Unmanaged, unstructured emails are a fire waiting to start

Over time, email piles up in massive servers, archives, even users desktops and it becomes like a matchbook underneath a child’s bed. Alone, it causes no threat and just sits there, waiting. They can go years and even a lifetime without ever causing a problem.

While no one would leave a matchbook underneath a child’s bed, as it’s completely unfathomable, few think twice about their email servers.

But, why such a visceral reaction to leaving a matchbook in a kid’s room? The matches are not going to burst in to flames, they won’t just spark old comic books and baseball cards, and matches are not the easiest thing to start – even as an adult. We take precautions because of what could happen if those matches got into the wrong little hands.

So why do we just hoard email on servers, desktops and even on legacy backup tapes when there are harmful matches among them? Within the millions of email are Social Security numbers, contracts, legal documents, regulatory compliance papers and emails that can no longer be properly interpreted. Like the matchbook, this dark data just sits there. They don’t just expose themselves, they don’t just jump through firewalls and they aren’t just going to send themselves.

Yet, all it takes is one set of wrong hands and a fire can quickly develop. Thieves search for personally identifiable information that can cause loss of customers, FTC interference and identity theft. Legal and regulatory documents can’t be found or end up in the wrong hand causing fines and penalties. Plus, don’t forget all the money needed to repair and upgrade fire walls and pay legal fees associated with breaches.

Just like a parent sets the rules, compliance, legal, IT, records managers or another guardian needs to set policies surrounding emails. Retention policies, containing both archiving and deletion policies, should be in place to govern data. One leading analyst group recently estimated that less than one percent of companies actively have and enforce an information governance policy.

Much of this goes back to the tools – how do you set policy around data when you don’t know what exists or where? It’s near impossible to understand unstructured data and uncover all those pesky, hidden PST files. But now the technology exists in the form of unstructured data profiling.

Data profiling, sometimes called file analysis, is a process where all forms of unstructured files and email are analyzed and the user is provided a searchable ‘map’ and comprehensive summary reports of the metadata including type of information that exists, where it is located, who owns it, if its redundant, and when it was last accessed.

Optionally data profiling can look beyond metadata and go deep within documents and email for content supporting eDiscovery keyword searches or even personally identifiable information (PII) audits for sensitive content such as Social Security or credit card numbers.

Not only does the technology exist, but it exists at a price point that makes it affordable to deploy, leaving no room for excuses why the matches in the email server and hoping the wrong pair of hands doesn’t find it. Even for those that don’t want to throw out or move the matches – it’s imperative that you at least know the matches are there so they aren’t left next to the comic books.

Unfortunately, many won’t find the motivation to find, expose and isolate the matches until after a breach, but those that see the proactive importance of simply knowing what data is being stored, visit http://www.indexengines.com/solution-data-profiling-assessment.html or contact info@indexengines.com

Data profiling webinar: Accelerating Time to Data

Data Profiling Webinar: Accelerating Time to Data

Discover how to make eDiscovery time and cost effective Identifying, culling and collecting online and offline ESI has grown exponentially as the volume of data has exploded.

But eDiscovery does not have to be a long, labor-intensive, expensive process – technology and streamlined workflows can accelerate time to data.

Discover more Wednesday, April 3 at 1pm – 2pm EST during an exclusive webinar focused on answering your most pressing eDiscovery and legal hold issues, including:

• Increasing defensibility while reducing the time to search and cull ESI
• Making legal hold archives flexible for multiple litigation events as queries and legal request change
• Reducing ESI identification time and costs through data profiling

Litigation support and archiving professionals struggle to meet tight deadlines and even tighter budgets for far too long.

Register now for this free webinar, brought to you by Index Engines and ACEDS, and learn how to keep your ESI collection and management costs in check while accelerating time to data.

Your presenter: Jim McGann. Jim is the Vice President of Marketing at Index Engines. Jim has extensive experience with eDiscovery and Information Management in the Fortune 2000 sector. He is a frequent writer and speaker on the topics of big data, backup tape remediation, electronic discovery and records management. He is a frequent speaker on Big Data management, eDiscovery, litigation readiness and data profiling.

