Category Archives: Corporations

5 Considerations for Creating an Effective BYOD Policy

Creating an effective BYOD policy

5 Considerations for Creating an Effective BYOD Policy
Written by Doug Austin, Editor of eDiscovery Today

A couple of weeks ago, I discussed three cases here that illustrated the importance of having a strong Bring Your Own Device (BYOD) policy in your organization to minimize security risks.  Today, I’ll discuss best practices associated with BYOD policies and even provide a couple of links to sample BYOD policies that you can use as a starting point to develop your own organization’s BYOD policy or confirm that your existing policy “covers all of the bases” in protecting your organization.

The Stats Associated with BYOD

According to this report, 85 percent of organizations enable BYOD.  76 percent of them enable it at least for employees and those organizations and others also enable it for contractors, partners, customers and suppliers.  Organizations embrace BYOD because it increases employee mobility (74 percent of respondents), employee satisfaction (54 percent) and reduces costs (49 percent).

However, 51 percent of respondents stated that the volume of threats targeting mobile devices is increasing, following the rise of BYOD and mobile data access.  Also, 43 percent of respondents didn’t even know if devices accessing corporate data were infected with malware.  And, just a few years ago, as few as 39 percent of companies actually had a formal BYOD policy.  39 percent!  While that number has probably gone up, it illustrates just how much of a “wild west” the use of BYOD devices has been in many organizations.

5 Considerations for Creating an Effective BYOD Policy

If your organization doesn’t have a BYOD policy, because of the COVID-19 pandemic, there has never been a better time to implement one. Nonetheless, here are some of the considerations you should address to establish proper use of BYOD devices by your employees and any other parties that might have access to organization resources.

  • Require Passwords on All Devices Used for Company Work: I know you’re saying “no duh!” but there are still people out there who could be using older devices with older operating systems (especially with all of the additional remote access during the pandemic) that don’t require the device to be secured with a password. Most newer OSs require a password to be set for the device, so this may not happen that often, but you want to explicitly require passwords on all BYOD devices.  You may also want to establish a requirement for strength of passwords, when appropriate, and maximum amount of idle time for the device before it automatically locks.
  • Establish Lists of Approved and/or Banned Apps: Have you heard all of the recent concern about the app TikTok and privacy concerns? Last week, Amazon told workers to remove the app from their devices or risk losing access to company email, then apparently called that directive a “mistake.  Regardless of what you think of TikTok, there are apps out there that are known security risks.  Your IT department should stay up-to-date on which apps might be at risk, keep updated lists of banned apps within the organization and communicate those changes regularly.  Or consider even getting more restrictive by providing a list of approved apps (and a procedure for requesting apps to be evaluated for addition to the list).
  • Provide Security Software: To the extent that individuals are accessing company resources, they should be doing it through secured means. Securing access through a Virtual Private Network (VPN) or Remote Desktop Protocol (RDP) is a must for any resources not accessed through secured cloud platforms.  In addition, it’s a good idea to consider implementing a Mobile Device Management (MDM) solution to directly administer mobile devices to segment business data and use from personal data and use.
  • Establish a Policy for Use of BYOD Devices During Legal Holds: This is a “no, duh!” tip for eDiscovery professionals, but most people don’t even think about the potential for their BYOD device to contain unique data, even if instructed to preserve all data. The BYOD policy should, in general, explicitly state the rights for the organization to access the BYOD device, which should include the need to preserve and collect data during legal holds.  It also should cover things such as discontinuing auto deletion of texts and messages within messaging apps (which could even include discontinuing using ephemeral messaging apps if they don’t provide an option to keep the messages indefinitely) and coordinating with the organization before replacing your device to capture data from it first.
  • Force Acknowledgement of the Policy and Policy Updates: In other words, require employees (and anyone else with access to company resources) to sign a copy of the policy to acknowledge that they have read and understood the policy. You also may need to consider having them sign periodically to acknowledge significant updates to it as well.  Not only is it important to hopefully avoid incidents of evidence spoliation, but it also can at least illustrate that your organization has communicated and confirmed an understanding of the policy from individuals, which could be important to defend against significant sanction if spoliation does occur.

