SlideShare ist ein Scribd-Unternehmen logo

Managing 30(B)(6) Issues with iSEEK

‱
‱
Innovative Litigation
Innovative Litigation

iSEEK is a computer forensics tool that is used for the collection and preservation of electronically stored information (ESI). iSEEK allows users to target specific data stored on machines with defined parameters, then pre-process the data before it is deposited into a review tool. More information about iSEEK at www.iseekdiscovery.com Click the link below to watch the iSEEK animation video: http://goo.gl/uO34O4

TechnologieBusiness
1 von 8
October Managing (30)(B)(6) Issues with iSEEK White Paper In this whitepaper, we address subject matters that pertain to testifying parties who could require the use of the computer forensic tool, iSEEK, to target and process electronically stored information within a corporate partnership or other legal entity for presentation as evidence in a Federal matter. Innovative Litigation 13
WHITE PAPER: Managing 30(B)(6) Issues with ISeek 2 Table of Contents USING ISEEK: LEVERAGING PROGRAMS AND FUNCTIONS FOR EFFICIENT E-DISCOVERY DIFFERENCES IN PRODUCTION METHODS ESI PROTECTION METHODS: ALLEVIATING LIABILITY CONCERNS ISEEK DEFENSIBILITY KEY CONSIDERATIONS: THE NEW EDRM WITH ISEEK AUTHENTICATION ASPECTS OF ISEEK FINDINGS 3 4 4 5 6 8
WHITE PAPER: Managing 30(B)(6) Issues with ISeek 3 The subject matter expertise required of the potential witness or testifying party is exactly the same under the use of ISeek as with any other method for the Electronic Discovery Reference Model (EDRM). A witness of business transaction processes that uses any targeteddata collectionmethod, such as computer forensics or indexing systems,has the same responsibilities but more precise testimonial elements. This is true in isolation of data, disconnected systems, or at computer domain management systems comprising large domain levels. The acquisition of the data and the methods of acquisitionare what differentiate ISeek from any other existing method of early stage Electronic Discovery. In companion tests to index solutions, ISeek actually finds much more data simply due to the fact that indexing solutions are so replete with intractable errors in their solutions, due in part to the inability for indexing to reach the equivalency of searching. Using iSEEK: Leveraging Programs and Functions for Efficient E-Discovery ISeek is built around core fundamental forensic principles that insure a fully independent acquisition of data without regard to human intervention or decision processes after the interrogation commences. It is unlike other methods in that it is an automaton and is described as such in the patent letters. iSEEK’s design methods are directed toward empowering the automaton with instructions (the configuration file); it then executes without regard to any other factor externally to its runtime impact with the exception being made only for location access. The witness is not responsible for understanding the process of data acquisition within the ISeek application itself, they are only responsible for the business record description of the culmination of an ISeek search of a system containing electronically stored information. The output is the same in terms of the final resting place of data and all records targeted by ISeek would be the same records – if they could be found – by using any other process, which is automatically used to target responsive material. ISeek acts independent of the ISeek Execution Operator, and critically, since it operates without any possible contamination or alteration of the selection criteria. ISeek allows users to target ESI from the outset of the mission, without any witness, custodian, proxy, or investigator’s knowledge of the results or the criteria used to select ESI. ISeek is solely based on a critical functionality, which guarantees independence by virtue of the fact all selection criteria are set and protected in an encrypted configuration file that is only accessible to those who create it. This “actions” file, also known as ISeek.config, directs the tool – independent of the operator of the process, to conduct exclusive processed searches by processing data on the end point data store. In addition, the iSeek configuration file is designed to perform without “pulling back” data to any location; any data can be examined. Data is examined and processed in its
WHITE PAPER: Managing 30(B)(6) Issues with ISeek 4 original location, not indexed in place or moved for other functions. It is processed where it lies, and then searched in place in order to find the criteria set by the creator relative to the matter at hand. Differences in Production Methods Since there is no Rule 6 requirement that the business entity produce the "most knowledgeable" witness, only that the person testifying "shall testify as to matters known or reasonably available to the organization," then the production method of ESI used in ISeek does not require any extra knowledge of the witness to begin with. The ISeek interrogation output of an ESI system lies in the descriptive requirement knowledge of the witness, but only in so far as they would have to have the exact same knowledge requirement of any record custodian using any other method. The difference is the corpus result set. To summarize, the output method is the same as any other end process generally, but it is the output method at the small end of the pipe that is different. That method is a post-process method, not a pre-process one. ISeek only circumscribes the directives it received at runtime from the ISeek.config file. It does allow for user-defined locations if necessary at runtime, but there is no possible way for the initiator of an ISeek query to actively interact with the ISeek process once it is run. There are no criteria visible and none can be redacted. The criteria specified are completely invisible to the custodian and the collection agent. The criteria specified are also invisible to the proxy or initiator during runtime. For example, if there were 10 custodians, each managed by one “collector” (for instance, an IT admin),then the IT admin would not