Data Profiling: Bridging the Gap Between Legal and IT

One of the key challenges, as you know, is getting legal and IT to communicate. They have not had a common language – language that allows them to understand each other and build policies. This language is based on knowledge – knowledge of data assets. Without this knowledge they have nothing to discuss. Data profiling is the knowledge or language that allows IT and legal to communicate and build sound polices.

Check out this column on Bridging the Gap Between Legal and IT in Legal IT Professional

Protect your consumers’ data or have the integrity to admit that you can’t

More and more businesses are falling victim to data breaches, but are failing to report it to the people that have their identity and financial security at stake – their consumers.

According to an article on Inc.com, small businesses are reluctant to inform data breach victims of their information loss–even though laws in 46 states require them to do so.

“While more than half of American small businesses have experienced data breaches, only 33 percent of them notified victims of their personal information loss, according to a report released yesterday by Ponemon Institute, a Michigan-based security research firm.”

What are you really reading – 67% of companies that fall victim to data breaches have leadership in place that don’t care of about securing consumer breaches AND don’t have the integrity to tell their customers they don’t, not to mention that bank accounts, credit cards, social security numbers are now at stake. But if it’s not the business’ mortgage payment on the line, most don’t own up to it.

But I guess it’s human nature to deny, deny, deny. Remember the last time a spouse asked you where the dry cleaning was? Or when you forgot that birthday, anniversary or meeting? Willing to bet most responses out there where along the lines of “it wasn’t ready yet,” “I can’t believe the post office hasn’t delivered it yet,” “I made surprise dinner reservations,” or “my secretary forgot.” Some call them excuses, others – cover ups.

Realistically, no one likes admitting when they mess up, but hopefully when it’s a serious incident that affects the security and stability of other people they have the integrity to fess up and make it right. And if you don’t want to have to admit to exposing all of your consumers’ data, you better make sure it can’t be breached because denying one happened is illegal.

Denying a data breach can irreparably hurt a business’ image, cost them current and future customers, and open them up to lawsuits and legislative fines. But the technology does exist today to audit you system for sensitive client records so you can secure them – and it’s a lot more cost effective than what it will take to restore consumer confidence in your brand post-breach.

With a simple data profile, you can audit for unencrypted personally identifiable information (PII). Data profiling is a process where all forms of storage and document types are analyzed and the user is provided a searchable ‘map’ of the type of information that exists, where it is located, who owns it, when it was last accessed and what key terms are in it. This can be done on legacy backup tapes, servers and the unmanaged user data. How much easier would it be to prevent a data breach if you could find and remove the data that a hacker would be looking for?

It’s really that simple – would you rather have your company work to prevent a breach or have someone on the inside decide what to do after it’s too late?

Learn more about data profiling in this white paper or email info@indexengines.com for more information.

Webinar: Tame risk hidden in legacy archives

Join Index Engines and Vedder Price Thursday, March 14

Is old data jeopardizing your organization?

Massive volumes of content are created every day and as this content ages it fades into the background and becomes a challenge and a risk to manage.

Backup tapes represent a major aspect of this legacy data. They embody archives of user content, from sensitive email communications to critical contracts and agreements.

But there are innovative, automated ways to reduce legacy data, manage data risks and control costs. Find out more during an exclusive webinar presented by Index Engines and Vedder Price, Thursday March 14 at 1 pm ET. Register now.

It’s a real problem that’s costing organizations millions in litigation and eDiscovery costs. Stockpiles of hidden data contain unknown risk and liabilities.

Managing this data and ensuring it complies with current information governance policies is an ongoing, complex challenge.

This webinar will give real-world new approaches towards reducing legacy data, controlling its cost, and managing the content that can be enacted immediately. Register now.

Presenters
Bruce Radke, Shareholder, Vedder Price
Jim McGann, Vice President Marketing, Index Engines

Webinar: Deadlines, Defensibility and Dollars – eDiscovery Best Practices

Join Index Engines Thur, March 7th for this exclusive web event
We understand service providers face a growing challenge from their clients – the completion of more complex projects under stricter deadlines and budgets with less man hours.

