Forget the glittering generalities of opinionated providers and professionals trying to champion a particular approach to eDiscovery at the exclusion of others. The reality is that on-premise and off-premise solutions delivered as part of both emerging and mature technology implementations are and will continue to be a fundamental piece of any eDiscovery software portfolio if an organization wants to address the areas of security, capability, complexity, and cost comprehensively.
Considerations for the Selection of eDiscovery Software
One of the ongoing topics in the area of eDiscovery software revolves around assertions and attestations on what is the optimal delivery model for achieving the best balance of security, capability, complexity, and cost in an eDiscovery software offering. On one end of the spectrum, there are champions of the on-premise approach whose argument centers around security and capability and highlights that ability to deal with complex data sets is more important than how long the software has been on the market. On the other end of the spectrum, there are champions of the off-premise approach, also known as the cloud-enabled approach, whose argument centers around the speed and cost benefits of self-service discovery supported by the economics of a public cloud infrastructure. Between the ends of this spectrum reside a variety of offerings that combine attributes of both on-premise and off-premise offerings to deliver unique solutions. So, how does one go about determining what might be the best offering to help them solve their on-going eDiscovery challenges? That is a great question and one without a single definitive answer. However, the following considerations may be helpful to eDiscovery professionals as they examine on-premise, off-premise, and combination software approaches with the goal of determining what the best-balanced solution might be for their needs.
Four Areas of Evaluation
Regardless of the type of delivery approach selected for the conduct of eDiscovery, there at least four attributes that should be considered in every solution selection. These attributes are:
- Security: Does the solution provide the level of data protection needed for your eDiscovery effort?
- Capability: Does the solution allow you to complete the basic tasks required for your eDiscovery effort?
- Complexity: Does the solution allow you to complete advanced tasks required for your eDiscovery effort?
- Cost: Does the solution address security, capability, and complexity in a cost-effective manner?
The ability to approach these attributes individually and collectively to find a solution that meets requirements, preferences, and budgets, ultimately determines whether an organization is successful from a legal, technological, and business perspective in the accomplishment of eDiscovery.
“Distrust and caution are the parents of security.” Benjamin Franklin
The security of data is fast becoming one of the most prominent and visible areas of concern in the selection of eDiscovery software solutions. With public examples of data security failures increasing in regularity and impact, it behooves any discovery solution decision maker to carefully consider how they manage this important risk factor and make decisions based on facts.
Control of data, applications, servers, storage, and network connectivity behind an organization’s firewall has traditionally been viewed as the most secure of available eDiscovery solution deployment options. In this on-premise security approach, an organization has complete control of data and all the elements that might act on the data in the course of eDiscovery. For organizations that have an established security infrastructure, on-premise offerings appear to be a safe approach to eDiscovery security as they minimize security risk through the exercise of direct control of data. The on-premise approach also seems highly desirable to many organizations sensitive to data transfer regulations and privacy requirements as it ensures they maintain a direct understanding of the physical location of data and have the ability to act on that data at all times. (1) From an acceptance standpoint, according to a recent eDiscovery industry report from the Aberdeen Group, organizations are 50% more likely to have an on-premise eDiscovery solution than a cloud-based one. (2) With these facts in mind, it seems reasonable to conclude that an on-premise approach to security is a safe method that is and should continue to be used by many organizations as part of their eDiscovery solution even in the face of growing acceptance of off-premise alternatives.
With the mainstream acceptance of cloud computing, the off-premise approach to delivering eDiscovery software is experiencing increasing in acceptance. This acceptance is based on many attributes, one being the evidence that off-premise offerings delivered via SaaS may be able to satisfactorily address many of the security requirements previously only achievable in on-premise offerings. (3) Reasons for this growing acceptance of cloud-centric eDiscovery solutions as secure on-premise alternatives include but are not limited to the following security elements:
- Sophisticated Encryption: The ability to encrypt data in various states of movement and rest.
