2017 was a year highlighted in high-profile hacks, and 2018 hasn’t been much different (see: Facebook, Panera Bread and Under Armour, just to name a few). While these bigger names get the media attention, it’s the thousands of smaller-scale hacks that happen more regularly that should be cause for alarm.
When putting your trust in an organization handling critical and sensitive documents, you need confidence in their ability to guard your information. We feel it should be a standard practice to proactively inquire about your partner’s security posture.
Providing an environment that is safe and secure is one of the primary objectives of every eDiscovery enterprise, and each should provide a multi-layered, fortified security system to keep documents out of the hands of bad actors. The crown jewel that all litigation and discovery companies aspire to is bestowed by the International Organization for Standardization – in this case specifically the ISO-27001.
The ISO-27001 security management certification is a verification that any information put through Parcels’ processes is, inherently, meeting the highest standards of security in the world. It is only through arduous, comprehensive and meticulous testing and assessments that the certification is granted – and must be continuously maintained.
At Parcels, we are proud to be Delaware’s only ISO-27001 certified eDiscovery professional services firm. It allows us to prove to clients that our company’s information security environment is mature, and we have met contractual and ongoing security audits and obligations.
Third Party Partners
Knowing that your documents and information are safe from start to finish is vital to ease of mind when working on a case. To guarantee quality work for their clients, companies will partner with third parties when working through your eDiscovery processes.
These 3rd party pinch-points are avenues that bad actors can use when getting into network systems, so it’s important to know that your eDiscovery vendor is not just allowing any old discovery platform access to your information. Parcels for example, leverages Relativity as it’s primary eDiscovery platform, to assist in expediting the analysis of document review. Most importantly though – once all the bells and whistles are stripped away – is that Relativity has also received an ISO-27001 certification.
We always do our best to hold every aspect of our work to the highest standard, but it is also important to understand that as a client, there are certain steps you could be doing to keep your eDiscovery data secure.
You and Your Organization
It is important to create a work environment where safety and security are paramount. Instilling in your attorneys a lifestyle that reinforces security protocols can make or break your data security; remember, such wide-reaching security should be an issue for each and every individual who interacts with any part of the data, not just one specific department.
While data is being collected, encrypting documents is a “must” to keep information safe. Add passwords to each file, so others are unable to access them freely. It may seem obvious and trite, but it is also important to remember to close out of these documents when you are done. Keeping sensitive information openly available on any electronic devices exposes them to the risk of others gaining access to the information without needing the password. As a user of eDiscovery services, it is also important to be aware of where you are sending any of this information. Outside law firms, vendors or others who are not a part of your eDiscovery service provider may not have appropriate security to ensure the data will stay private. Additionally, keep your data organized. Compromised or lost data can result in delays, liability and additional costs.
Lastly, keep vigilant. Data security is an ever-growing, ongoing and formidable process that takes constant awareness and upkeep. One small misstep and compromised data can spell disaster.