prepare the configuration file. Counsel or an otherwise appointed party would or could be responsible for that preparation. Instead, users could simply present the configuration file criteria to the IT admin, who would then execute the process against the 10 custodians. In this setup, the IT admin has no idea what is processed or gathered or what any selection criteria are (nor does the custodian). The data that is targeted and processed is then, at that point in time and on into the future, solely under the domain and control of Counsel or their appointed proxy. The data circumscribed by the ISeek method is 100% encrypted in Advanced Encryption Standard 256(AES-256) from that step forward and throughout the entire lifecycle unless the creator elects to remove that protection. ESI Protection Methods: Alleviating Liability Concerns Because ISeek works using a different paradigm than any other tool or indexing based system, the results file (a file with the extension .isk) is only available to the initiator of the ESI gathering ‐ whether it is for an active case or a legal hold matter. If the initiator is counsel for the entity, thenheis in full control of the criteria and conditions under which the data was gathered from the 10 custodians. No custodian or IT Admin need have this
WHITE PAPER: Managing 30(B)(6) Issues with ISeek 5 knowledge at any point in the data lifecycle. Once the initiator decides to open and view, or extract the ISeek file data envelope, he alone controls the distribution and dissemination of that data.From that point on, everything done in terms of control focuses on the initiator. He can share that control or not, depending on the matter at hand. This relates directly to 30(b) because the matter relevancy is less of an issue than the security and containment of the data. Regardless of what is gathered, the 30(b) witness has no new or different data to look at or support than they would otherwise. Glaringly, this method protects the entity in many respects because the 30(b) witness is no longer subject to conjecture and vague general questions regarding contingent issues. Those questions are not within the knowledge of the expert because he only represents the ESI produced from the matter, not what could have been produced otherwise. To repeat, it is the method that has changed – not the data. iSEEK Defensibility ISeek also protects the corporate entity by enforcing an unbending rule: only ESI that is sought can be found. In addition, collateral damage to the ESI containment is disallowed because, by default, ISeek excludes any ESI that is not clearly and positively defined in the configuration. An example here further articulates this point: since the standard for ESI acquisition is defined by FRCP as information of “reasonable particularity”, then the subject matter may come from a variety of sources within the overall entities’ ESI container systems. This ISeek artifact method provides a reasonable deterrent to accusations that may come from opposing counsel such as: the ISeek interrogation avoided files or information by type, place, or time which was probative, when in fact, ISeek does just the opposite by default. By default, ISeek does not omit anything from being processed and searched. Only the initiator can absorb that restriction or change iSEEK’s default responsibility features. Therefore, opposing parties cannotaccuse the process method of not being totally impartial in as much as any file at any ESI location is going to be subject to the exact same criteria for inclusion in the corpus gathered. This “lock-box-throw-away-the-key” concept has demonstrable value to counter allegations of intentional avoidance by opposing counsel since it does not use an indexing methodology at any level to find data. iSEEK uses the processes gatheredfrom 20 years of forensics to methodically examine any ESI for relevancy. This process fully leaves the primary responsibility for defining relevancy to the initiator of the ISeek method and the criteria he elects. The categorization of ESI then, has no parallel to the method because no exclusions or waivers of any ESI exist within the borders of the ISeek method. Putting in place selection criteria to limit what is analyzed and what is not, have almost no impact on time to mission, although it may impact end costs of the operation. A witness
WHITE PAPER: Managing 30(B)(6) Issues with ISeek 6 proponentof the method is again, not the party who defined the criteria – at least he does not have to be – so his knowledge of what was investigated, as opposed to what was gathered, is of little consequence in terms of testimony. Hewill have a printed document before him showing the ISeek criteria which confines the testimony at the outset. The ISeek method does not arbitrate any ESI system and cannot do so otherwise. It is impartial and independent no matter how where or when it is run. In sum, the witness to the production is under no more requirements to supply expertise to an ISeek Discovery than he would be to the same information in paper form or from using any other method. One example of this impartiality would be an email claim of relevancy where only selected emails that were probative were all that ISeek was directed to secure. In the non-ISeek method, an entire 100 GB PST file would have to be processed, then indexed to delineate the specific emails (a questionable guarantee of success in any index system). Now assume that there are only 7 out of 800,000 emails that are relevant and probative to the issues in that one matter. Key Considerations: The New EDRM with iSEEK Continuing on this example, In non ISeek methods, the entire 100 gigs of email has to be secured, transported, thenprocessed resulting in 800,000 emails of output which have to be further analyzed for relevancy in an attempt to find the 7 emails that are in fact the point of the matter. It is pointed out here that the time and costs of that processing now bring in undocumented variables beyond anyone’s control – pre-coding, de-duping and user requirements now must be documented throughout any such process. In effect, the business entity now has