Examples of BYOD Policies

There are too many best practices to cover in one blog post, but there are several FREE examples of BYOD policies available on the web to provide ideas regarding what to cover in your organization’s BYOD policy.  They cover several additional best practices to address, including support, reimbursement of costs, handling of lost/stolen/damaged equipment and termination of employment.  Here are links to two of them, courtesy of SHRM and IT Manager Daily.  These and others can be terrific starting points for creating your own BYOD policy, but your policy should be unique to the needs and challenges of your particular organization and you should not only customize it to your needs, but evaluate it periodically and update it as necessary to ensure it continues to cover and protect your organization as much as possible.

For more educational topics from Doug Austin related to eDiscovery, cybersecurity and data privacy, feel free to follow, eDiscovery Today And as part of the continued educational partnership between Ipro and eDiscovery Today, he’ll be here in the Ipro Newsroom next week with more educational content!

Recent Case Law Illustrates the Importance of Addressing BYOD in Your Organization

BYOD Case Law

Recent Case Law Illustrates the Importance of Addressing BYOD in Your Organization
Written by Doug Austin, Editor of eDiscovery Today

If you follow my writing, you know that I cover a lot of case law – typically between 60 to 70 cases a year. When you do that, you notice certain trends that illustrate some of the challenges that organizations face today with regard to electronic discovery. One of the more common trends these days relates to cases related to mobile device data and the failure to preserve that data. Many organizations today support a Bring Your Own Device (BYOD) approach to employees and their mobile devices; however, many of them don’t have an effective policy or plan for addressing mobile device data when litigation hits.

Let’s take a look at three recent cases where failure to preserve mobile device data led to sanctions requests by requesting parties.

In DriveTime Car Sales Company, LLC v. Pettigrew, No.: 2:17-cv-371 (S.D. Ohio Apr. 18, 2019), Ohio Judge George C. Smith granted in part and denied in part the plaintiff’s motion for spoliation sanctions against defendant Pauley Motor, denying the plaintiff’s request for an adverse inference sanction by ruling that “DriveTime has not sufficiently demonstrated that Pauley Motor acted with the requisite intent” when Bruce Pauley failed to take reasonable steps to preserve text messages when he switched to a different phone. However, he did note that “less severe sanctions are available to DriveTime under Rule 37(e)(1) upon a finding of prejudice.” Judge Smith also allowed the plaintiff to “introduce evidence at trial…of the litigation hold letter and Pauley Motor’s subsequent failure to preserve the text messages. DriveTime may argue for whatever inference it hopes the jury will draw.”

In NuVasive, Inc. v. Kormanis, No. 1:18CV282 (M.D.N.C. Mar. 13, 2019), North Carolina Magistrate Judge Patrick Auld granted the plaintiff’s motion for sanctions in part, giving the plaintiff additional time to depose and subpoena text messages from a key contact who indicated that he was unable to retrieve text messages beyond two months prior (but also refused to let the plaintiff inspect his devices). Judge Auld also recommended that, “because the record supports but does not compel a ‘finding that [Defendant Kormanis] acted with the intent to deprive [Plaintiff] of the [lost text messages’] use in the litigation, the Court submit that issue to the ‘jury, [with] the [C]ourt’s instruction[s] mak[ing] clear that the jury may infer from the loss of the [text messages] that [they were] unfavorable to [Defendant Kormanis] only if the jury first finds that [he] acted with the intent to deprive [Plaintiff] of the[ir] use in the litigation’”.

