Editor: First off, IT reduction is a new and relatively unique service. Why did you develop it?
Briggi: IT reduction is in fact a service we’ve conducted on behalf of clients for many years. It’s perhaps traditionally been thought of as "defensible data deletion" as part of an information management program. We’re seeing an increase in client requests for this type of help, and new use cases emerge, which is why we’re packaging it as an offering. There is a real opportunity for clients to trim down their data and realize substantial cost savings and risk reduction.
Editor: What are some of the common scenarios you help with?
Roffman: We are called in whenever a company has questions about whether it needs to retain data. This can span a variety of event-driven scenarios, from staff reductions to changes in the company’s IT infrastructure. Some examples include a company going through liquidation, bankruptcy or receivership, or a company physically downsizing, relocating or selling off assets. The common theme is that companies are often left with too much data. Besides event-driven scenarios, we often help clients proactively develop information management policies that include retention and destruction, particularly with years of backup media. We work with both types of scenarios to help clients identify relevant data that needs to be kept, whether for litigation, regulation, operational or other reasons, and find ways to keep it in a cost-efficient way.
Editor: What are some of the data sources you often work with?
Briggi: You name it, and we’ve probably worked with it. Some of the more common data sources include active and archived email, Microsoft Office documents and similar applications used by employees in their day-to-day activities. These may be stored on the client’s computers, on a network file-share or both. But, it’s important to mention many of the other data types often exist and are used by employees on a daily basis. Many of these fall under the umbrella of “structured data” - such as financial, HR and marketing systems.
Editor: Is the scope of your services limited to data?
Roffman: While data is at the heart of our engagements, the matters can often expand to encompass process, technology, staff and IT assets.
In many instances, the reduction of data is coupled with a need to reduce IT equipment, IT space and personnel. As such, we work to develop a plan to reduce IT assets as a whole, including servers, desktops, laptops and mobile devices. These reductions sometimes require changes in IT processes, which presents an opportunity for us to assist the client and their counsel in this transition.
In some cases, we will store client data in our own data center. This way, when there is a regulatory request, we can answer that request by querying the copy of their data even if the original system has been decommissioned.
We work with each client and their lawyers to develop a customized plan to reduce their IT systems and IT overhead while preserving data that is potentially relevant for future litigation, for regulatory matters and other types of situations.
Briggi: In addition to data, other information needs to be preserved. The IT staff and management often have institutional knowledge essential to continuing operations. They know how to keep the systems working, what the passwords are, how the applications interact with pieces of data, the backups and the history of the company’s IT operations. This knowledge is important to document and preserve as staff and resources are reduced, as the knowledge may be critical to continuing operations.
As services are reduced, hardware can be taken out of service, reducing operating costs. If wiped properly to remove any data, the assets can even be sold.
Editor: Does IT reduction often run contrary to a lawyer’s desire to save everything, forever?
Roffman: Whether it’s natural disposition or learned behavior, lawyers are cautious. It’s understandable that they would want to keep information in the event it is relevant at some point in the future. The problem is that much of the data may not be relevant and keeping that information could be very expensive. Over-preservation can lead to increased risk. After a matter starts there is nothing worse than finding another server with potentially relevant information.
Our approach is to help clients identify a reasonable retention period and keep a reasonable amount of data. We explain the options, outline potential risk and propose a strategy for preserving the data in a reasonable fashion and for a reasonable period of time.
Editor: Do you have to approach each matter differently? What are some of the differences?
Briggi: Each matter presents different challenges. I recently worked on a matter where the IT manager was going to be dismissed. The challenge was to transfer the manager’s knowledge to ensure ongoing operations and to maintain security.
It’s an understandably delicate situation. On the one hand, you must proactively obtain as much information as possible while implementing a plan to lock the IT manager completely out. At the same time, you may want to preserve a relationship with the departing employee so that you can ask her questions about missing information.
In another example, a company’s liquidation can present unique challenges. Not only do you need to get the required information as part of the winding-down process, but you can be in charge of managing the IT infrastructure and operations as the liquidation proceeds. That can include managing IT staff and providing guidance when some system isn’t working properly or the accountants need information.
Editor: Tell us more about how FTI helps during IT transitions. What if someone within IT is under investigation?
Roffman: FTI has a team of experts from various backgrounds (industrial, government, law enforcement), including IT with investigative, managerial and forensic computer skills.
If, during an IT reduction, there is an ongoing investigation or we uncover wrongdoing, we cooperate with the client to assure that relevant data is not lost. We have investigators who are also trained in IT and professionals who have the specific experience with different databases and accounting systems to make sure that the client’s needs are being taken care of.
When an IT individual departs an organization one of the primary tasks that we’re asked to help with is to ensure that the network is securely maintained. This may include changing of passwords, implementation and/or monitoring of activity logs, updates to firewalls and restricting remote access.
Editor: What are some of the key questions that should act as a trigger for needing IT reduction?
Briggi: Do we need this data? What can we do with all these backup tapes? What can we do to reduce our e-discovery costs the next time? If you have asked these or similar questions, it’s probably a good time to talk with us.
Most companies have lots of duplicative data. When you have duplicative data, your operating, preservation and discovery costs increase. If you were to reduce your data to only unique documents, your data would be more manageable. You then have one data set to look at to identify documents for preservation and discovery.
Once the data mapping is understood, it is simply a matter of balancing risk with costs.
Roffman: I’ll just add that it’s a consultative process where one size does not fit all. We’ll make recommendations based upon your environment, industry and needs, so that you and your counsel can review and approve any action. Ultimately, the client must decide, with advice from counsel, on the best retention and IT reduction policy.
Larry Briggi is a Managing Director in the FTI Technology practice and is based in New York. Mr. Briggi has over 25 years' experience in the corporate and legal industries developing and implementing litigation management and technology solutions. In addition to the general litigation experience of managing extremely large matters and electronic evidence handling, Mr. Briggi has been the architect of electronic evidence processing systems, imaging systems, production scanning and coding facilities, remote trial sites and systems integration. He has been an active leader and participant in user’s groups serving in various roles including as President of the East Coast Association of Litigation Support Managers (ECALSM) and co-founder of the Etech User’s Group. He is a frequent presenter and published writer on the topics of litigation technology, electronic evidence and computer forensics.
Daniel E. Roffman is a Managing Director in the FTI Technology segment and is based in Chicago. Mr. Roffman has more than eight years of experience in the computer forensics and eDiscovery field and routinely advises some of the world’s leading corporations on electronic discovery issues. Mr. Roffman’s client engagements focus on data acquisition, forensic examination, online investigations, development of custom solutions, and consulting on eDiscovery preparedness for corporations. During his career, he has worked on numerous cases in both the public and private sectors, and he applies a range of knowledge and past experiences to his current client engagements.