- Security Experts on Staff: The availability of experts to continuously monitor and address security requirements.
- First Access to Emerging Technologies: The access to emerging technologies based on size and centralization of data.
These elements (4) of security are increasingly available in cloud offerings and are helping make the use off-premise eDiscovery solutions acceptable when viewed through the lens of security.
There are also different types of cloud implementations that may contribute to the overall security of a particular cloud-centric solution. There are pure public clouds that operate exclusively on a public cloud infrastructure and are delivered by companies such as Amazon, Microsoft, and Google. There are also private cloud solutions that combine the economic and access benefits of pure public cloud solutions with the added security of provider-owned resources that allow for determination of the exact physical location of data at any time. This ability to reach out and physically locate client data is a desirable security attribute of private clouds, especially in light of increasing regulatory and legal requirements around the disposition and disposal of personally identifiable information. (5)
Given the current state of security of most public and private cloud eDiscovery offerings, it seems reasonable to suggest that there are many appropriate cloud-based offerings from a solely security-centric perspective.
Regardless of on-premise or off-premise approach, there are always some areas of security concern that transcend delivery approach. One example of this type of security concern is the transfer of productions outside of the firewall or cloud-secured environment to requesting parties. However, there are also many ways to mitigate even this risk through the use of secure transfer protocols, encryption, and shared access to secure servers managed with role-based access. In fact, some vendors present this concern of data transfer security argument as a reason not to consider a solution when in fact the real reason the vendor highlights this risk is that getting data out of their system is incredibly time-consuming and they want to direct users to proprietary approaches that mitigate data transfer speed deficiencies. Said differently, when evaluating software provider arguments and objections to differing security concerns, make sure you accurately understand the cause of the concern as it may be more related to performance deficiencies than security deficiencies.
Quick Takeaway: Both on-premise and off-premise offerings may be sufficient to meet organizational security requirements. However, some approaches may mitigate security risk more comprehensively than others, so it is important to understand current and potential future security requirements when selecting eDiscovery software.
“Technology is a useful servant but a dangerous master.” Christian Lous Lange
Once the security of a potential solution has been considered, the next reasonable area of examination and evaluation is that of capability. Assessing capability is just determining whether or not a solution can accomplish the necessary tasks required in an eDiscovery effort. While there are not always discernible differences in the capabilities of on-premise and off-premise offerings, there are some characteristics to consider as they may be indicators of the ability of a solution to meet actual needs as opposed to perceived needs. Some of these characteristics include maturity, integration, and automation.
The maturity of an offering is important as it helps inform one on how long an offering has been in the market and if it might or might not contain the latest and most efficient technology to accomplish eDiscovery tasks. (6) However, maturity becomes a factor only when it contributes to the inability of a solution to perform the task for it is being asked to complete. If a mature solution is incapable of completing a task today based on lack of functionality or in the near-term based on discontinued support, then it might not be the most appropriate solution from a purchase protection perspective. On the other hand, if it works today and will be maintained in the future, it seems reasonable that the mature offering should not be excluded as a potential choice solely based on the time it has been available on the market.
When discussing maturity, many eDiscovery professionals often and wrongly categorize maturity as legacy and equate legacy with insufficiency. This generalization may be true in some cases. However, some of the most mature offerings in the marketplace today are still the most effective at accomplishing specific tasks. Given that some of the most mature offerings are on-premise, there may be situations where the most appropriate choice for a particular task might be accomplished with an on-premise solution. It is easy to react to the glittering generality of considering all mature technology as legacy and therefore not as good as newer offerings. However, make sure that judgment on capability is first and foremost on the ability of the offering to complete required tasks and not on the time an offering has been in the marketplace.
Integration of an offering is also an important selection characteristic as it may indicate the potential for time and cost efficiencies lacking in non-integrated solutions. For example, offerings that have internal or external technology integration points for ingestion, processing, and review tasks might be more desirable than non-integrated offerings. However, integration without appropriate capability is not acceptable as one cannot be successful in eDiscovery if one cannot perform required tasks.