In Paisley Park Enter., Inc. v. Boxill, No. 17-cv-1212 (WMW/TNL), (D. Minn. Mar. 5, 2019), a case related to the late rock legend Prince, two defendants not only failed to disengage the auto-delete function on their phones, but they also each wiped and discarded their phone – one did it twice – since October 2017. Minnesota Magistrate Judge Tony N. Leung granted in part the plaintiffs’ Motion for Sanctions Due to Spoliation of Evidence, ordering the Rogue Music Alliance (“RMA”) Defendants to pay reasonable expenses, including attorney’s fees and costs, that Plaintiffs incurred as a result of the RMA Defendants’ “misconduct”, and also ordered the RMA Defendants to pay into the Court a fine of $10,000, but chose to defer consideration of adverse inference instruction sanctions to a later date, closer to trial.

As you can see, failing to preserve data from mobile devices led to various levels of sanctions against the spoliating parties, not to mention the effort it took to defend themselves against even more significant sanctions. Here are two considerations that you need to keep in mind to avoid the same issues that these parties encountered:

  • BYOD Policy: Many organizations support employees’ ability to use BYOD devices, but a lot of them don’t have a formal policy regarding the use and management of those devices, which includes an employee’s duty to preserve mobile device data when litigation hits. Organizations need a clear BYOD policy that emphasizes the rights of the organization and the responsibilities of the employees using BYOD devices for company use, including those associated with preservation and collection of mobile device data. (Check out this post on BYOD policies from Ipro’s eDiscovery Blues series).
  • Litigation Hold Notices: Litigation hold notices need to be extended to enforce preservation of mobile device data, including instructions to suspend any auto-deletion of text messages (as well as messages from other messaging apps) and spell out the responsibilities to preserve data from mobile devices before discarding those devices.

Just because a device is owned by an employee doesn’t mean there is any less responsibility for that employee to take appropriate steps to preserve that data during litigation. Organizations need to take control of that challenge by implementing a formal BYOD policy and ensure litigation hold notices clearly spell out the duty of custodians to extend preservation to their BYOD devices.

Next week, I’ll discuss best practices associated with BYOD policies. My first Ipro cliffhanger!

For more educational topics from Doug Austin related to eDiscovery, cybersecurity and data privacy, feel free to follow, eDiscovery Today And as part of the continued educational partnership between Ipro and eDiscovery Today, he’ll be here in the Ipro Newsroom next week with more educational content!

3 Challenges Corporate Legal Teams Face With BYOD

corporate legal BYOD

 

3 Challenges Corporate Legal Teams Face With BYOD

JD Supra Readers Choice Top Author 2020Written by Jim Gill
Content Chief, Ipro

Today’s eDiscovery Blues comic highlights several challenges In-House legal teams might face when working with data in the face of litigation, starting with the sinking feeling that comes when you ask yourself, “Is the I.T. department being sarcastic?” That’s part of the humor here, but the answer given about simply having everyone use Snapchat as a solution for employees using their personal mobile devices for work (Bring Your Own Device or BYOD) raises several points worth discussing.

Corporate Legal Challenge #1: Mobile Devices, eDiscovery & BYOD

Mobile devices can be difficult when it comes to eDiscovery for many reasons. They contain a large variety of file-types and data intermingled with a lot of private information, which may be privileged. Extracting specific information can be difficult and imaging an entire device can be costly (read this example from recent case law for more on the pros and cons of imaging entire mobile devices).

That’s why it’s important to have policies in place to determine how mobile devices are used for business purposes, which is exactly what Rick Compliance, eDiscovery manager, was trying to do when he called I.T. above.

Corporate Legal Challenge #2: Social Media / Chat, eDiscovery & BYOD

Messaging platforms (e.g. Slack, Teams, What’s App) and social media (e.g. Facebook, Instagram, LinkedIn, Snapchat) go hand in hand with mobile devices, and we all know that business is conducted across multiple platforms and devices, sometimes simultaneously. Gaining insight into the ESI created by these can be difficult.

