Have you considered your overall data security risks?
As unfortunate as it may be, many firms simply select the lowest bidder when it comes to ESI processing and overall management. It's absolutely amazing that some firms would push some of the American economies most valuable and contended trade secrets, human resource data, bank and financial information and more to the lowest bidder, without taking the time and energy to evaluate what the vendor's security practices are.
A great article over at LTN opens this pandora's box a bit. Here's a blurb.
When hackers can’t get a hold of a company’s data directly because there are too many security blocks, Jackson Lewis shareholder Ralph Losey said they may try to do so through a back door like the entity’s law firm.
In an entry on E-discovery Law Today, Losey said cybersecurity should be considered the number one job for all litigation attorneys who handle confidential electronically stored information.
In addition to “traditional” hackers, he said lawyers need to be on the lookout for unethical competitors engaging in illegal access to e-discovery productions, adding the problem is getting worse as both criminal activity and the amount of information stored on computers increase.
At Platinum, we mitigate this risk with several layers of data security, based in our Tier 3 datacenter combined with best practices such as password strength, 2048 bit encryption streams and point to point IP security that allows remote access only from protected and recognized nodes. When a firm employs Platinum, they can rest easy that our 'best effort' security measures outperform their own and their client expectations. With SOX, HIPPAA, SOC2, SOC3 and PCI/DSS certifications, we're not only organizationally sound from a compliance standpoint, but it's been implemented in a streamlined and scalable manner that doesn't slow or diminish performance of our team or clients.
Have you done your due diligence with your current vendors? It might be interesting to re-evaluate them :)