Automation in eDiscovery should be considered in the same way integration is considered. If automation is available, then it may be desirable over non-automated solutions based on time and cost savings delivered in task completion. However, automation ceases to be important if the tasks being automated are unable to complete required tasks. An example of this would be the automation of ingestion and processing in an offering. Automation of these tasks may be beneficial for certain data types, but if the data types that need to be processed cannot be processed due to lack of system capability, then the time efficiencies of automation may be negated by the time required for manual processing.
Additionally, not all offerings are created equal in their capability to accomplish tasks on large volumes of data. This volume limitation on an offering’s capability is not one usually found in a provider’s software marketing materials or user’s guides, but it is usually well known by those who have implemented specific solutions that fall short in this capability. In fact, even some of the newer, cloud-based off-premise offerings fall short in this area, so short that they position their offering for best use in small and medium cases sizes. (7) This type of data volume capability limitation is becoming increasingly important as the challenge of increasing volumes of data is regularly noted as one of the top concerns of eDiscovery professionals. (8)
Quick Takeaway: In examining the capability of an offering, the first focus should be on its ability to accomplish required tasks. If it can complete required tasks, then it is reasonable to consider its maturity, integration, and automation as selection data points for comparison. Integration, especially external integration points with other offerings, should be a key consideration in offering selection as very few eDiscovery platforms can handle all eDiscovery challenges without the use of complementary platforms.
“Simplicity does not precede complexity, but follows it.” Alan Perlis
The ability of eDiscovery software to deal with data complexity such as being able to ingest and process an increasing number of data formats is one of the most important challenges faced by eDiscovery professionals today. In fact, according to the Summer 2017 eDiscovery Business Confidence Survey, almost 22% of 101 eDiscovery ecosystem respondents highlighted that the challenge of increasing types of data would have the biggest impact on their business during the next six months. (9) In facing this challenge, many organizations have employed a combination of software offerings, integrated through workflow, to address both non-complex and complex data in their discovery efforts. One example of this combinatorial approach to solving this specific challenge is to employ an off-premise, SaaS-based offering using a private cloud approach based on emerging technology and then leveraging an on-premise, mature eDiscovery processing engine to address volume and file format challenges not able to be addressed by the off-premise platform. This combination approach takes advantage of the speed and cost benefits of the cloud to deal with a majority of eDiscovery volume and file format challenges and the robustness of a mature on-premise offering to address complexity challenges presented by high volumes of data and an increasing number of file formats. While many software providers highlight the fact that their specific offering can handle all eDiscovery challenges, their assertion may have limits. Those limits being that it may take much more time to complete high volume and non-mainstream file format related requests than with the prudent approach of a combination of on-premise and off-premise offerings offering a balance of emerging and technology.
Quick Takeaway: With the complexity of many eDiscovery challenges, a combination of software solutions may be required to accomplish certain complex task requirements satisfactorily. These combinations of solutions may include on-premise and off-premise offerings working in a complementary fashion. Given that most organizations will face a degree of complexity at some point that cannot be solved by a single eDiscovery solution, it seems reasonable to make offering selections that do not prevent efficient interoperability with other platforms.
“In economics, one of the most important concepts is ‘opportunity cost’ – the idea that once you spend your money on something, you can’t spend it again on something else.” Malcom Turnbull
Budgetary constraints are a common hurdle for law firms and legal departments seeking to address the legal, technological, and business elements of eDiscovery. This economic constraint is compounded by the lack of consistency, predictability, and transparency in the pricing of many software offerings, regardless of whether they are on-premise or off-premise, or based on emerging or mature technologies.
