Frequently Asked Questions

Protecting your digital data is important. But paper and the human voice remain important elements of the security mix. Keep confidential printed information in locked file cabinets and shred it when it's no longer required. If you're talking about confidential information on the phone, take appropriate steps to ensure you're not overheard. Remember the old saying "loose lips sink ships".

A firewall acts as a protective barrier between your computer and the Internet, monitoring all incoming and/or outgoing traffic and allowing only the network traffic you permit. Firewalls come in the form of software, which nestles itself between your operating system and your network card. They also come in the form of hardware; for many home and small office users, it is a simple router device that sits between your computer's network jack and the wall connection. You can customize the level of protection the firewall gives you, setting it to filter information flow from specific domain names, addresses, or types of network traffic.

Hackers search the Internet in a way akin to dialing random phone numbers. They send out pings (calls) to random computers and wait for responses. Firewalls prevent your computer from responding to these random calls. If your computer doesn't respond, hackers won't know it's there.

Removeable media such as USB drives are convenient ways to store data; the trouble is, they're just as convenient for thieves as for you. Wherever possible, store confidential information in protected encrypted space. If you have to store confidential information on removeable media, you must encrypt it and then delete it as soon as you no longer need it.

Learn how to recognize the signs of a hidden attack and avoid becoming a phishing victim. Never click on a link in an email; if you're tempted, cut and paste the url into your browser. That way, there's a good chance your browser will block the page if it's bad. And don't open email attachments until you've verified their legitimacy with the sender.

Keep your operating system, critical applications (like your browser) and antivirus patched and up-to-date, and use a personal firewall. That way, you'll avoid becoming vulnerable to hackers and others looking to steal information. You should also run FireVault on Mac OS X or something similar on Windows to encrypt your entire hard drive in the event it is stolen or lost, your data will not be able to be accessed.

All of it! Operate under a need-to-know data classification. Examples of information needing to be protected includes but is not limited to: Passwords or other login credentials, PINs (Personal Identification Numbers), Birth date combined with last four digits of Social Security Number and name, Credit card numbers with cardholder name, Tax ID with name, Driver's license number, state identification card, and other forms of national or international identification (such as passports, visas, etc.) in combination with name, Social Security number and name, Health insurance information, Medical records related to an individual, Psychological counseling records related to an individual, Bank account or debit card information in combination with any required security code, access code, or password that would permit access to an individual's financial account, Biometric information, Electronic or digitized signatures, Private key (digital certificate), Law enforcement personnel records, and Criminal background check results.

It really isn't about the frequency of password values. It is about the strength of the password. Never make a password your dog's name, spouse's name, type of car you drive, or anything that is easily known about you for someone to guess. Make the password long and contain non-alpha characters in addition to the letters you use.

The process of transforming information (called plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those processing the special knowledge, usually referred to as the key.

Our DLP solutions reduce risk in many ways, here are three standards included in all solutions:

1. Blocks unapproved confidential information sent to personal email accounts (i.e., Yahoo, Gmail, etc.).
2. Encryption may be applied to email messages when confidential information is detected in an outgoing message and/or attachment.
3. Intellectual property is quarantined when matched to one or more of our custom rules. The correct team members are contacted about reviewing the data prior to it leaving the company.

No. Email is the first phase of our DLP program. The DLP technology will include monitoring and preventing use of unauthorized USBs, and scanning desktops and file shares for confidential information. Communication will be distributed as new DLP features are implemented.

An email notification may be sent to your supervisor/manager and privacy officer depending on the circumstance. During the initial phase, the goal will be to obtain an understanding of business needs. Eventually, it is planned to send notifications to supervisors/managers as part of the tuned DLP program.

The essential goal of litigation support is to organize, analyze, and present case materials through computer systems. In federal criminal defense cases, there are three primary ways that litigation support is used by Federal Defender Office (FDO) staff and Criminal Justice Act (CJA) panel attorneys. One is in conducting electronic courtroom presentations. Another is management and analysis of paper documents and their electronic equivalents. The third is the identification, collection, preservation, processing, review, analysis and production of electronically stored information (ESI).

Litigation support is the marriage of project management and technology. We believe that while every district is different and every case is unique, there are certain standards to follow in order to ensure that the data involved in a case is handled in a cost effective and time efficient manner allowing for good organization, easy retrieval and effective client representation.

You walk into your office and on your desk sit a few hard drives and a stack of DVDs and CDs. On your floor and down your hallway sit what seems to be an endless number of boxes filled with paper. You are told that there is more coming, yet you have no idea what you already have. Now what? This is an increasingly common dilemma being faced by trial teams and we hope that we can help you answer that question easily and efficiently. We want to be part of your team and, like the common language we must speak when it comes to ESI, there are some common questions that need to be answered in order for you to manage your data effectively, plan your strategy, budget thoughtfully, and develop a workflow for your team to follow so that you move ahead smoothly.

The primary purpose of the ESI protocol is to facilitate more predictable, cost-effective, and efficient management of electronic discovery and a reduction in the number of disputes relating to ESI. The protocol provides a mechanism, through a meet and confer process, to address problems a receiving party might have with an ESI production early in a case, and to discuss the form of the discovery that the party receives.

eDiscovery, or electronic discovery, is the process used by organizations to find, preserve, analyze, and package electronic content (often referred to as eletronically stored information or ESI) for a legal request or investigation.

"Discovery" is the process by which relevant information is exchanged between parties in a lawsuit. It is conducted via production of documents and the taking of depositions. Federal and state courts have long recognized that electronic data is subject to the same discovery rules as other evidence relevant to a lawsuit. The issue has received substantial national attention recently, however, because of a series of court rulings resulting in the imposition of huge sanctions on parties for their failure to preserve electronic data and because of amendments to the Federal Rules of Civil Procedure that took effect on December 1, 2006. Upon notice that a lawsuit has been commenced against you (or a charge filed with an administrative agency), or if it is reasonably anticipated that a lawsuit may be brought (or a charge filed), you are now under a legal duty to preserve all evidence, whether hard copy or electronic, that might become relevant to the lawsuit.

The new federal rules require a party to suspend routine or intentional purging, overwriting, re-using, deleting, or any other destruction of electronic information relevant to a lawsuit, including electronic information wherever it is stored - at a work station, on a laptop, or at an employee's home. It includes all forms of electronic communications - e.g., e-mail, word processing, calendars, voice messages, instant messages, spreadsheets, videos, photographs, information in PDA's, and data in any other locations where electronic information may be stored. This electronic information must be preserved so that it can be retrieved - if necessary - at a later time. The information must be preserved in its original electronic form, so that all information contained within it, whether visible or not, is also available for inspection - i.e., it is not sufficient to make a hard copy of electronic communication.

You will be notified of the duty to preserve electronically stored information through a notice called a "litigation hold" (or a "preservation hold"). You will then be asked to cooperate with NetEvidence, and your local IT personnel to ensure that we identify and preserve all potential sources of electronically stored information in your possession or under your control. You will be asked to complete and return a questionnaire identifying all potential sources of electronically stored information. It is critical that you complete and return this questionnaire without delay. Until NetEvidence personnel have taken steps to preserve your electronically stored information, you should be particularly careful not to delete, destroy, purge, overwrite, or otherwise modify existing electronic data.

Initially, no one will review your data. If and when a discovery request is made, NetEvidence may be asked to conduct a search of the data. You or your counsel will be present if and when your data is ever accessed. On occasion, before a discovery request is made, your counsel may want to review electronically stored information to assist in answering the lawsuit or to comply with initial discovery obligations.