Peter Mojica, Long-Term Archival Preservation Records Management Legal Discovery Compliance
Skip to content

I am looking for information on ediscovery and digital forensics systems and services and would appreciate any advice, guidance and recommendations

Rating: +0

Positive Negative

* This was selected as Best Answer

Bill,

There are several aspects to eDiscovery, you mentioned forensics, and several responses have already pointed you in the right direction with EnCase from Guidance Software as being the leader in the forensics space – What forensics entails is often a two step process and actually pretty detailed where you have “certified” professionals and personnel specifically certified on the use of Encase. Forensics involves detailed analysis of hardware, files, file systems, security, log files, etc. It’s the equivalent of the TV show CSI. Large shops run Encase to perform ongoing investigations of internal elecronic assets.

There are several other areas of eDiscovery which are “active” and “reactive” and there are different tools and processes for each – if your concerned with eDiscovery it may be safe to assume that it is in response to litigation. So you may need to search electroinic content for particular records that are related to the litigation, these can be emails or other electrnonic documents – you may have to search tape backups, active email, and even desktops local hard-drives. These records may need to be discovered, produced as originals, and placed on hold to prevent erasure.

To handle legacy restoration of data there are firms that handle tape and other format restoration, for active on going archival of emails and other data sources there are archival vendors that provide active as well as legacy restoration of data.

The other aspect of the eDiscovery which may not be used by you, but your legal counsel is review systems such as Concordance, this is the area that is typically the next phase after discovery and extraction of records from an archival system.

On the forensics side you have two classes of services one is software that you can run internally from Guidance Software, the other is service bureau based where you basically take all your “stuff”, paper, computers, digitial records, etc. and hand the whole thing off to a service bureau, let them “do their thing” and the result is a searchable repository that you can access. Kroll OnTrack is a vendor in this space.

Next you have active and reactive approaches, the reactive approach which uses archival software to actively archive data from email and other sources, as well as handle legacy data contained on tape and other sources. AXS-One is a vendor in this space.

Then you have the review software aspect, where generally legal counsel or taking information culled from archival systems and doing more detailed reviews of the content to separate relevant, privileged, non-responsive and other classes of data and prepare them for evidence with Bates numbering for example. Concordance is a vendor in this space.

The end-to-end process is much more than one aspect, it’s a chain of events that needs to take place.

Good Luck,
Peter
March 2008

http://www.compliance.typepad.com
http://www.csi1000.com
Links:

* http://www.guidancesoftware.com/products/ef_index.asp
* http://law.lexisnexis.com/concordance
* http://www.axsone.com