AD-Ediscovery-Product-Review-From
Total Page:16
File Type:pdf, Size:1020Kb
eDiscovery Full eDiscovery Suite Empowering Excellence from Data Collection to Analysis for Endpoint & Remote Data Collection, Forensic Imaging, Document Review, and Much More AD eDiscovery is Company Name Brand challenges for over 30 years. For example, AccessData Group, Inc. one of the more difficult tasks is collecting a single, integrated data from remote computers which has Product Name Brand(s) become even more prevalent in the platform for preservation, AD eDiscovery work-from-home environments we find litigation holds, collection, AD Enterprise ourselves these days. Fortunately, Forensic Toolkit (FTK) AccessData stands out as one of the few data processing, and Quin-C companies that offers tools and platforms AD QBlaze that allow customers to successfully assessment, along with Summation retrieve and process electronically stored legal review and information from anywhere. Latest Developments and Updates production.” • Collect from Microsoft Office 365, Teams, The Comprehensive eDiscovery Mimecast email management, and Family from AccessData Proofpoint cybersecurity. AccessData is a comprehensive provider of • Speed data collection and analysis with computer forensics and litigation support automated tasks. technologies and boasts a broad spectrum • Remotely collect data from Apple macOS of stand-alone and enterprise-grade Catalina and Mojave operating systems. software platforms. • The new AD QBlaze platform simplifies processing and review in an easy-to- One of their flagship products, AD access SaaS model. eDiscovery, supports an end-to-end discovery process across the entire There are many uncertainties one Electronic Discovery Reference Model encounters when attempting to be (EDRM). A single SQL database serves all proficient at eDiscovery processes and components and supports seamless, procedures but there is a company that connected workflows in a forensically has aptly and consistently addressed those sound environment. Figure 1: A “Reports Only” collection interrogates data sources and reports metadata so you can hone your data collection efforts. Use filters, such as file types and data ranges, to limit collection from sources. Then use the “Collection” phase to copy and preserve the data forensically. | legaltechpublishing.com | © Legal Tech Publishing 2020. PAGE 2 AD eDiscovery is a single, integrated Summation is a web-based legal document AD eDiscovery can platform for preservation, litigation holds, review platform that is powered by FTK process over 700 collection, data processing, and assessment, processing technology and all of that power along with legal review and production. The is also fully integrated into AD eDiscovery. data types, including PST single platform installs on-premises to mitigate risks and lower costs by reducing Quin-C is an upgrade from Summation for and NSF files, with full data transfers between disparate accelerated data processing, review, and forensic logging.” technologies and finding, collecting, and analysis in an easy-to-use, web-based processing all relevant information in interface. Quin-C is groundbreaking ECA structured and unstructured data sources. and legal review technology that uncovers critical evidence faster and makes more AccessData also offers AD Enterprise, meaningful connections across data Summation, AD QBlaze, Quin-C, and the through cutting-edge visualizations, a hyper-crucial Forensic Toolkit (FTK). AD review dashboard, and an enhanced Enterprise supports remote agent coding panel—all in a flexible, easy-to-use collection and visibility into live data on HTML5 interface. Quin-C uses the same endpoints to conduct fast investigations forensically secure backend database as such as post-breach analysis and Summation, so the upgrade is seamless. compliance questions. The platform is used by corporate IT and legal departments to Last but not least, QBlaze is a desktop legal support projects like HR investigations and review software with prebuilt and custom financial audits. The Forensic Toolkit (FTK) review workflows delivered in a software- interoperates with AD Enterprise to create as-a-service (SaaS) model. Service forensic images of computers and providers can license the desktop review workstations as well as for indexing and software to provide the platform to their processing data from hard drives, network own customers. sources, and mobile devices. Figure 2: The New Project Wizard takes you through all the options to kick off and complete collecting data from custodians using AccessData’s evidence-processing engine to prepare collections for review. | legaltechpublishing.com | © Legal Tech Publishing 2020. PAGE 3 When AD Extensive and Exhaustive Data SharePoint Online, Microsoft Teams, and Collection