Archive for April, 2012

End-to-end discovery services is one of those things you hear a lot about in the industry, but it’s not always clear what it means. eDiscovery customers tend to have unique needs, so end-to-end service is going to mean very different things to different users.  Nextpoint has had a true end-to-end solution for many years, but it’s probably useful to explain what we mean when we say it.

To illustrate end-to-end service, imagine you have a client complaining that another company is infringing on their trademark online. Digital trade dress is a common complaint these days, but proving it in court can be subjective and difficult. But Cloud Preservation can crawl the infringing party’s websites, blogs, and social media properties, capturing a complete and forensically accurate archive of all publicly available online evidence necessary to make such a case.

You can see in the pyramid below how this kind of collection is the first, foundational step of an end-to-end litigation life cycle. The Nextpoint technology platform seamlessly moves that data from Cloud Preservation to our review platform Discovery Cloud, and all the way through litigation with Trial Cloud.

Litigation Life Cycle

The Nextpoint Litigation Life Cycle

You can easily search and review the content right in Cloud Preservation, identifying potential infringement and verifying that you do, in fact, have a case. Once you establish that there is a legitimate cause for action, you can export all of your data directly into Discovery Cloud. You can choose to move the entirety of your archive or select a subset of data within the archive to move.

Discovery Cloud is a full featured review platform, meaning your evidence is all indexed, searchable, and ready for review. Note, however, that this is where many of the purported end-to-end solutions end. Nextpoint actually began as a trial services solution, so when a matter does go to court, you can easily move the documents you want to produce into Trial Cloud. You can even produce evidence directly to opposing counsel or other parties with Discovery Cloud WIRE.

After initial production,  Trial Cloud can be used for pre-trial preparations, creating exhibits and demonstratives out of the archived content. Trial Cloud codes and reviews depositions, video, and even easily creates a live movie that compares visuals illustrating the trade dress infringement. Any data collected in Cloud Preservation is now marked as a trial exhibit. You still maintain the original database for any further research or ongoing evidence collection. And of course, none of your data is deleted unless you want it to be dumped, meaning you have an archive that can be used for research and as a foundation for any similar, future matters.


Read Full Post »

Humans: Weakest Link

As reported earlier this week, Verizon recently released a detailed analysis of hundreds of data breaches. One interesting statistic was that the amount of reported social engineering hacks- the polite way of saying “tricking people into giving you their password”- was down from last year. That’s misleading though, because social tactics remain the most dangerous and pernicious type of attack on any network. An intrusion can usually be detected, but when a hacker is able to successfully exploit a user and log in with legitimate credentials, it becomes next to impossible to stop.

Nextpoint deploys every security provision possible to defend users’ data, but the weakest link in security will always be careless humans. All of the security provisions in the world cannot prevent a hacker if someone has your user name and password. Just as problematic is the use of weak or easily guessable passwords. (For example, “Password” is never a good password.)

Nextpoint applications have tools in place to guard against both of these problems, including password strength requirements, two-factor authentication, and “login history” functionality found in the My Profile section within any Nextpoint application. Administrators can review when any individual last logged in through the Dashboard view. It’s also useful to review the history within an application to see if any unusual or unauthorized transaction has taken place.

Don’t Be the Weakest Link 

There are several basic steps that can help prevent social hacks. First, limit permissions to only those trusted users who must access client data in order to do their job. Next, always limit that number of advanced and administrator-level permissions to only the staff who absolutely must have such access. Above all, initiate a policy limiting when and how new users can be added and control access to reset passwords and other credentials.

Always be very suspicious of any emails or messages requesting access to an application. It may not be unusual to have a team member tell you they have lost their password or email to request a new PIN number. Unfortunately, it is easy for anyone to spoof an email address or even pretend to be someone else on the phone. Take advantage of the tools available to continually monitor access, and whenever possible, limit the number of people who can log onto your system. It’s in your interest and your clients’ interests. For more information, check out the security information for Nextpoint services.