But, there’s a solution we’d like to share with you.

Discover how to keep your cost and man power resources in line while completing projects on deadline with extreme accuracy during an exclusive webinar brought to you by Index Engines, the leader in high speed ESI collection and management.

In less than 60 minutes, you’ll uncover how eDiscovery Service Providers:

Deliver culled data that is de-duplicated and metadata filtered days ahead of their deadline and competition, expediting the culling process,
Secure the integrity of findings and make it defensible using a single interface that allows for unified identification and capture of unique ESI from multiple sources, and
Accurately predict cost by deciding on a pricing model – project, subscription or custodian based – that is the most cost effective for your business.

Register now for this complimentary best practices webinar, on Thur, March 7th at 2:00PM EST and discover how top eDiscovery Service Providers are developing their business by focusing on: deadlines, defensibility and dollars.

About Index Engines’ eDiscovery model
Index Engines’ high speed ESI collection and management platform makes the eDiscovery process time and cost efficient; enabling eDiscovery service providers to complete more complex projects under stricter deadlines and budgets with less man hours. With our best-in-breed integrated workflow, we concentrate on your Deadlines, Defensibility and Dollars.

Will out of context emails make your company look “scandalous”

The news of more leaked emails is making their way around the blogosphere, including one of our favorites over at Yahoo Finance.

Henry Blodget of the Daily Ticker brings up an intriguing point, no matter how many policies you put in place or how much you hope that your employees have common sense – ‘knucklehead emails’ still get sent out.

I call them ‘knucklehead emails’ because the ones I refer to have no malice associated with them, they’re just not well thought out, like joking about a gambling spree with the petty cash. Sure, to the writer it’s funny because there’s only $10 available and the recipient knows it, but to the outside reader one year later, not so funny. It’s completely harmless until taken out of context. (The ones with malice and cover-up attempt, that’s a difference topic for another day.)

Every company has at least a handful of “knucklehead emails” somewhere in their database whether it’s football pools (Gambling), the sending of a credit card number (PII violation), or the forwarding of a joke (Sexual harassment).

In today’s hyper-sensitive and over-regulated world, if those emails got out, yours could be the next company sharing a headline with the word ‘scandalous.’

The key to preventing these situations is being aware of what information exists and making decisions on it. After all, does your information governance policy really exist if there’s no one there to enforce it?

Understanding what exists by adding a data profiling policy to your information governance plan is a start. Parameters can also be set to start a defensible deletion policy for information that has no business value. The only thing a forwarded chain mail from an ex-employee that hasn’t been viewed in seven years can do is come back to hurt you. The harsh truth is, your email servers are filled with valueless emails waiting to find their way out in to the open.

Organizations need to be proactive to protect their consumers and themselves. The ‘keep everything’ policy does more than just inflate your storage costs, it puts you in line to be the next “scandalous” company.

For more information on protecting your company from “knucklehead emails” contact info@indexengines.com

Live in Chicago: Defensible solutions for reducing data accumulation and legacy data retention

Discover how to reduce data risk and cost Feb. 21 in Chicago

What: Index Engines and Esicon Consulting are holding a complimentary, live seminar “Defensible solutions for reducing data accumulation and legacy data retention”

Who: Index Engines, the leader in enterprise information management and archiving solutions and Esicon Consulting, an information technology and data management litigation consulting firm
Why: Many companies have legacy data on backup tapes that has been sitting in vaults 5, 10 or more years with the door only opening to put more tapes inside. Frighteningly, these tapes are full stockpiles of email servers and user documents that have not been managed according to the evolving legal and regulatory policies.
Now, technology has made viewing and accessing backup tape data possible without restoring systems or it becoming a time and cost burden, allowing organizations to proactively manage legacy data for risk and liabilities.