with Reporting Tools OneDrive), Google Drive & G-Suite, Box, eDiscovery collects You can deploy the AccessData data Documentum, DocuShare, IBM Lotus collection agent to remote endpoints to Domino Server (Notes), Druva, Symantec data, it automatically collect data without interrupting users or Enterprise Vault, Mimecast, and generates an MD5 hash making changes to the actual evidence. AD Proofpoint. AccessData considers its eDiscovery can perform a full or targeted connectors to be a growing market within file (AD1 container) for the collection based on the custodian, data its customer base and has plans to add type, and/or keyword search with Boolean Slack Enterprise, Zoom, and other multi- data so you can validate logic. For civil, criminal, and internal channel chat communication tools. the collection, maintain investigations, you can forensically image entire systems even over networks. When AD eDiscovery collects data, it chain of custody, and automatically generates an MD5 hash file AD eDiscovery agents are rooted in devices (AD1 container) for the data so you can prevent spoliation.” at the kernel level so that you can conduct validate the collection, maintain chain of filtered collections or full-disk acquisitions custody, and prevent spoliation. This and even collect files in use and recover underlying work is courtesy of AccessData’s deleted files. The system also uses drivers FTK technology that is baked directly into for Microsoft Windows and Apple macOS the system. and supports a public agent for off- network data sources. The Collection Wizard lets you choose from two phases: Report Only and Collection. Through the use of connectors, you can See Figure 1 on page 28. use workflow-driven templates in AD eDiscovery to perform “agentless” Data Processing With a Wizard collections from more than 30 data After collection, AD eDiscovery processes repositories and cloud platforms including the data in preparation for review. The Microsoft Office 365 (Exchange Online, software can process over 700 data types, Figure 3: AccessData’s review tool with Project Explorer in the panel to review and apply tags and filters. The search window sits on top with search results beneath it and viewers down below. The Document Analysis pane on the right allows you to see email details including attachments and conversation threads. | legaltechpublishing.com | © Legal Tech Publishing 2020. PAGE 4 including PST and NSF files, with full querying with Boolean logic and advanced forensic logging. You don’t have to worry if searches with fuzzy, phonic, and stemming your data includes odd file types, container options. See Figure 3 on the previous page. files, or password protected files because with FTK under the hood almost every The current AD eDiscovery version 7.1 will scenario is covered. soon be replaced by 8.0. Both versions offer a simple, easy-to-use design that In the New Project Wizard, you can select orchestrates and automates many manual custodians to collect data and direct tasks. See Figure 4. AccessData’s evidence-processing engine while choosing from several options. The The toolbar across the center on top Standard option includes archive file changes the main window context to the expansion, indexing, hashing, deduplication, chosen tool, such as Collections and Legal and file signature analysis. See Figure 2 on Holds, for the highlighted project. Click the page 29. Review icon next to a project to jump to an early-case assessment of collected An Effective Interface for evidence, cull it, and assign it to reviewers in Document Review batches with labels and tags. AD eDiscovery After processing, data is available for uses role-based permissions and integrates review. AD eDiscovery has integrated with Microsoft Active Directory. document review with predictive coding for relevancy with search keywords from The navigation bar above the toolbar the top of the UI. The system uses SQL brings you back home where you can search and dtSearch for indexing and select dashboards, litigation holds, and Figure 4: AD eDiscovery 7.1 uses a single browser window to support tasks in the EDRM process. In a few clicks, you can move through a job guided by dialog boxes, such as the Create New Project wizard, or you can select a standard template to start work. | legaltechpublishing.com | © Legal Tech Publishing 2020. PAGE 5 data sources. In the Data Sources window, to integrate AD eDiscovery with ticketing enforcement, and government agencies select sources of potential evidence such and matter management systems. worldwide from its three global offices in as computers, home drives, email Frankfurt, London, and Orem, Utah. The accounts, and external repositories. The new version 8.0 of AD eDiscovery will company has more than 60,000 instances interoperate with 7.1.