With social media, data can usually be requested from the source company (For example, Instagram has a data request form in its Privacy and Security settings), and chat files can be exported, but both of these can be difficult to put into a review-ready format, losing the context of the conversations held within them. And these new data sources continue to grow and be used in interesting ways, as this recent case shows: Etsy Post Leads to Arrest of Cop Car Arson Suspect in Philly.

Knowing if these platforms are a potential source of data for your organization should litigation arise is vital. Having policies in place around their use for business and alignment between Legal and I.T. should this data need to be collected is ideal.

Corporate Legal Challenge #3: Avoiding Sanctions for Mobile Data Spoliation, Including Ephemeral Data

Finally, the notion of a company telling employees to use ephemeral data messaging as part of their BYOD policy isn’t so far-fetched. And it can lead to sanctions.

In a recent case, WeRide Corp. v. Huang et al. (N.D. Cal. Apr. 24, 2020), the defendants were sanctioned under FRCP Rule 37, because they directed employees of their company AllRide to communicate using the application DingTalk internally. The CEO testified, he felt it was “more secure” than other messaging platforms; however, DingTalk allows for “ephemeral messages” that automatically delete after they have been sent and read (much the same as Snapchat, mentioned in the cartoon above).

The court’s ruling stated, “AllRide left in place the autodelete setting on its email server, began using DingTalk’s ephemeral messaging feature, and maintained a policy of deleting the email accounts and wiping the computers of former employees after the preliminary injunction issued. This practice of destroying potentially discoverable material shows both willfulness and bad faith. Based on these undisputed facts, the Court finds it appropriate to issue terminating sanctions.”

Conclusion

Mobile Data is no joke and having alignment between Legal, IT, Compliance and other stakeholders is a must before litigation arises. Without clear policies in place, there are so many ways mobile data can quickly become a problem.

For more insights into your organization’s data landscape, Download the Ipro Pre-Litigation Data Inventory Checklist now!

Ipro Pre-Litigation Data Checklist

What is In-Place Preservation and How Does It Affect Your eDiscovery Workflow

In-Place Preservation

What is In-Place Preservation and How Does It Affect Your eDiscovery Workflow

JD Supra Readers Choice Top Author 2020Written by Jim Gill
Content Chief, Ipro

There has been a lot of discussion around In-Place Preservation (IPP) over the past few years, but many in the legal industry are still unsure of its potential for eDiscovery, data privacy, and compliance.

A good first step is to define what we mean by IPP and how that changes whether you’re talking about data retention policies or legal hold.

For retention, preserving data in-place simply means you retain the data where it’s actually being used, rather than moving it to a separate archiving solution or to a separate location the way we would move paper boxes to a warehouse (which is exactly the struggle Rick Compliance is facing in this week’s eDiscovery Blues™ comic.)

For a legal hold, the goal is to ensure data is locked down automatically, without relying on the custodian to do it, so that it cannot be altered or deleted, as it’s subject to impending litigation.

As Mike Quartararo, president of ACEDS, puts it, “In-Place Preservation to me is one of those safeguards that you bake into your workflow, your eDiscovery process, and particularly the preservation process, that is really designed to make your life easier down the road. If you don’t preserve it properly upfront, the likelihood of success later down the road is reduced.”

The ability to set retention rules on enterprise email servers has been available for some time, but a challenge that organizations face today with preserving data, particularly in-place, is how to do this across the multiple data sources that are in constant use:

  • Email sources like Outlook and G-Suite
  • Messaging apps like Teams and Slack
  • Cloud repositories like Box, OneDrive, and Google Drive
  • Video conferencing apps like Zoom

These are never really frozen in time. So if data is locked or preserved in-place in response to litigation, the functionality of those tools is affected, which disrupts business.

So IPP in terms of legal hold may require creative software solutions that can preserve data in-place, while allowing regular business operations to continue. No small feat, but absolutely a reality which can push legal teams to the next level for defensibility, security, and efficiency.

