This article is the first of a four-part series exploring data security and e-discovery. In the next installment, we will look at security best practices.
In-house counsel have heard the horror stories about security breaches and the expenses and reputational damage those breaches can lead to. Hackers have gained access to the personal data of 70 million Sony PlayStation users. A security breach cost Bank of America $10 million. Two men have been charged with electronically breaking into AT&T’s servers and stealing the e-mail addresses of about 120,000 iPad users, among a host of other examples.
In order to protect their data during litigation, in-house counsel must understand their own risks and the security standards that their partners and vendors use. The Federal Information Security Management Act of 2002 defines three security objectives for information and information systems: