As loyal Apple Inc. fans upgrade to the newest iPhone 6, beware of potential security faux pas, as data may linger on an old phone unless it has been affirmatively removed.
Corporate data is removed from an old device during the upgrade process, said Scott Christensen, director of technology and information security at Edwards Wildman Palmer. Although the process is not the same as a full wipe, which is done when a mobile device has been lost, the effect is similar.
On the Android side, if someone with a Galaxy SIII wants to upgrade to a Galaxy S5, both devices are brought in to his IT team, Christensen said, and all corporate data on the old device are removed. The new device will then begin synchronizing data (e.g., email contacts, calendars).
“Even if the data on the old device was not actively removed, the policies in place at most firms will effectively cause that data to ‘fall off’ and be eliminated within a month or less,” Christensen said.
Technical differences, such as the type of devices, how they are connected (e.g., ActiveSync) and if a mobile device management system is in place, will play a role in how a device upgrade and wipes will be handled, said Christensen.
Err on the side of caution when updating to a new phone said Brian Brown, vice president of technology and security at Austin-based e-discovery company RenewData Corp. “There are several potential concerns with updating to the iPhone when sensitive information is on your existing one,” said Brown.
Brown shared four tips to verify that data is cleared out of your old phone:
Never hand over your device (new or old) to someone not on your IT team.
Restore your new phone using a backup saved on your laptop computer.
Safeguard your old device until it is forensically wiped.
Guard your backups. Make sure you maintain physical control over any disk/media where a backup resides.
With an iPhone, the safest way to transfer data is via an iTunes backup, Brown said. Handing a device over to a store clerk to transfer the data “introduces vulnerability and a potential for a malicious employee to siphon data from your device,” he said.
Another potential vulnerability lurks in the time lapse between decommissioning an old phone and when it’s forensically wiped, Brown said. The data on a mobile device is generally unencrypted, he said, and there is a risk of a “malicious actor mounting the device and copying all the data off the phone.”
iPhone, BlackBerry Z10, and Motorola Droid. Credit: Sean Doherty/LAW TECHNOLOGY NEWS.
According to attorney William Peacock in a post on FindLaw’s Technologist, seven out of ten smartphones sold today run on Google Inc.'s Android operating system. One reason, he said, is that more companies, such as Samsung Electronics Co., LG Electronics, Motorola Mobility and HTC Corp., make Android phones. The iPhone is only manufactured by Apple Inc.
Peacock said Android may be dominating the general smartphone market, but lawyers are not buying them. According to Peacock, Apple has 62 percent of the lawyer-smartphone market versus 22 percent for Android and 16 percent for other smartphone manufacturers.
While the wider app market isn't as Apple-first as it used to be, Peacock said, “when it comes to law-related apps, lawyers go iPhone for the apps, and the apps go iPhone because of the lawyers.”
It's easy to get completely overwhelmed at LegalTech New York, so here's a 'cheat sheet' to help you choose among the many panels on Wednesday, Feb. 5.
It's easy to get completely overwhelmed by the three-day marathon that is LegalTech New York, Feb. 4-6. Of course, the most important thing to remember is wear very, very comfortable shoes. You'll need them to traverse the massive Hilton New York for three days! Here's an e-discovery "cheat sheet" to help you decide which panels to attend!
Eight Tracks
EDS: Actionable E-Discovery (FTI Technology) BD: Big Data (Recommind) SM: Business of Law Track (LexisNexis) TD: Transforming E-Discovery (Kroll Ontrack) CLT: Corporate Legal IT (ILTA & Commvault) CR: Cost & Risk (HuronLegal) EOL: The Evolution of Lawyering (LexisNexis) LFM: Law Firm Management (Thomson Reuter)
Day two kicks off with the don't-miss keynote: "Judges Panel:" Changing Rules and Best Practices in e-Discovery," (open to all). It features four of the most "front and center" federal jurists who are shaping the future of e-discovery: three from the Southern District of New York: Judge Shira Scheindlin, and Magistrate Judges James Francis and Andrew Beck; the fourth from the District of Columbia, Magistrate Judge John Facciola. The panel will be moderated by Austin-based attorney and forensic technologist, Craig Ball.