Want to hear a full discussion on IPP and In-Place EDA?
Listen to this deep dive from Mike Quartararo from ACEDS, Frederic Bourget from NetGovern,
and Ryan Joyce and Jim Gill from Ipro!

eDiscovery Software Gives Distributed Legal Teams the Agility & Collaboration They Need

distributed eDiscovery teams

eDiscovery Software Gives Distributed Legal Teams the Agility & Collaboration They Need

JD Supra Readers Choice Top Author 2020Written by Jim Gill
Content Chief, Ipro

For the past several months, the legal community has had to quickly adapt to the reality of working remotely in response to the COVID-19 pandemic. Luckily, we live in a day and age where distributed eDiscovery teams can, for the most part, continue the work at hand, through the use and adoption of technology.

We’ve all become accustomed to communication through video chat platforms, and have even come to rely on these interactions, not only for teams within an organization, but for connection with the larger legal community (shout outs here to Ari Kaplan’s Virtual Lunch Series and David Cowen and his Cowen Café Series for their efforts on this front).

But more than Zoom calls keeping legal departments connected, even when they are truly “in-house” — like our eDiscovery Blues hero, Rick Compliance and his team above – it’s important to remember the eDiscovery software and both it’s security and agility which allows legal teams to not only stay in touch but continue their work.

Aaron Swenson, Product Director at Ipro, shared, “I think today, more than ever, problems that have always existed are magnified with teams becoming distributed practically overnight: the problems of agility, consistency, and collaboration. Before, co-located teams were able to walk over and talk about how to review a document or architect a review. Which seemed great, but a byproduct is that it limits consistency and review power to only the team that’s co-located. Today’s data is created by globally distributed teams, scaling up without boundaries. Approaching this problem, where review is a team sport without physical boundaries, is a perspective I think isn’t just a necessity today, but something that will give those firms embracing it competitive advantages over the long term.”

Which is why it’s so important to leverage eDiscovery technology that gives team members secure remote access for data ingestion and processing, as well as enabling collaboration with internal and external stakeholders.

That way, whether your legal team is in-house, in-office, in-kitchen, in-hotel, or in-the-backyard, the work of eDiscovery continues securely, defensibly, and seamlessly.

Read more of Ipro’s original legal comic “eDiscovery Blues” every Friday!

 

How Government Agencies Walk the Line with Legacy Software

Government agencies legacy software

How Government Agencies Walk the Line with Legacy Software

JD Supra Readers Choice Top Author 2020Written by Jim Gill
Content Chief, Ipro

Have you ever cleaned out your closet and found that shoebox full of cassettes from college? Companies and government agencies are no different. Many of their electronic files are stored as legacy file types which are no longer supported. And these aren’t just files that are of little significance.

In an article from October 2019, Ars Technica reported that the U.S. Air Force’s intercontinental ballistic missile command had finally stopped storing data on 8-inch floppy disks. You read that correctly: data from active nuclear missile sites was being captured and managed using 40+ year-old technology. The Air Force cites the use of these legacy systems as a cybersecurity advantage, and even though data is now stored on a “highly secure solid state digital storage solution,” the Strategic Air Command still relies on IBM Series/1 computers installed at Minuteman II sites in the 1960s and 1970s.

One of the biggest challenges with legacy systems is that they work fine as long as things remain “business as usual.” But when outside events change the status quo, unforeseen weaknesses and challenges can arise quickly.

With the COVID-19 outbreak in early 2020, the number of applications for benefits from the CARES Act, passed in late March 2020, overwhelmed state employment offices. A good deal of the gridlock was state agencies relying on a 60-year-old programming language called COBOL, causing claims to take as long as two weeks to process.

As Robin Roberson, executive director of the Oklahoma Employment Security Commission, put the situation, “Our mainframe is literally over 30 years old. It’s very difficult to program, it doesn’t do much, [and] COBOL programmers are somewhat scarce.”

