This article can also be found in the Premium Editorial Download "Information Security magazine: Reviews of six top Web application firewalls."
Download it now to read this article plus other related content.
At the beginning of a civil court case, legal teams meet to determine what types of evidence are relevant to a case. This process of discovery generates requests for email, word processing documents, logs of transactions, and other data that counsel thinks will help win the case. As IT and security teams begin to ponder how to handle e-discovery, they often make errors, either because they don't fully understand the requirements or don't communicate with counsel. Here are three common mistakes:
Even if it weren't cost prohibitive to save all information, courts don't expect an organization to follow this course. Information is expected to be destroyed during the normal flow of business. What's critical is that retention and destruction policies are well articulated, well known across the organization, and followed appropriately and consistently. The major caveat is that information relevant to a case that can be reasonably anticipated on the horizon should be spared from the normal destruction phase of the information lifecycle--that
This was first published in March 2008