How secure is your eDiscovery provider?
- November 1, 2016
- by Matt Hamilton
Quiz your eDiscovery vendor and beat the hackers at their own game.
eDiscovery data is often very sensitive. That makes it the kind of data that is attractive to hackers. Target had 40 million credit and debit card numbers and over 70 million pieces of customer data stolen. The Home Depot had customer credit and debit card information compromised or stolen for all 2,200 of their stores. Apple says that hackers were able to get compromising photos of celebrities through unauthorized access. Yahoo just suffered the biggest ever data breach in history, with 1 billion customer accounts compromised.
Your organization can’t risk putting data in harm’s way where it can be stolen, manipulated, or deleted altogether. To guarantee data integrity and defensibility, you should demand that your eDiscovery provider has advanced security protocols, policy, and governance in place.
As a legal professional, you are not expected to know everything about cloud hosting, data security standards and certifications, penetration testing, and encryption methods. These attributes, however, are crucial to be aware of not only to protect your data but also to ensure that it’s defensible and admissible as evidence.
When considering an eDiscovery provider, demand no less than a strict security oversight. We have put together a brief list of questions to help you adequately evaluate vendors’ commitment to security.
Quizzing a vendor about security? Here are 3 things you should ask:
- What security certificates does your data center have: SOC 1 Type II, SOC 2 Type II, ISO 27001, PCI DSS, HIPAA compliance?
- What type of encryption do you use? Anything less than 128 bit TLS encryption is risky with 256 bit TLS being the gold standard.
- What type of security threat testing and auditing do you carry out and on what schedule?
Take a few minutes to get informed, and you’ll be able to rest easy. See how Casepoint makes the grade by running our solution from our own private cloud. Encrypted. Certified. So data is locked down in transit and at rest. Check out our incredible creds.