created an enormous corpus of data subject to further review, just in order to find 7 known relevant items. That data, all 800,000 emails, is now subject to further review and subpoena– needlessly anddangerously we add, in some cases. ISeek is the reversal of this historical EDRM approach. ISeek, by itself on the endpoint target machine, processes the entire 800,000 emails in the 100 GBPST file but only targets the 7 relevant emails, and only encapsulates those 7 emails into an emailreadyresponse. ISeek has not produced an open-ended datamass for the witness to testify to at all. Since the witness is only required to be the responsible party that can address those 7 emails, there were no decisions required beforehand because the witness does not have to have implicit knowledge of any corpus data outside the bounds of those 7 emails. The witness becomes a subject matter expert, not a subject method expert. The ISeek method fully ascribes the rules requirement that the witness must testify as to matters known or reasonably available to the organization. The data was available if it was found by ISeek; it is otherwise unavailable to the methods ISeek employed and as
WHITE PAPER: Managing 30(B)(6) Issues with ISeek 7 long as those methods were not intentionally constructed to mislead any party, they can stand any sanction test. Here, it is informative to give a contrary opposite example: Suppose in the previous example, it is known that OST files are used for disconnected email storage in an organization, but within ISeek’s configuration for this same matter, OST files are intentionally excluded from processing. That would result in no data being found by ISeek at all, and likewise it would result in a defensive position having to be taken later on regarding that decision process. But, those same means and methods and decisions are well known to be the cause of action in any matter of ESI acquisition, and are still excluded out of hand from the responsibility of the witness to a 30(b) deposition. Perlustro and the disclosed patent itself, stand behind the method in public review. The acceptability of the method is then, limited to the criteria of the matter, not the criteria of the approach. The 30(b) witness is required to have, as noted in the rules and case law, familiar knowledge of what is produced, not familiar knowledge of what could have been produced, or what was not produced. This inures benefit to the business entity in that it provides a restrictive umbrella to the witness in addition to the data envelope. ISeek targets ESI with complete independence and total objectivity, but it is not, without the guidance of a responsible official, impervious to failures to find ESI data. For example, a custodian who secretly downloads Bestcrypt and keeps data unknown to the business process within that container, would possibly be able to “hide” relevant information from ISeek with the container unmounted. But using ISeek, it is also very possible and likely that the reverse will be true. The custodian, without any knowledge that ISeek is running on their machine, might open the Bestcrypt container and make that information subject to an ISeek interrogation. As a result, data never before seen, can now found. This data in most known cases would be missed in any other data collection method. ISeek keeps all data in process, targeted and 100% encrypted at all times on the client machine. There is no necessity to re-encrypt data at any point in its life. There is also no need to use any further encryption mechanism to move the data once it has beenencrypted to any place in a network, to a public cloud or even isolated to a physical disk attached to a client machine. Data can be retrieved from any place on earth without any necessity to consider security envelopes at any point in the process. Without entering the password keyinto ISeek Configurator, a person in simple or stolen possession of the ISeek container has the possession of a digital brick. No loss of either fidelity or information will exist unless the managing user reveals the password key to another party. Even the configuration file that is encrypted creates the automaton effect. The password to the container can be different from either the data warehouse password or the configuration password. The only modality for interception lies in a memory mechanism that would have to exist on the client end when data is processed,
WHITE PAPER: Managing 30(B)(6) Issues with ISeek 8 but such likelihood can only determine the ISeek process space, not the password used to encrypt the container contents. Once the container leaves the machine either by email summary form or in whole data form, the access to the data is further limited by the ISeek server component, which will only unlock configurations already licensed. This mechanism prevents theft of the data because only legitimate users would have a licensed server component. Authentication Aspects of ISeek Findings ISeek authenticates the data source from many different points of view including logged on users, ACL’s Drive serial numbers, CPU numbers, Network interface descriptors, and many others. The manager of the ISeek configuration file can also further describe the custodian by name, any proxy or intermediaries or others including notes of the process intended separately by use of encrypted fields in the configuration files. This data can be attached automatically to data warehouse processes without the need for further annotations to support chain of custody issues. The process also includes verbose logging which is time based during a process. Jim Baker is the President of Perlustro LP, a privately held computer consulting firm that specializes in forensic software development, such as the computer forensic tool, iSEEK. Jim was a special agent with the Criminal Investigation Division of the IRS for 31 years; he also served as the Chief Technical Advisor to the Director of Electronic Crimes. During his tenure at the IRS, Jim partnered with Microsoft to develop and implement the standard and primary desktop platform for IRS Criminal Investigation’s client desktop systems.

