#1 ExpenseWhy can’t you just use one of the free copy utilities?
When selecting a defensible E-Discovery collection tool it is important to invest the money in a product specifically designed for the job.
#2 File ValidationWhat hash verification is used during file copies?
Simple “drag and drop” copies and processes used in many free utilities do not provide the necessary file verification or chain of custody.
#3 Windows LimitationsCan the application detect files in “long paths” (>
255 characters) or Unicode (foreign language characters)?
There are several limitations when using MS Windows file copy and many free utilities on the market that can miss relevant information.
#4 Handling InterruptionsHow does your collection application handle network
outages, system restarts, and other unexpected interruptions?
Life, and Murphy’s law happens eventually! Being able to easily resume from an interruption determines if several hours (or days) are lost if you have to restart a job.
#5 ConsistencyCan the IT professional in charge of your collection
easily replicate specifications across multiple systems?
Often IT managers are required to use the same collection criteria for dozens, or hundreds of employees. Many tools don’t have an easy way to share jobs or determine irrelevant data locations as they change between client PC’s.
#6 Client System IntegrityDoes your collection software require installation, or
an agent to be placed on the target computer?
Many corporate and government agency IT departments have strict policies against introducing new software into the environment without a lengthy certification process.
#1 Self and Assisted CollectionsDo you have custodians in remote locations where
you need scripted or assisted collections?
Self-Collection kits are often used to reduce costs associated with onsite personnel and over collecting data.
#2 Keyword FilteringHas your legal counsel (or law firm client) agreed
on search terms for the collection?
Often keyword targeted collections are requested to reduce datasets and/or potentially privileged and confidential information.
#3 deNisting and DeduplicationDo you have a way to easily maintain the
current NIST list and use it during your collection?
Using hash lists from the NSRL or hash values from already collected data (deduping) can dramatically reduce your production and costs.
#4 Encrypted File DetectionAre you aware that encrypted files, and several
common image formats aren’t keyword searchable?
It is critical to use collection tools that can identify and copy non-searchable items during a keyword search. Otherwise, data will be missed.
#5 Email (PST/NSF) RegenerationHas a client produced dozens (or hundreds) of backup PST’s and you know there is a considerable amount of
duplicate data?
Create new (“regenerated”) mail store files after deduping, and filtering by other useful criteria (i.e. date range, accounts, and keywords) for space and cost savings.
#6 Remote (stealth) Job LaunchHow often do you need to collect files from a
custodian system undetected? Can you monitor interruptions from shutdowns?
Collection jobs can be remotely launched, and monitored while a custodian is still working. Review any exception logs and warnings.
#7 Email/Hold NotificationCan you execute collection jobs from a legal hold
message or email notification?
Custodians are often notified by email that files (i.e. documents, and email) related to a matter need to be preserved. Implementing seamless collection procedures is very beneficial.