic search tools like Guidance Software Inc.'s EnCase suite of products--but that comes later and probably needs to be handled by lawyers. If the amount of data to be searched is vast, many companies call in outsourcing vendors.
This was first published in May 2008