Empfohlen

Scielo
ScieloScielo
ScieloprofDesireenavarro
 
ISEEK Case Studies
ISEEK Case StudiesISEEK Case Studies
ISEEK Case Studiesbrown288
 
Geografia y su base filosofica
Geografia y su base filosoficaGeografia y su base filosofica
Geografia y su base filosoficaismaelgonzales
 
Bases filosĂłficas
Bases filosĂłficasBases filosĂłficas
Bases filosĂłficasMauricio Villabona
 
Las bases filosĂłficas del cuidado
Las bases filosĂłficas del cuidadoLas bases filosĂłficas del cuidado
Las bases filosĂłficas del cuidadoOscar LĂłpez Regalado
 
Three Mobile User Acquisition Megatrends for 2017
Three Mobile User Acquisition Megatrends for 2017Three Mobile User Acquisition Megatrends for 2017
Three Mobile User Acquisition Megatrends for 2017Eric Seufert
 
Paginas de matematicas
Paginas de matematicasPaginas de matematicas
Paginas de matematicasespanol
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101Amit Ranjan
 

Empfohlen

Scielo
ScieloScielo
ScieloprofDesireenavarro
 
ISEEK Case Studies
ISEEK Case StudiesISEEK Case Studies
ISEEK Case Studiesbrown288
 
Geografia y su base filosofica
Geografia y su base filosoficaGeografia y su base filosofica
Geografia y su base filosoficaismaelgonzales
 
Bases filosĂłficas
Bases filosĂłficasBases filosĂłficas
Bases filosĂłficasMauricio Villabona
 
Las bases filosĂłficas del cuidado
Las bases filosĂłficas del cuidadoLas bases filosĂłficas del cuidado
Las bases filosĂłficas del cuidadoOscar LĂłpez Regalado
 
Three Mobile User Acquisition Megatrends for 2017
Three Mobile User Acquisition Megatrends for 2017Three Mobile User Acquisition Megatrends for 2017
Three Mobile User Acquisition Megatrends for 2017Eric Seufert
 
Paginas de matematicas
Paginas de matematicasPaginas de matematicas
Paginas de matematicasespanol
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101Amit Ranjan
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĂșjo
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Weitere Àhnliche Inhalte

KĂŒrzlich hochgeladen

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĂșjo
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

KĂŒrzlich hochgeladen (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

Empfohlen

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data ScienceChristy Abraham Joy
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

Empfohlen (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Managing 30(B)(6) Issues with iSEEK