State agencies across the country are scrambling to update COBOL code, but according to Gartner, the average age of a COBOL programmer is above 60. Mahmoud Ezzeldin, 75, who was a COBOL programmer for Blue Cross Blue Shield and the IRS, offered to come out of retirement and volunteer help in training organizations updating their systems to meet the increased demand for relief benefits.

From an eDiscovery perspective, legacy data can prove a challenge as well. Government agencies, corporations, and law firms all most likely have some legacy data they may have to contend with regarding investigations, litigation, and FOIA or other compliance requests. As this week’s eDiscovery Blues cartoon highlights, these organizations may have the information required, but getting that data into a format that is reviewable and producible is where the challenge lies.

Which is why it’s important to work closely with your IT department to know if your organization has any potential legacy data obstacles, as well as ensuring that you have an eDiscovery technology partner who can effectively and efficiently manage those challenges.

Otherwise, you may end up like Rick Compliance, eDiscovery Manager, scouring the internet for used floppy drives.

Read More about How Your Legal Team is Being Held Back by Legacy eDiscovery Software

 

Introducing Ipro’s Legal Technology Comic Strip “eDiscovery Blues”

JD Supra Readers Choice Top Author 2020Written by Jim Gill
Content Chief, Ipro

I’ve said before that a sense of humor isn’t necessary in eDiscovery, but it sure helps. Which is why Ipro has created our own comic strip, eDiscovery Blues™.

Today’s strip features our hero, eDiscovery Manager Rick Compliance, facing communication challenges with his IT Dept.

There is no denying that communication (or the lack thereof) can be an obstacle when it comes to reaching objectives. One main issue for Corporate Legal Teams is that so many of the stakeholders involved with the legal department communicate in very different ways.

These stakeholders usually include:

  • The IT department, whose main concern will be data security
  • The company’s business units, who will ask “How is legal enabling business for the company?”
  • Other departments such as Risk & Compliance, Accounting, or HR

By connecting with these various groups within the company and discussing overall goals, as well as departmental goals, opportunities for efficiency will begin to appear. The key for legal departments is to open up clear lines of communication and put in the time and effort to build relationships and processes that will pay off in the end.

Which is why it’s helpful to find a “translator” who can bridge the gap between Legal, IT, and other business units to help identify obstacles to communication that may be getting in the way of efficiency. Once this is established, regular meetings or check-ins may be needed to clarify any issues between those stakeholders which may arise as a result of implementing new processes.

Tune in Next Friday for more eDiscovery Blues!

Want to learn more about how corporate legal teams can align with IT and other departments?
Listen to our latest webinar on-demand!

Thinking Outside the eDiscovery Box: How Technology Solves Data Problems Beyond Litigation

eDiscovery beyond litigation

Thinking Outside the eDiscovery Box: How Technology Solves Data Problems Beyond Litigation

JD Supra Readers Choice Top Author 2020Written by Jim Gill
Content Chief, Ipro

Back in 2006, when Rule 34 of the Federal Rules of Civil Procedure (FRCP) was amended to create a new category of discoverable information – Electronically Stored Information or ESI – eDiscovery was legitimized, and eDiscovery software was created to move ESI through the litigation process.

Fast forward to 2020, and ESI has grown in both size and complexity – terabytes (or even petabytes) of data from multiple sources like social media, email, chat, the Internet of Things (IoT) – and the goal of collecting, processing, and analyzing data for litigation has proven even more challenging.

But focusing on this challenge creates tunnel vision and overshadows other ways this powerful eDiscovery technology can be used. Anytime an organization needs to quickly ingest, organize, analyze, and report on large datasets, eDiscovery software offers an immediate solution and can be applied in various ways. One example is how government agencies are finding eDiscovery software is the perfect tool for responding to Freedom of Information Act (FOIA) requests.

