This article can also be found in the Premium Editorial Download "Information Security magazine: Seven questions to ask before committing to SaaS."
Download it now to read this article plus other related content.
How Do You Spell Data Governance? P-o-l-i-c-y|
Regarding the Perspectives column by Julie Tower-Pierce ("Think Like a Lawyer,"
| March 2008) there is a very crucial word missing: policy.
One of the most important aspects of any healthy e-discovery strategy is policy governing how data is handled, retained, destroyed and retrieved. Without standing policy (i.e., one you did not create after being served a subpoena) that spells out how your organization handles its data, you will find yourself on the very wrong end of a judge's orders requiring the (very expensive) production of records...and perhaps in need of refreshing your resume...or worse.
We have been using SecureDoc for many years and recently decided to give TrueCrypt a try as an alternative. I must admit, I was thoroughly surprised. Although not without problems, it turned out to be a very capable open source solution, and it is very possible that this will be our software of choice. So I must ask, why was it not given consideration for the article?
This was first published in May 2008