10:30
ED: "Predictive Coding and Analytics Applied on Three Common Scenarios." TE: "Have We Reached a 'John Henry' Moment in Evidentiary Search?" CR: "Discovery Insourcing v. Outsourcing—Finding the Right Balance for Your Organization"
12:30
General Session: "E-Discovery with the Strings Attached: How the Cloud Will Change E-Discovery in 2014 and Beyond.
2:00
EDS: "Advice from Counsel: One Small Step for E-Discovery, A Giant Leap for Information Governance?" BD: "The End of Predictive Coding?" TD: "The E-Discovery Pulse: Metrics You Need to Know. CR: "Dispelling Myths: Understanding the Risks of Discovery Outsourcing."
3:45
EDS: "Global Discovery: Asia, Europe and Beyond.: TD: "Multi-Matter Management: An E-Discovery 'Lifestyle Change.' "
In a survey of inside counsel at Fortune 1,000 companies, FTI Consulting found that the number one e-discovery challenge listed for the coming years is "bring your own device" to work.
Erik Hammerquist, Law Technology News
Multiple cloud connection.idspopd - Fotolia
The trend of “bring your own device,” to the workplace has been a growing topic of interest for legal and IT professionals. BYOD both impacts a company’s current and future IT decisions and is changing the landscape for forensic investigations and e-discovery. It brings new complexity, processes and nuance to what many people think is a relatively straightforward, technical exercise. In a survey of inside counsel at Fortune 1,000 companies, FTI Consulting found that the number one e-discovery challenge listed for the coming years is BYOD.
We have worked on a number of cases involving personal devices in the workplace that were later needed for collection of electronic data. In one matter involving alleged IP theft, the people in question regularly used personal thumb drives to facilitate working from home on personal computers. When these custodians left to join a different company, their home computers came into scope for analysis. Other matters have required data collection from a personal computer to take place in a custodian’s home. These sensitive—and sometimes awkward—situations raise many important considerations for companies to address BYOD through policies before opening systems up to personal devices.
The best way to walk this line is to define clearly the types of data that could become responsive to investigations or discovery and understand any limitations that may exist with each device in question. But most importantly, steps must be taken in advance of a matter to proactively protect both the employer and the employees and define what rights each have when it comes to personal devices being used for business communications.
BYOD Evolution
In the past, personal cell phones were more frequently ruled out of investigations unless call activity was relevant. This was because the majority of such use was limited to company email and any local content would typically be duplicative of their server mailbox, which was far more convenient to collect. However, the tide is turning on this as people are increasingly using text messaging for substantive business communications.
In one such recent case, the cell phone owner in question happened to be the client’s chief of security, perhaps helping to explain why no one at the client company wanted to pressure him for his phone. Most of the BYOD discussion focuses on mobile devices, but personal computers and thumb drives can’t be left out of consideration. We’ve seen the BYOD phenomena bring several personal computers into play. For example, on the restatement of a financial statement, the way a custodian described to counsel how he worked from home required him to drive me, in his own car, to his home so we could collect data from his personal computer.
Four Important Steps
The main focus for IT and legal departments trying to address BYOD concerns is to think down the road to the worst-case scenario that could happen with an employee using a personal device for work. If something goes terribly wrong in the company, or employees are doing something illegal, companies need to have a well-thought out policy as well as technology systems in place to ensure access to relevant data without excessive expense or difficulty. Policies should be developed by stakeholders in legal, IT, human resources and compliance, and be in place before the company’s systems are opened up to personal devices. Ideally, employees would sign plain-English contracts agreeing to adhere to these policies in advance.
BYOD policies should clearly answer questions such as: What will BYOD users be allowed to access? How will IT extend and control this access? What reach into personal devices will the company have in times of litigation or when someone leaves the company? The last question can get sticky without a policy in place.
Second, it is key to thoroughly investigate the available options to protect data on these devices. There are solutions available now that allow companies to extend enterprise management to personal devices. One very attractive feature is the ability to segment company from personal data, keeping the employee’s own information private. The main thing to look for when evaluating these types of technology packages is that the solution can effectively execute on what has been outlined in the personal device use policy, and that the technology isn’t going to inadvertently do anything that is not disclosed in that policy. This helps the company maintain trust with employees while also covering all necessary ground for protecting important data on personal devices.