  • 1. October Managing (30)(B)(6) Issues with iSEEK White Paper In this whitepaper, we address subject matters that pertain to testifying parties who could require the use of the computer forensic tool, iSEEK, to target and process electronically stored information within a corporate partnership or other legal entity for presentation as evidence in a Federal matter. Innovative Litigation 13
  • 2. WHITE PAPER: Managing 30(B)(6) Issues with ISeek 2 Table of Contents USING ISEEK: LEVERAGING PROGRAMS AND FUNCTIONS FOR EFFICIENT E-DISCOVERY DIFFERENCES IN PRODUCTION METHODS ESI PROTECTION METHODS: ALLEVIATING LIABILITY CONCERNS ISEEK DEFENSIBILITY KEY CONSIDERATIONS: THE NEW EDRM WITH ISEEK AUTHENTICATION ASPECTS OF ISEEK FINDINGS 3 4 4 5 6 8
  • 3. WHITE PAPER: Managing 30(B)(6) Issues with ISeek 3 The subject matter expertise required of the potential witness or testifying party is exactly the same under the use of ISeek as with any other method for the Electronic Discovery Reference Model (EDRM). A witness of business transaction processes that uses any targeteddata collectionmethod, such as computer forensics or indexing systems,has the same responsibilities but more precise testimonial elements. This is true in isolation of data, disconnected systems, or at computer domain management systems comprising large domain levels. The acquisition of the data and the methods of acquisitionare what differentiate ISeek from any other existing method of early stage Electronic Discovery. In companion tests to index solutions, ISeek actually finds much more data simply due to the fact that indexing solutions are so replete with intractable errors in their solutions, due in part to the inability for indexing to reach the equivalency of searching. Using iSEEK: Leveraging Programs and Functions for Efficient E-Discovery ISeek is built around core fundamental forensic principles that insure a fully independent acquisition of data without regard to human intervention or decision processes after the interrogation commences. It is unlike other methods in that it is an automaton and is described as such in the patent letters. iSEEK’s design methods are directed toward empowering the automaton with instructions (the configuration file); it then executes without regard to any other factor externally to its runtime impact with the exception being made only for location access. The witness is not responsible for understanding the process of data acquisition within the ISeek application itself, they are only responsible for the business record description of the culmination of an ISeek search of a system containing electronically stored information. The output is the same in terms of the final resting place of data and all records targeted by ISeek would be the same records – if they could be found – by using any other process, which is automatically used to target responsive material. ISeek acts independent of the ISeek Execution Operator, and critically, since it operates without any possible contamination or alteration of the selection criteria. ISeek allows users to target ESI from the outset of the mission, without any witness, custodian, proxy, or investigator’s knowledge of the results or the criteria used to select ESI. ISeek is solely based on a critical functionality, which guarantees independence by virtue of the fact all selection criteria are set and protected in an encrypted configuration file that is only accessible to those who create it. This “actions” file, also known as ISeek.config, directs the tool – independent of the operator of the process, to conduct exclusive processed searches by processing data on the end point data store. In addition, the iSeek configuration file is designed to perform without “pulling back” data to any location; any data can be examined. Data is examined and processed in its
  • 4. WHITE PAPER: Managing 30(B)(6) Issues with ISeek 4 original location, not indexed in place or moved for other functions. It is processed where it lies, and then searched in place in order to find the criteria set by the creator relative to the matter at hand. Differences in Production Methods Since there is no Rule 6 requirement that the business entity produce the "most knowledgeable" witness, only that the person testifying "shall testify as to matters known or reasonably available to the organization," then the production method of ESI used in ISeek does not require any extra knowledge of the witness to begin with. The ISeek interrogation output of an ESI system lies in the descriptive requirement knowledge of the witness, but only in so far as they would have to have the exact same knowledge requirement of any record custodian using any other method. The difference is the corpus result set. To summarize, the output method is the same as any other end process generally, but it is the output method at the small end of the pipe that is different. That method is a post-process method, not a pre-process one. ISeek only circumscribes the directives it received at runtime from the ISeek.config file. It does allow for user-defined locations if necessary at runtime, but there is no possible way for the initiator of an ISeek query to actively interact with the ISeek process once it is run. There are no criteria visible and none can be redacted. The criteria specified are completely invisible to the custodian and the collection agent. The criteria specified are also invisible to the proxy or initiator during runtime. For example, if there were 10 custodians, each managed by one “collector” (for instance, an IT admin),then the IT admin would not prepare the configuration file. Counsel or an otherwise appointed party would or could be responsible for that preparation. Instead, users could simply present the configuration file criteria to the IT admin, who would then execute the process against the 10 custodians. In this setup, the IT admin has no idea what is processed or gathered or what any selection criteria