Managing data preservation for ediscovery requires walking on a knife’s edge. As soon as you can reasonably anticipate a litigation matter, you must rapidly identify and preserve any relevant data. But between litigation matters, your IT department pushes you to minimize the risks and costs of extraneous data by continuously culling your data stores.
Knowing what to preserve for ediscovery is only half the battle; there’s also the question of how to keep potentially discoverable data. Should you preserve data in place, or should you collect it to an external repository for the pendency of the litigation matter? What’s the least risky, most cost-effective way to guarantee that data will be available for use in ediscovery and litigation without creating new security risks?
The answer, predictably enough, is that it depends.
Now that Slack enables in-place preservation for Enterprise Grid customers, let’s look at how companies can maintain data security and minimize both risks and costs when preserving Slack data.
Approaches to Implementing Legal Holds for Slack Data
Until this year, the only way to guarantee the preservation of Slack data was to collect it into an external repository. Recently, Slack added a new capability to Enterprise Grid customers that enable legal holds through an internal function to facilitate in-place preservation. Slack Legal Hold operates by suspending the retention policy that an organization has implemented for its Slack data, exempting any held data from the scheduled deletion.
While in-place preservation isn’t available to everyone—and isn’t a panacea—it does have the potential to reduce both security risks and costs.
How In-Place Data Preservation Can Reduce Security Risks
By preserving data in its native repository, you limit:
- data transfers from one system or storage location to the next,
- storage locations—also known as potential targets for hackers—for valuable data, and
- the number of copies of data that exist.
While it’s not a perfect comparison, it can be helpful to think of your data as money. When you keep your money within your bank account, you can rest assured that it’s safe and secure. As soon as you start transferring money to other locations—your purse, Venmo account, crypto wallet, the pocket of that jacket you only wear twice a season—you can lose track of it and increase the risk of loss or theft. Additionally, the more places you store or transfer your money through, the more areas you have to protect, potentially making you an attractive target for criminals.
When you preserve data in the program or app where it was created, you’re essentially leaving your money in your bank account. That means you have fewer transfers to shield, fewer storage locations to secure, and fewer opportunities for data breaches or security lapses.
The More You Collect, the More It Costs
In ediscovery, data volume translates to costs. The more data you have entering the top of your ediscovery funnel, the greater amount you’ll pay to process, review, analyze, and ultimately produce that data. Not only does more data translate to higher processing and review costs, but it also results in higher routine expenditures for data storage and transfer.
But wait, there's more, as every security risk carries with it an implicit cost. Should your organization suffer a data breach, the cost of that exposure—in dollars and reputational damage—springs directly from the amount of exposed data.
So, Should You Preserve in Place or Collect to Preserve?
The bottom line for controlling the cost of ediscovery is to diligently limit data volume where possible and avoid collecting data you don’t need. That likely requires a combination of preserving data in place and collecting to preserve data that you might otherwise lose.
When you do collect data to preserve it, how can you minimize security risks and control costs?
For starters, by collecting one copy of data and storing it in a safe, protected repository, you can effectively minimize security risks while controlling your outlay. It bears repeating, the more you engage in daily collections or data syncs—creating multiple copies of your Slack messages to ensure that you've preserved information for ediscovery—the more risky and expensive your Slack ediscovery will become.