Another example of thinking outside the eDiscovery box comes from J.S. Held, a company providing services for commercial contractors, allowing them to better understand where issues arise in their construction projects. In a recent conversation with Tim Martin, Technical Project Manager at J.S. Held, he shared, “We use the Ipro eDiscovery solution internally to handle the large volume of data created and generated during a construction project. When we receive hard drives of files from clients, Ipro enables us to quickly search, tag, code, and sort those documents, allowing us to review them with a streamlined approach and within a quicker timeframe.”

Previously, the team at J.S. Held would load files from clients, which in some cases had over a million documents, onto a file server, then have to manually open each one of those files and move them into a folder to classify them by type. “But by using Ipro analytics, we can do that on ingestion. As soon as the documents come in, we gain a clear picture of the data, and it can be quickly coded and classified, enabling us to cut sorting and coding times down to measurable hours, as opposed to the days it would have taken with our old process.”

In the end, that’s what eDiscovery software does: ingests a large volume of data, giving the user deep insight into what’s there with the ability to easily track and report those findings. It has so many applications across multiple industries, like commercial construction. It doesn’t matter if that data is a part of litigation or not. And as enterprise data continues to grow exponentially, this insight becomes more and more vital. As Tim from J.S. Held puts it, “By finding that needle in the haystack sooner, we can quickly and accurately communicate any issues to clients, which they greatly appreciate.”

Want to learn more about eDiscovery challenges and solutions?

Legal Operations and KPIs: Where to Start

Legal Operations and KPIs

Legal Operations and KPIs: Where to Start
Written by Jim Gill, Content Chief, Ipro

In a recent Above the Law article, Mike Quartararo, President of ACEDS, said, “You want to know why the billable hour is so entrenched and not going anywhere any time soon? It’s because it provides a direct, measurable metric or benchmark for the value of a lawyer to a law firm.” But it seems the billable hour is pretty much where it stops – for now – when it comes to KPIs. He continues, “Few, if any, firms are tracking the type of work, and none that I’m aware of are looking at the quality of the work (at least not in any systematic way).”

In parallel, tracking and measuring outside legal spend becomes the standard KPI for corporate in-house legal teams. But if this is the only metric, then the legal department will more than likely remain a cost center for the organization. They may reduce outside legal spend, possibly by using technology to cull data sent for outside review or by bringing other tasks in-house, but until a priority is put on setting clear objectives with trackable and measurable outcomes, progress will be the result of trial and error.

Alignment between Legal Ops and the Legal Department

A first step in setting KPIs for a legal ops manager is to identify all of the key practice areas (contracts, M&A, internal investigations, eDiscovery, etc.) within the organization and work with the General Counsel to establish goals for each of these areas, then create KPIs around those goals. Each organization will have different priorities and opportunities in different areas, so determining what these are up front will avoid headaches later.

Data Availability and Data Integrity

Once goals are in place, you then need to determine what data is needed in order to measure them, find out if that data already exists within the organization, and who owns the data (it may live outside of the legal department).

A few examples legal ops managers might look for:

  • E-Billing
  • Number of outside firms and service providers under contract
  • Number of matters currently underway or that took place in previous years
  • Average spend per matter
  • Common key custodians
  • Data types across the organization and processes needed to retrieve it
  • Cost per stage of the EDRM (governance, legal hold, preservation, collection, processing, review)
  • Software and other technology currently in use by the legal department and its value

After an inventory is complete, partner with data creators to evaluate any obstacles to begin tracking data against objectives.

Align KPIs with Overall Business Objectives

The legal department can be an island of sorts in the middle of a corporation. Aligning legal operations goals and KPIs with larger company-wide objectives can lead to important gains in ways that may have been overlooked at first. For example, if one of the main goals of the company is diversity and inclusion, then KPIs should be established to determine how the legal department aligns with this overall objective. This may begin with tracking the size and demographics of the legal team itself, hiring practices, wages and pay equity, along with other aspects of the legal department that are needed to benchmark against the overall business objective.

