Data Domain Security
Abracadabra! How to ward off evildoers and keep your data domains secure.
eDiscovery users must segregate their highly sensitive data from everyday ops.
by Jordan McQuown
Information assets maintained by law firms, corporate enterprises, and third-party service providers are constantly under siege from growing, ever-evolving cyber-attacks. As a member of the eDiscovery community and due to the highly sensitive nature of the data you process and store, your firm has a target on its back and for good reason.
eDiscovery and investigation platforms hold multiple petabytes of pre-indexed and easily searchable data, which makes them a treasure trove for mining sensitive information, and in the event of a targeted attack, hackers have the ability to access valuable ESI built into the platform.
When conducting security audits for clients across the globe, from Toronto to Tokyo, George Jon’s team of security consultants are often faced with a recurring set of factors that undermine the security and integrity of environments. The most notable and pervasive are as follows:
- Service accounts are rarely rotated due to the complexity and/or limited understanding of eDiscovery platforms
- SQL database permissions are overly permissive and common hygiene items are discarded
At George Jon, we advocate for segregating your eDiscovery platform from the everyday operations of your company/law firm. By keeping your eDiscovery operation siloed, you gain an additional layer of defense against the spread of ransomware, credential theft, and virus/malware propagation that can occur when a malicious party gains access to a user account on your primary IT ecosystem. In addition to a siloed eDiscovery practice, your organization can realize additional security gains by employing the strategies listed below, all of which will significantly reduce the areas of exposure that these data warehousing platforms maintain:
- Adhere to a strict platform maintenance schedule to apply mission-critical security patches
- Leverage a federated identity provider in order to reduce password reuse and enable two-factor authentication
- Perform scheduled account password rotations through a privileged access management (PAM) tool
George Jon (GJ) is an eDiscovery infrastructure, product and process specialist, delivering performant, scalable, fault tolerant environments for users worldwide. GJ works with global corporations, leading law firms, government agencies, and independent resellers/hosting companies to quickly and strategically implement large-scale eDiscovery platforms, troubleshoot and perfect existing systems, and provide unprecedented 24/7 core services to ensure optimal performance and uptime.
George Jon’s (GJ) conclusions are informed by fifteen-plus years of conducting enterprise-class eDiscovery platform assessments, application implementations and infrastructure benchmark testing for a global client base. GJ has compiled extensive quantitative and qualitative insights from the research and implementation of these real-world environments, from single users to multinational corporations, and is a leading authority on eDiscovery infrastructure.
CHIEF TECHNOLOGY OFFICER (CTO), GEORGE JON
Jordan McQuown is an authority in information technology, cyber security, electronic discovery, and digital forensics. He has written Thought Leadership articles for the American Bar Association’s Cybersecurity Handbook and Information Security Magazine, and he is a regular speaker as a subject matter expert on the eDiscovery security, application and legal conference circuits.