An Ounce of Prevention: Fundamentals of Data Protection
-min.avif)
Jonathan Fowler currently serves as Vice President and CISO for Consilio. He is a Subject Matter Expert (SME) in the fields of Electronic Discovery and Digital Forensics and advises clients on all aspects of the Electronic Discovery Reference Model (EDRM) from effective information governance strategies through document production and presentation. He previously headed up Consilio’s global Digital Forensics team, overseeing all data preservation, collection, and forensic examination operations, including the allocation of human and technology resources at the matter level, also serving as the driving force behind the growth and strategic direction of the department. He has experience as an expert witness in Computer Forensics in both Federal and state courts, and has also prepared multiple expert reports, affidavits, and statements of fact for various clients. Additionally, Jonathan serves as Adjunct Professor in the graduate program in Computer Forensics at George Mason University, teaching courses in Windows Registry Forensics, as well as the capstone Advanced Computer Forensics course.
Matthew Verga is an attorney, consultant, and eDiscovery expert proficient at leveraging his legal experience, his technical knowledge, and his communication skills to make complex eDiscovery topics accessible to diverse audiences. A fifteen-year industry veteran, Matthew has worked across every phase of the EDRM and at every level, from the project trenches to enterprise program design. As Director of Education for Consilio, he leverages this background to produce engaging educational content to empower practitioners at all levels with knowledge they can use to improve their projects, their careers, and their organizations.
Summary
It is axiomatic that the volumes of electronically-stored information (ESI) generated by organizations are vast and ever-increasing. Correspondingly, the amount of ESI that must be preserved, collected, processed, and reviewed for internal investigations, active litigation, and regulatory compliance never stops growing. Today, it is a practical and ethical requirement for practitioners in these areas to take the necessary steps to protect the ESI they are managing for those purposes, which means keeping up with evolving security and compliance best practices – as well as adapting to the rapidly changing tactics to threat actors. In this practice guide, we will discuss why ESI must be protected and how you can protect it, including fundamentals of security compliance frameworks, role-based access control, cloud storage vs. on-premises storage, and data encryption.
In this Practice Guide
- The relative merits of common security compliance frameworks
- The pros and cons of cloud and on-premises storage environments
- The essential need for data encryption at rest and in transit
Key Insights
- The need for everyone to contribute to data protection
- The critical importance of role-based access control
- The need to adapt to evolving threat tactics
Summary
It is axiomatic that the volumes of electronically-stored information (ESI) generated by organizations are vast and ever-increasing. Correspondingly, the amount of ESI that must be preserved, collected, processed, and reviewed for internal investigations, active litigation, and regulatory compliance never stops growing. Today, it is a practical and ethical requirement for practitioners in these areas to take the necessary steps to protect the ESI they are managing for those purposes, which means keeping up with evolving security and compliance best practices – as well as adapting to the rapidly changing tactics to threat actors. In this practice guide, we will discuss why ESI must be protected and how you can protect it, including fundamentals of security compliance frameworks, role-based access control, cloud storage vs. on-premises storage, and data encryption.
In this Practice Guide
- The relative merits of common security compliance frameworks
- The pros and cons of cloud and on-premises storage environments
- The essential need for data encryption at rest and in transit
Key Insights
- The need for everyone to contribute to data protection
- The critical importance of role-based access control
- The need to adapt to evolving threat tactics