Jason Krause is a veteran of the legal technology industry with more than a dozen years of experience as a journalist covering eDiscovery. Prior to joining Nextpoint’s marketing department, Jason was a writer and reporter for the American Bar Association’s ABA Journal, where he was one of the first to recognize and report on the impact exploding volumes of evidence is having on litigation. He has also covered the industry as a freelance writer and independent marketing consultant for publications such as Law Technology News.

Read Full Post »

Having recently come from the ABA Techshow in Chicago, it was interesting to see that even after more than a decade of explosive growth, the field of litigation technology is still largely dominated by a small handful of experts. As with any insular world, there’s always a chance for conflicts of interest and the appearance of improper relationships.
eDiscovery World Implodes
It was probably not surprising that the plaintiffs in the recent Da Silva Moore v. Publicis Groupe, (S.D.N.Y. Feb. 24, 2012) opinion, which supported the use of machine learning in discovery, filed an objection to the order. It’s probably also not surprising that they argued that the judge, Andrew Peck, was too cozy with search technology vendors and should recuse himself. In fact, it’s a mainly surprising that such an objection hasn’t happened before.

Many of the lawyers, Magistrate Judges, and vendors in the eDiscovery field are in frequent contact, whether at industry conferences, working groups for the Sedona Conference, or writing on each other’s blogs. These relationships have helped move the industry forward, whether producing industry standards, new rules, or useful guides like the Cooperation Proclamation. In particular, a small number of influential Magistrate Judges have moved this area of law forward. I’ve written about this world for many years, including this feature profile of high-profile eDiscovery judges.

It was interesting to read Judge Peck’s response, in which he had to defend his past appearances at the LegalTech conference (which is sponsored by eDiscovery vendors), distanced himself from Da Silva Moore defense attorney and influential legal blogger Ralph Losey, and past speaking engagements on eDiscovery issues. Peck was absolutely right to say, “If plaintiffs were to prevail, it would serve to discourage judges (and for that matter attorneys) from speaking on educational panels about eDiscovery (or any other subject for that matter).” It would be a bad situation if industry thought leaders felt uncomfortable meeting in public, but it’s also true that the eDiscovery field would benefit from less insularity and more fresh input from newcomers. If more judges paid attention to eDiscovery issues, it wouldn’t be possible for Judge Peck to be attacked in this way.

Jason Krause is a veteran of the legal technology industry with more than a dozen years of experience as a journalist covering eDiscovery. Prior to joining Nextpoint’s marketing department, Jason was a writer and reporter for the American Bar Association’s ABA Journal, where he was one of the first to recognize and report on the impact exploding volumes of evidence is having on litigation. He has also covered the industry as a freelance writer and independent marketing consultant for publications such as Law Technology News.

Read Full Post »

Verizon’s “Hacktivism” 2012 report analyzed 855 data breaches in 2011, finding that both small and large businesses are experiencing the second highest data loss since the report’s inception in 2004. Written to help prevent future breaches in 2012, the report carefully breaks down and analyzes global data breach statistics from 2011 and offers recommended solutions. So what did the report find? On a high level, small and large businesses alike suffer from data breaches, primarily from external agents.

According to the report, data breach attempts in 2011 were primarily high volume and low risk attacks aimed at weak targets. As was true in past reports, attacks targeted trade secrets, classified information, and other proprietary information. These data breaches comprised largely of stolen or guessed credentials to gain access to a business’ data records. At least four businesses were forced to dissolve their organization as a result of data security breaches.

Where are these breaches coming from? A full 98% stemmed from external agents, up 6% from last years report, and 58% was tied to activist groups (commonly known as hacktivism). Internal employees committed 4% of breaches, down 13% from last year. And finally, business partners were responsible for less than 1%.

How are the security systems being breached? The report found 81% of breaches utilized some form of hacking, up 31% from last years report. While 69% incorporated malware, up 20% from the previous year. Down 19%, only 10% involved physical attacks. Also down from last year, 7% employed social tactics. And finally, 5% resulted from privilege misuse, also down from last years report.