As law firms and legal departments strive to select the best solutions for their particular eDiscovery challenges, it is important for them to be able to compare and contrast the pros and cons of different offerings. While many vendors publicly present detailed offering attributes regarding security, capability, and complexity, many do not share public information on pricing and pricing models. Given the fact that budgetary constraints continue to be one of the leading elements impacting the conduct of discovery, by publicly publishing pricing, vendors can help simplify the eDiscovery decision-making process by removing one of the most common concerns early in the evaluation process. That concern being “how much is this going to cost.” Additionally, just as many software providers seek to integrate the technology in their offerings to simplify discovery, prudent providers are now combining on-premise and off-premise pricing elements within their overall offering to simplify the software procurement process. An example of this pricing integration is the packaging of an overall solution that contains elements of both on-premise and off-premise offerings available for a prescribed timeframe at a single, understandable, and predictable cost.
Quick Takeaway: Given the fact that most eDiscovery software providers understand the cost of delivering their solutions to the market, it seems reasonable for those in the eDiscovery ecosystem to be able to request and expect to receive simplified pricing from providers. This simplified pricing should account for all elements of a software offering, regardless of whether it is on-premise, off-premise, or a combination of the two. Pricing should also be able to be provided for individual projects or time and volume defined subscriptions, trading length of user commitment for user cost benefits.
In navigating the glittering generalities presented by individuals and organizations seeking to influence eDiscovery software selection decisions, remember that there may be many right choices for your specific needs. Considering those choices through the lens of security, capability, complexity, and cost may help ensure that you not only make a right choice but make the best choice for your needs.
1 – Webber, M. (2017). You can’t data map forever – Top 10 steps to operationalise the GDPR – Privacy, Security and Information Law Fieldfisher. [online] Privacylawblog.fieldfisher.com. Available at: http://privacylawblog.fieldfisher.com/2017/you-cant-data-map-forever-top-10-steps-to-operationalise-the-gdpr/ [Accessed 22 Sep. 2017].
2 – Michael Caton (2017). Key Strategies to Improve the Performance of E-Discovery Teams. Aberdeen Research, p.2.
3 – Austin, D. (2017). Three Ways that eDiscovery is Safer in the Cloud: eDiscovery Trends – CloudNine. [online] eDiscovery Daily Blog. Available at: https://www.ediscovery.co/ediscoverydaily/electronic-discovery/three-ways-ediscovery-safer-cloud-ediscovery-trends/ [Accessed 22 Sep. 2017].
4 – Greetham, D. (2017). 3 Ways E-Discovery is Safer in the Cloud than On-Premise. [Blog] LinkedIn Articles. Available at: https://www.linkedin.com/pulse/3-ways-e-discovery-safer-cloud-than-on-premise-david-a-greetham [Accessed 22 Sep. 2017].
5 – Ico.org.uk. (2017). Overview of the General Data Protection Regulation (GDPR). [online] Available at: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/ [Accessed 22 Sep. 2017].
6 – Sullivan, C. (2017). 5 Reasons to Leave Legacy eDiscovery Software Behind. [online] Blog.logikcull.com. Available at: http://blog.logikcull.com/5-reasons-to-leave-legacy-ediscovery-software-behind [Accessed 22 Sep. 2017].
7 – Abramowitz, Z. (2017). An End To eDiscovery? A Conversation With Logikcull CEO Andy Wilson. [online] Above the Law. Available at: http://abovethelaw.com/2016/05/an-end-to-ediscovery-a-conversation-with-logikcull-ceo-andy-wilson/ [Accessed 22 Sep. 2017].
8 – Robinson, R. (2017). The Rise of Data Type Issues in eDiscovery: Six Issues That Impact eDiscovery Business Performance. [online] ComplexDiscovery. Available at: http://complexdiscovery.com/2017/08/26/the-rise-of-data-type-issues-in-ediscovery/ [Accessed 22 Sep. 2017]
9 – Robinson, R. (2017). Revenue Expansion or Erosion? eDiscovery Business Confidence Survey Results – Summer 2017. [online] ComplexDiscovery. Available at: http://complexdiscovery.com/2017/07/31/summer-2017-ediscovery-business-confidence-results/ [Accessed 23 Sep. 2017].