Communications

There is no denying that communication (or the lack thereof) can be an obstacle when it comes to reaching objectives. One main issue is that so many of the stakeholders involved with the legal department communicate in very different ways. Which is why it’s helpful to find a “translator” who can bridge the gap between Legal, IT, and other business units to help identify obstacles to communication that may be getting in the way of tracking KPIs. Once this is established, regular meetings or check-ins may be needed to clarify any issues between those stakeholders which may arise as a result of measuring KPIs.

Conclusion

Some aspects of a successful team aren’t measurable, but many of them are. First, you need to take the time to understand the departmental and organizational goals and then begin benchmarking the current state of things. Once that benchmark is established and tracking performance against that benchmark becomes standard, it may be surprising how many opportunities for improvement will become clear, or how goals may be revised based on data that was unknown until tracking began. After all, ignorance may be bliss, but knowledge is power.

 

Find out how Ipro empowers internal and external legal teams to effortlessly collaborate while reducing costs without sacrificing data security and defensibility.

Ipro Announces Strategic Partnership with NetGovern, Helping Legal Teams to Meet the Challenges of “ZettaByte Scale” eDiscovery

Ipro Netgovern Partnership

Ipro, a global leader in eDiscovery and Trial software technology, announced today a strategic partnership with NetGovern. This partnership will provide an innovative approach for customers to perform Early Data Assessment (EDA), enabling the rapid review of relevant data before it is ever collected, thereby dramatically lowering expensive eDiscovery costs.

Cloud and On-Premises data repositories containing zettabytes (i.e., billions of documents) are now the norm, and collecting from various storage locations has become a real challenge for in-house legal counsel. NetGovern allows real-time, consolidated access to multiple sources of enterprise unstructured data, enabling legal teams to effectively make tactical decisions prior to preserving or duplicating Electronically Stored Information (ESI). Combining this functionality with Ipro’s best-in-class capabilities – including data processing, enhanced visual analytics, new intuitive document review, and trial solution – creates what is possibly the industry’s most flexible, scalable, and powerful eDiscovery experience.

With this partnership, Ipro expands its offerings to help legal teams perform investigations for litigation and internal matters, assess compliance & security risks, protect intellectual property, respond to eDiscovery, subpoenas, and public record requests, and ultimately prepare for settlement or trial.

“Searching through billions of documents and creating legal holds from multiple sources, such as Office 365 mailboxes and applications, on-premises file shares or Box, is how we make a difference every day. We are excited to take part in helping our mutual customers make confident decisions much earlier in the process,” says Pierre Chamberland, Founder & CEO of NetGovern.

Dean Brown, CEO at Ipro Tech, adds, “As corporate data continues to grow, innovative approaches to eDiscovery are necessary. Ipro continues to invest in this market to stay ahead of the demands of eDiscovery and ensure our clients gain insight into the complexities of today’s data-filled world.”

Both Ipro and NetGovern reiterated their continued commitment to provide their customers with flexible deployments whether On-Premises, or fully-hosted in Public & Private Clouds.

During Legalweek 2020 in NYC, both companies will answer questions and celebrate this partnership at its “Game On eDiscovery!” event at Faces and Names on Feb 5, 2020. For information about scheduling a meeting, contact us here: https://iprotech.com/contact-us/

About NetGovern
NetGovern’s information archiving and governance software helps organizations solve data compliance, safeguard personal information, simplify eDiscovery and protect their reputation. Our all-in-one solution offers the fastest speed to value, lowest cost of ownership, and most secure visibility of sensitive information found in messages and files, independent of storage location. https://www.netgovern.com/

About Ipro Tech, LLC
Ipro is a global leader in eDiscovery technology used by legal professionals to streamline discovery of electronic data through presentation at trial. Ipro draws upon decades of innovation to deliver high-performance software, services, and support, bundled as a solution and deployed the way you want it—Desktop, On-prem, Cloud, or Hybrid—significantly reducing the cost and complexity of eDiscovery.
https://iprotech.com