So what can you do? Is there any hope to protecting your data from external cyber intrusions? YES. Verizon suggested the following:


Read Full Post »

There is a lot of scary talk in the industry about a ‘data deluge’ overwhelming litigation. But the real issue that no one wants to acknowledge is that traditional eDiscovery technologies simply don’t scale well enough to handle the exploding data requirements of discovery.

Evolve or DieThe first thing to understand is that eDiscovery data requirements will not be getting any smaller. We’ve discussed Moore’s Law before, but the gist of it is that data volumes double every 2 years along with other computational resources. So that means if an average case for you involves processing and reviewing 100 gigabytes of data today, by 2020 your average case will be 1.6 terabytes of data. Just think what that will do to the big cases. Today’s tools don’t really do a good job of managing 100GB of data.

Scale is probably a term you’ve been hearing a lot lately. It references computational scalability, or a systems’ ability to grow to accommodate larger workloads. We chose to build the Nextpoint platform in the cloud years ago because we recognized that you need to fight fire with fire. The cloud exists and people are increasingly using cloud-based tools for creating data at ever-increasing rates. Consider what Gmail has done to inbox sizes. Or perhaps consider all of the data that is being published to the web via social media platforms like Facebook, Twitter, YouTube, and Instragram. It’s hard to believe that data won’t AT LEAST double in the next two years.


Read Full Post »

The Read Write Enterprise blog recently published an interesting post titled Facebook, Passwords, Employers, and a Business Opportunity. The business opportunity in question is monitoring that allows employers to access non-public Facebook and social media content from employees.

This is obviously a touchy area. Employees don’t want their employer monitoring their personal, online activity and are not likely to turn over passwords and access to their personal accounts for that purpose. But, author Joe Brockmeier says, “Show me a system that can monitor social media traffic with very little human intervention, and no involvement from anyone at the employer unless there’s a possible infraction, and it might be acceptable.”

That sounds like a pretty high hurdle, but it is entirely possible today. Despite public outcry at prospective employers asking job interviewers for their Facebook passwords, the fact is that it is relatively simple for applications to access and archive Facebook and other social media content. For example, Nextpoint’s Cloud Preservation provides the capability to collect private Facebook information. Cloud Preservation uses Facebook’s Graph API (which uses OAuth  for authorization) to crawl private Facebook profiles in addition to public pages, including friend lists, wall posts, and just about anything published on a page.

Cloud Preservation provides users with a passive archive that allows them to review social media content if an issue arises. Most importantly, the archive maintains an audit trail on every item, so that any review of someone’s content would be recorded, ensuring the employer can enforce a policy that allows only authorized reviewers can see data.

Brockmeier says he is against employee monitoring employee pages in almost every situation, but notes specific, limited examples where monitoring is acceptable. It’s obviously going to take careful implementation by an employer, but it is a mistake to think that such a social media review policy is not achievable today.

Read Full Post »

One of our ongoing challenges has been to explain the obvious benefits of cloud computing in the legal environment. Judging from last week’s ABA Techshow in Chicago, it seems that the world has finally caught up. It was great to see other cloud computing vendors getting recognition, as well as meeting some of newcomers to the field. (Although we we interested to see new companies claiming to be “Cloud Computing Pioneers.”)

The ABA Techshow is a great event because it offers more substantive sessions and more information for small and solo lawyers than most other industry events. As in years past, Nextpoint was in attendance to promote cloud computing and our services, including CEO Rakesh Madhava’s presentation “Cloud Computing for Lawyers.” After the show, Sean Doherty had a great writeup for Law.com on Nextpoint’s newest service offering, Discovery Cloud WIRE. Techshow regular Sharon Nelson has a nice summary of other announcements from the show on her Ride the Lightning blog.

Nextpoint sponsored the cloud computing track, which was one of the best-attended and most popular group of sessions. Topics included cloud security and starting a virtual law firm. Some attendees asked questions that made it clear they still run a paper-based office and are nowhere near ready to launch an all cloud-based virtual law firm. But a number of others indicated they are either using cloud applications or are seriously considering moving more of their operations to a cloud platform. It will be interesting to see how much these early adopters accelerate the adoption of cloud computing by next year’s event.

Read Full Post »

Older Posts »