are (nor does the custodian). The data that is targeted and processed is then, at that point in time and on into the future, solely under the domain and control of Counsel or their appointed proxy. The data circumscribed by the ISeek method is 100% encrypted in Advanced Encryption Standard 256(AES-256) from that step forward and throughout the entire lifecycle unless the creator elects to remove that protection. ESI Protection Methods: Alleviating Liability Concerns Because ISeek works using a different paradigm than any other tool or indexing based system, the results file (a file with the extension .isk) is only available to the initiator of the ESI gathering ‐ whether it is for an active case or a legal hold matter. If the initiator is counsel for the entity, thenheis in full control of the criteria and conditions under which the data was gathered from the 10 custodians. No custodian or IT Admin need have this
  • 5. WHITE PAPER: Managing 30(B)(6) Issues with ISeek 5 knowledge at any point in the data lifecycle. Once the initiator decides to open and view, or extract the ISeek file data envelope, he alone controls the distribution and dissemination of that data.From that point on, everything done in terms of control focuses on the initiator. He can share that control or not, depending on the matter at hand. This relates directly to 30(b) because the matter relevancy is less of an issue than the security and containment of the data. Regardless of what is gathered, the 30(b) witness has no new or different data to look at or support than they would otherwise. Glaringly, this method protects the entity in many respects because the 30(b) witness is no longer subject to conjecture and vague general questions regarding contingent issues. Those questions are not within the knowledge of the expert because he only represents the ESI produced from the matter, not what could have been produced otherwise. To repeat, it is the method that has changed – not the data. iSEEK Defensibility ISeek also protects the corporate entity by enforcing an unbending rule: only ESI that is sought can be found. In addition, collateral damage to the ESI containment is disallowed because, by default, ISeek excludes any ESI that is not clearly and positively defined in the configuration. An example here further articulates this point: since the standard for ESI acquisition is defined by FRCP as information of “reasonable particularity”, then the subject matter may come from a variety of sources within the overall entities’ ESI container systems. This ISeek artifact method provides a reasonable deterrent to accusations that may come from opposing counsel such as: the ISeek interrogation avoided files or information by type, place, or time which was probative, when in fact, ISeek does just the opposite by default. By default, ISeek does not omit anything from being processed and searched. Only the initiator can absorb that restriction or change iSEEK’s default responsibility features. Therefore, opposing parties cannotaccuse the process method of not being totally impartial in as much as any file at any ESI location is going to be subject to the exact same criteria for inclusion in the corpus gathered. This “lock-box-throw-away-the-key” concept has demonstrable value to counter allegations of intentional avoidance by opposing counsel since it does not use an indexing methodology at any level to find data. iSEEK uses the processes gatheredfrom 20 years of forensics to methodically examine any ESI for relevancy. This process fully leaves the primary responsibility for defining relevancy to the initiator of the ISeek method and the criteria he elects. The categorization of ESI then, has no parallel to the method because no exclusions or waivers of any ESI exist within the borders of the ISeek method. Putting in place selection criteria to limit what is analyzed and what is not, have almost no impact on time to mission, although it may impact end costs of the operation. A witness
  • 6. WHITE PAPER: Managing 30(B)(6) Issues with ISeek 6 proponentof the method is again, not the party who defined the criteria – at least he does not have to be – so his knowledge of what was investigated, as opposed to what was gathered, is of little consequence in terms of testimony. Hewill have a printed document before him showing the ISeek criteria which confines the testimony at the outset. The ISeek method does not arbitrate any ESI system and cannot do so otherwise. It is impartial and independent no matter how where or when it is run. In sum, the witness to the production is under no more requirements to supply expertise to an ISeek Discovery than he would be to the same information in paper form or from using any other method. One example of this impartiality would be an email claim of relevancy where only selected emails that were probative were all that ISeek was directed to secure. In the non-ISeek method, an entire 100 GB PST file would have to be processed, then indexed to delineate the specific emails (a questionable guarantee of success in any index system). Now assume that there are only 7 out of 800,000 emails that are relevant and probative to the issues in that one matter. Key Considerations: The New EDRM with iSEEK Continuing on this example, In non ISeek methods, the entire 100 gigs of email has to be secured, transported, thenprocessed resulting in 800,000 emails of output which have to be further analyzed for relevancy in an attempt to find the 7 emails that are in fact the point of the matter. It is pointed out here that the time and costs of that processing now bring in undocumented variables beyond anyone’s control – pre-coding, de-duping and user requirements now must be documented throughout any such process. In effect, the business entity now has created an enormous corpus of data subject to further review, just in order to find 7 known relevant items. That data, all 800,000 emails, is now subject to further review and