Are the best document review attorneys working long hours at night at home? Can they print “interesting” docs or emails to firm associates upon request? Does one doc review attorney out of 60 in a beautiful open-office space in Dallas have an ax to grind against your client or against a particular corporate player?
Can an attorney email docs to a college roommate who now works at Bloomberg? Can they casually share a particularly “colorful” comment by Acme’s president with their spouse on the couch for a laugh? You need a solution that ends the back channeling.
Wouldn’t it be great if your document review attorneys could access the docs from the office only if you choose — and only if the attorney’s face has been authenticated in front of the computer? That ideal state is available right now.
Professionals Are Humans, Too
The contract attorneys hired in Richmond, Atlanta, Philadelphia, and the Twin Cities are smart people who went to college, and then law school, and passed the state Bar. Most are earnest, well-meaning professionals.
But they make honest mistakes. Documents get saved to the wrong server, emailed to the wrong people in error, backed up to the agency’s systems and stored forever. Contract doc review attorneys live with people who work at law firms and newspapers or colleges and state legislatures.
They change too — impartial and professional one day, and driven by passions 90 days later — with access to evidence. And that evidence in the wrong hands can be devastating. Data loss prevention and other methodologies for controlling where sensitive client data goes are more important today than ever before, and more complicated today too, as projects involve more organizations.
Take Control of The Document Review Environment
There is a practical, economical way of implementing best-practices InfoSec across all your doc review agencies. You can select the vendor who has the doc review lawyers with domain expertise, or just the right price, and “outsource” the infosec to an independent provider who’s only business is keeping your client’s information secure.
Do the contract attorney agency and the full-service ediscovery provider have backups of their network storage resources? Their email servers? The individual PCs in the review center? Your key documents are on their network and in their backup snapshots, and perhaps even in their third-party data backup company’s storage systems.
Recently one contract doc review agency in the US had a “leak.” Some PDFs of import docs of one of their clients leaked from the user’s PCs onto the agency’s email server and system backup tapes. The audit to prove that they had complied with the document destruction order cost about as much as they made on the project.
If only the well-meaning doc review vendor had been able to segregate all the data on the matter to an independently managed info tech infrastructure, this could have all been avoided.
People can make honest mistakes. People can also behave badly. That’s why you need a fast, secure, inexpensive computing infrastructure that provides complete isolation of your client sensitive confidential data so it can’t leak or be leaked.
Solutions That Put You on the Right Side of the InfoSec Battle
Consider a secure, matter-specific information technology infrastructure and related services to get doc review projects started on the right InfoSec posture. From a practical perspective, a matter — or project — specific infrastructure means that for each document review and redaction project gets its own discrete, secure, virtual computer network with workstations, email, shared storage, and approved apps and constant auditing for each user working on that matter.
These systems can be faster than traditional approaches, accessible (with proper permissions) from anywhere in the world, and surprisingly economical.
Get a solution in which each virtual workstation has its own dedicated storage — that does not get backed up to the agency’s systems — as well as a dedicated email account for the matter and user.
With the right infrastructure, the email for project coordination, collaboration, and doc sharing is NOT inside the ediscovery vendor’s enterprise email system, with its own policies and backup protocols.
Be sure that each workstation has firewall whitelist rules to ensure the doc review attorneys CAN access the sites they need and cannot access other sites, and, of course can only send/receive email to/from folks they should.
A Matter Specific Infrastructure provides each document review attorney and project manager an individual virtual workstation for each new project, or matter, and at the end of the matter, the infrastructure is archived or deleted. You do not have to depend on the vendor’s IT staff to carry out the cleanup. Information security, convenience and cost-effectiveness are guaranteed. Worries disappear.
To find out more, visit SecureReview at the LegalTech 2020 conference, booth #3231. SecureReview is a proud sponsor of LegalWeek, which takes place February 3 to 6, 2020, at the New York Hilton in Manhattan.