Third, always keep data privacy laws in mind. Both U.S. and non-U.S. citizens who work for your company abroad are highly likely to have different data privacy rights than those based in the U.S. and violating those could be a very expensive and painful ordeal. This may very well extend to non-U.S. citizens who work for your company in the U.S. Further, there are many legal issues with moving data internationally, which pose a problem for collecting data from employees who are U.S. citizens but working in another country, and which may not be properly addressed in a blanket manner by policies signed at the start of someone’s employment. Additionally, several U.S. states have their own data privacy laws and many U.S. legislators are considering moving to a more European data privacy model. Take time to understand the privacy laws that may impact your company, stay abreast of their continuous evolution and be sure to account for those in all policies and technology implementations.
Finally, consider your scope and limitations. Now that you can no longer rule out personal mobile devices, how do you fulfill your preservation and collection responsibilities without violating the custodian’s privacy or trust? The best way to walk this line is to define clearly the types of responsive data required and understand any limitations that may exist with each device in question.
The collection model for a computer hard drive, aka image it now and cull the data later, isn’t always an option with mobile devices, especially personal devices. Each device is different and may have built-in security measures that prevent the extraction of certain information. What’s worse, those measures can literally change overnight and that there is little to nothing you can do about that. Cellular providers and device manufacturers push updates over the air when it suits them. Therefore, data that can be easily extracted today could be encrypted and inaccessible tomorrow.
Improper handling of BYOD in the workplace can create a multitude of headaches for legal and IT. In the case mentioned earlier involving the need to access text messages on the CSO’s personal cell phone, the company ultimately had to involve a second law firm to specifically, and singularly, deal with the matter. The company had to spend additional expense on the issue and was further exposed to the various risks of either finding a way to access the texts, or pay penalties or sanctions for not producing that data.
BYOD has many advantages, including increased productivity and reduced data plan expenses. However, companies are best served by holding off allowing personal devices in the workplace until all of the necessary steps and safeguards have been put into place first.
Erik Hammerquist is a senior director of the computer forensics segment of FTI Consulting’s Technology practice and is based in Los Angeles.
by MICHELE LANGE on DECEMBER 11, 2013 inEDISCOVERYwithcomments off
What happens when seven of the smartest, most articulate ediscovery professionals come together for an hour talk about—quite frankly—whatever they want?
Just yesterday Josh Gilliland, Samir Mathur, Barry Murphy, Ralph Losey, George Socha, and David Horrigan joined my esteemed co-moderator Phil Favro and myself —virtually—for a Google+ Hangout on the current state of ediscovery. The discussion was loosely framed on three topics: case law, predictive coding, and FRCP amendments, and the perspectives shared (as you may expect from this forward-thinking group) were anything but canned.
Topic One: Case Law –This no-nonsense panel wasted little time cutting to the bone with an important and seldom-raised question: Just how much weight does a trial decision from Judge Scheindlin, the “grandmother of ediscovery,” really pull?
On one hand, practitioners and other courts are leveraging cases like Sekisui to start thinking about how to handle issues like spoliation, but as another panelist pointed out, the principles of stare decisis fully apply—moreover, Scheindlin often restricts her holdings to her court room, as no one judge controls preservation.
“Are new rules the answer?” pressed another expert. Preservation law has existed for around 400 years, so maybe the answer doesn’t lie in creating a new framework, but in using the tools we have today more effectively.
In a statement that was shared by most, one lawyer noted that “[Preservation has] always been about reasonable efforts and it always will be”—and what’s reasonable in one jurisdiction will differ from what’s reasonable in another. The bottom line hasn’t changed: these are fact-based determinations, and courts will find a way to sanction people who intentionally delete evidence.
On the issue of whether or not new rules would help, one member of the group concluded this topic by noting that “[W]e’ve been dealing with sanctions since Roman times, and that rules alone are probably not the end-all, be-all solution.”
Topic Two: Predictive Coding – Where do we stand right now in the adoption of this technology, and what will 2014 look like? Is this a mainstream technology? Will it ever be?