subpoena– needlessly anddangerously we add, in some cases. ISeek is the reversal of this historical EDRM approach. ISeek, by itself on the endpoint target machine, processes the entire 800,000 emails in the 100 GBPST file but only targets the 7 relevant emails, and only encapsulates those 7 emails into an emailreadyresponse. ISeek has not produced an open-ended datamass for the witness to testify to at all. Since the witness is only required to be the responsible party that can address those 7 emails, there were no decisions required beforehand because the witness does not have to have implicit knowledge of any corpus data outside the bounds of those 7 emails. The witness becomes a subject matter expert, not a subject method expert. The ISeek method fully ascribes the rules requirement that the witness must testify as to matters known or reasonably available to the organization. The data was available if it was found by ISeek; it is otherwise unavailable to the methods ISeek employed and as
  • 7. WHITE PAPER: Managing 30(B)(6) Issues with ISeek 7 long as those methods were not intentionally constructed to mislead any party, they can stand any sanction test. Here, it is informative to give a contrary opposite example: Suppose in the previous example, it is known that OST files are used for disconnected email storage in an organization, but within ISeek’s configuration for this same matter, OST files are intentionally excluded from processing. That would result in no data being found by ISeek at all, and likewise it would result in a defensive position having to be taken later on regarding that decision process. But, those same means and methods and decisions are well known to be the cause of action in any matter of ESI acquisition, and are still excluded out of hand from the responsibility of the witness to a 30(b) deposition. Perlustro and the disclosed patent itself, stand behind the method in public review. The acceptability of the method is then, limited to the criteria of the matter, not the criteria of the approach. The 30(b) witness is required to have, as noted in the rules and case law, familiar knowledge of what is produced, not familiar knowledge of what could have been produced, or what was not produced. This inures benefit to the business entity in that it provides a restrictive umbrella to the witness in addition to the data envelope. ISeek targets ESI with complete independence and total objectivity, but it is not, without the guidance of a responsible official, impervious to failures to find ESI data. For example, a custodian who secretly downloads Bestcrypt and keeps data unknown to the business process within that container, would possibly be able to “hide” relevant information from ISeek with the container unmounted. But using ISeek, it is also very possible and likely that the reverse will be true. The custodian, without any knowledge that ISeek is running on their machine, might open the Bestcrypt container and make that information subject to an ISeek interrogation. As a result, data never before seen, can now found. This data in most known cases would be missed in any other data collection method. ISeek keeps all data in process, targeted and 100% encrypted at all times on the client machine. There is no necessity to re-encrypt data at any point in its life. There is also no need to use any further encryption mechanism to move the data once it has beenencrypted to any place in a network, to a public cloud or even isolated to a physical disk attached to a client machine. Data can be retrieved from any place on earth without any necessity to consider security envelopes at any point in the process. Without entering the password keyinto ISeek Configurator, a person in simple or stolen possession of the ISeek container has the possession of a digital brick. No loss of either fidelity or information will exist unless the managing user reveals the password key to another party. Even the configuration file that is encrypted creates the automaton effect. The password to the container can be different from either the data warehouse password or the configuration password. The only modality for interception lies in a memory mechanism that would have to exist on the client end when data is processed,
  • 8. WHITE PAPER: Managing 30(B)(6) Issues with ISeek 8 but such likelihood can only determine the ISeek process space, not the password used to encrypt the container contents. Once the container leaves the machine either by email summary form or in whole data form, the access to the data is further limited by the ISeek server component, which will only unlock configurations already licensed. This mechanism prevents theft of the data because only legitimate users would have a licensed server component. Authentication Aspects of ISeek Findings ISeek authenticates the data source from many different points of view including logged on users, ACL’s Drive serial numbers, CPU numbers, Network interface descriptors, and many others. The manager of the ISeek configuration file can also further describe the custodian by name, any proxy or intermediaries or others including notes of the process intended separately by use of encrypted fields in the configuration files. This data can be attached automatically to data warehouse processes without the need for further annotations to support chain of custody issues. The process also includes verbose logging which is time based during a process. Jim Baker is the President of Perlustro LP, a privately held computer consulting firm that specializes in forensic software development, such as the computer forensic tool, iSEEK. Jim was a special agent with the Criminal Investigation Division of the IRS for 31 years; he also served as the Chief Technical Advisor to the Director of Electronic Crimes. During his tenure at the IRS, Jim partnered with Microsoft to develop and implement the standard and primary desktop platform for IRS Criminal Investigation’s client desktop systems.