Who benefits: Legal professionals that want to reduce legal and organization risk and the costs associated with maintaining and adding data storage. (CLE: This program qualifies for 2 hours of general credit for Illinois attorneys)

When: Thursday, Feb. 21

Where: The Franklin Center, 222 West Adams Street, Chicago

Cost: Free

Register: http://go.indexengines.com/l/11252/2013-01-25/pwf2q
Contact info@indexengines.com for more information

As another company settles with the FTC over data privacy violations, Index Engines says ‘breaches are preventable’

In wake of another FTC fine resulting from exposure of personally identifiable information, enterprise information management provider, Index Engines, says the technology exists to avoid security breaches and fines.

HOLMDEL, NJ – Nearly 300,000 people allegedly had their Social Security and credit card numbers exposed when unencrypted backup tapes and other data storage belonging to Cbr Systems, Inc were stolen from a vehicle; causing the FTC to hand down drastic penalties over the next 20 years and an information management provider to preach ‘an ounce of prevention.’

Index Engines, a leader in enterprise information management and archiving solutions, watched the essence of what they help companies avoid happen as the FTC required Cbr Systems to establish and maintain a complete information security program and submit to independent security audits every other year for 20 years.

“Index Engines helps companies reduce their liability and security risks by profiling electronically stored information so they can quickly, easily and affordably see what they have,’’ Index Engines Vice President David Ballard said. “This process helps make breaches preventable because organizations know immediately where sensitive data resides within the enterprise and can secure it according to policy.”

Index Engines allows users to map out the type, location and age of data, enabling companies to determine the disposition of the content in order to maintain compliance to regulations governing electronic data.

Along with metadata, Index Engines enables companies to govern themselves with a Personally Identifiable Information (PII) search that finds and accesses sensitive content including unencrypted data, social security and credit card numbers. This standard search would have protected Cbr Systems’ information.

“Most companies have sound information governance and privacy policies, but they don’t have the capability or knowledge to enforce them,” Index Engines Vice President Jim McGann said. “The solutions are out there, companies just need to be proactive in understanding what they have or it will be a case of what you don’t know will hurt you.”

Index Engines also says this is not the first FTC data privacy charge that could have been prevented. Last year the FTC charged Wyndham Worldwide and three affiliates after credit card numbers were kept in plain text files that resulted in the electronic theft of credit card data. Index Engines allows users to search emails, files, PDFs, servers and legacy tapes and determine if they are at risk for security breaches.

“When you look at all a company risks from having a data privacy breach – fines, penalties and the loss of consumer trust – there’s no viable reason enforcing your data privacy policy shouldn’t be the first line item on your budget,’’ McGann said. “Affordable, efficient technology exists to avoid security breaches and protect PII.”

Accelerating Time to Data

Index Engines eDiscovery and Legal Hold Workflow

eDiscovery professionals struggle to meet tight deadlines and manage even tighter budgets.

Service providers and litigation support professionals alike are constantly stressed when facing large and complex jobs that require identification, collection and culling of electronically stored information (ESI). This all boils down to time to data. Time to search. Time to review. Time to get the job done.

At LegalTech next week Index Engines will introduce the concept of Accelerating Time to Data. Many of our clients have used traditional tools and software to manage different aspects of ESI processing. From tools to extract PSTs from Exchange, to indexing tools, to search and culling tools, OCR, review, hosting, etc.

Using many tools requires moving ESI which takes time and compromises defensibility. When eDiscovery jobs were small and manageable these tools did the job, painfully, but it was completed close to schedule. As the scale of eDiscovery jobs has grown and the complexity has expanded these tools have failed to meet deadlines.

Time to data is about using a unified approach to manage ESI processing. A single platform allows you to get the job done faster as you are not managing multiple tools and transferring ESI. A single unified platform ensures reliability and defensibility and provides a single audit trail that can be easily referenced as needed.

Time to data is our theme at LegalTech and beyond. As the fastest ESI indexing solution on the market today it is time to impact your time to data and start meeting deadlines and budgets. And don’t believe those other vendors that claim to be the fastest at 1TB per day, the mark to beat here is only delivered by Index Engines at 1TB per hour.

Visit Index Engines at LegalTech booth #2105.