Fairly universally, the panel agreed with the notion that predictive coding has yet not totally taken off. “Even if X% of clients have used it, they aren’t using it in all of their cases because not all cases are right for this technology. Moreover, it has yet to be embraced by smaller firms,” as one panelist noted.
But at the very same time, another panelist fired back, “you’d be foolish” to not use it in the mega cases. Now that we have judicial approval—notably more than we ever had for keyword searching—he expects the discussion about predictive coding to mature, and the more interesting prospective discussions will be about the appropriate methodologies required to successfully deploy this software.
Another panelist argued that we’re going to see more opacity—yes, the opposite of clarity or clearness—in using this technology in 2014. There are ramifications tethered to agreeing to share testing and seed sets, and litigants will begin to carefully examine whether this is the right direction for using these solutions.
Most professionals agreed with the statement that lawyers are at the “tip of the tail on the dog” with regard to predicting coding technology. However, as noted by one attorney, as this technology continues to become less costly, and integrated into more review solutions, its usage should trickle down to the smaller firms.
Topic Three: Potential Amendments to the Federal Rules of Civil Procedure –Before wrapping things up, the group analyzed potential FRCP amendments currently on the table for public comment until early next year, specifically changes to FRCP 26 and 37.
To get the ball rolling, one participant opined that the renewed interest being injected into the 26(f) meet and confer conference obligation—“the lynchpin of successful discovery”—is a step in the right direction. Another countered, however, “there is only so much you can do to force people to get together and cooperate early.” This point was further echoed across the panel: there must be also be a parallel culture shift in how lawyers approach cooperation. Whether this will actually happen is an entirely different question.
While there was fairly universal agreement that the potential changes to the Federal Rules were positive additions to ediscovery law, especially with regard to bringing proportionality clearly into parent Rule 26, there was some hesitancy as to just how “game-changing” these rules will be. Addressing proposed rule 37, one expert noted that the culpability triggers defined by this rule will probably not significantly alter the current spoliation analysis.
On the whole, most participants agreed that the vehicles for shifting ediscovery costs are too limited. Section 1920 (4), which allows prevailing parties to recoup fees for “exemplification” and “making copies,” must be reworked in one way or another, as it’s the only place to currently hang one’s hat. Concluding the discussion, one expert stated it’s hard to stretch a statute, which has been around for over 100 years, to accommodate requests for costs associated with increasingly necessary ediscovery processes. Jason Atchley
The unveiling of the new Apple iPhone 5S and 5C was met with euphoria online yesterday (September 10th).
At an event in California, the tech giant showcased its latest gadgets in a bid to take more control of the market and reduce the commercial threat of rivals such as Samsung and Nokia.
The 5S features a fingerprint sensor, which is integrated within the phone to help identify the user, while the 5C features a plastic back and a choice of colours.
Both these handsets offer different pros and cons, but it is the 5S that could unlock new security possibilities for businesses, especially those that have rolled out their own bring your own device (BYOD) plans.
In an article for ZDNet, tech expert Adrian Kingsley-Hughes claimed that the Touch ID fingerprint reader will help to allay the worries of IT admin staff, who are often battling to find efficient security solutions.
"Touch ID will also bring two-factor authentication to the iPhone, combining something you know – a passcode – with something you have – your fingerprint – to dramatically boost security. This puts an extra level of security between users and the corporate network for enterprise and BYOD users," Mr Kingsley-Hughes explained.
He believes that Apple introduced the capability in an effort to combat the rising levels of iPhone crime.
However, the specialist lamented the fact that the feature is only available on the iPhone 5S, claiming that it is a "a shame" that users of the 5C are left without the groundbreaking technology.
Along with new innovations such as Apple's latest feature, businesses can boost their security plans by introducing data recovery policies.
By using this approach, any information that goes missing as a result of theft, error or a power outage, can be easily restored.
This is especially useful for particularly sensitive data, which must be protected at all costs from unauthorised personnel.
Complex data recovery requires expertise. Speak to the data recovery industry pioneers at Kroll Ontrack for free advice to investigate options to recover from any data loss type, system or cause.
