Archive & Data Protection

    What Is E-Discovery and Why Does Your Organization Need It?

    E-discovery is essential for businesses operating in a world of heightened compliance and legal risks. Learn what it is and how it works.  

    by Daniel Argintaru

    Key Points

    • E-discovery is the process of finding and sharing electronically stored information to be used as evidence in a legal or regulatory procedure.
    • Its importance cannot be overstated as companies face lawsuits and compliance risks amid a deluge of data. 
    • E-discovery software has democratized the discovery process for businesses of all sizes, allowing companies to take data management in-house while reducing complexity and costs.


    Businesses today have no choice but to formalize their data management. Consumer privacy laws like California’s Consumer Protection Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR) mandate that companies properly store customers’ personal data and delete it upon request, or risk stiff penalties. At the same time, a rise in workplace litigation has made rapid access to corporate data a necessity as companies could face legal action at any moment. 

    And then there’s the deluge of data businesses must manage, especially with more employees working remotely via email and collaboration platforms. Companies face a major challenge in tracking, monitoring, and formally archiving the messages, shared files, recordings, and other components of these communications. 

    That’s where electronic discovery (e-discovery) comes in. Advances in e-discovery software from companies like Mimecast have made these solutions accessible to businesses of all sizes, helping them gain control over their email archives and data from cloud collaboration platforms.

    What Is E-Discovery?

    Electronic discovery, or e-discovery, is the process of finding, reviewing, and exchanging digital information to be used as evidence in legal procedures. It is implemented in the early stages of litigation, when businesses are required to provide all data and records that could be relevant to their case and potentially used as evidence. 

    E-discovery software is used to find all forms of electronically stored information (ESI). ESI includes emails, audio and video files, SMS and instant messages, employee device data, website data, social media posts, Excel spreadsheets, database records, and any other electronic data source that legal counsel could deem relevant.

    Today, email and information shared over collaboration platforms like Microsoft Teams and Slack have become a prime target in legal proceedings, since these communications are often less formal than written documents and therefore more revelatory.  

    The E-Discovery Process 

    E-discovery is a multi-stage process that begins as your organization is facing a regulatory investigation or legal case and ends once the electronic evidence you’ve shared is presented in a trial, hearing, or arbitration. Legal and IT teams work together on the process, which usually involves the following six steps:

    1. Identification: In this initial phase, attorneys or regulators identify the electronic information they need and make the appropriate e-discovery requests. This is also the moment when organizations can challenge requests for ESI that they feel lies outside the scope of a legal case.
    2. Preservation: Once the potentially relevant data has been identified and any challenges have been addressed, it is placed under a legal hold. This ensures that neither party destroys ESI during the e-discovery process. If one party does spoil data on legal hold and compromises the case, it may face significant fines or sanctions. 
    3. Collection: Next, the company must collect and centralize all potentially relevant ESI for processing. Contents and key attributes need to remain unaltered during the collection phase, so that the data remains legally defensible (i.e., holds up in court). 
    4. Processing: Processing involves the cleaning up and preparation of ESI for review by legal counsel. Organizations often use software for this phase, which includes the deletion of unnecessary files and conversion of electronically stored information to universal formats like PDF, to ensure it is processed efficiently and accurately before review.
    5. Review and Analysis: The review of ESI for legal relevance is a detailed and complex process. This is also the phase when files are assessed for attorney-client privilege, which excludes them from being admissible in court. Organizations traditionally outsourced the review and analysis phases of e-discovery to external legal counsel, which also made it costly, but increasingly powerful e-discovery software has made it feasible for in-house teams to handle the task.
    6. Production: Once deemed relevant, the ESI is exchanged with opposing legal counsel for use as evidence in the legal proceedings to come. This transition from data review and preparation to its use in court marks the end of e-discovery and beginning of the next phase of litigation.

    Why is Electronic Discovery Important for Your Company?

    E-discovery requests are on the rise and as organizations become more heavily regulated by government bodies concerned with cybersecurity, the importance of eDiscovery should not be underestimated. E-discovery is driving the deployment of archiving systems and carries significant implications for how organizations retain, store, and manage their electronic content. Failure to properly manage e-discovery will negatively impact organizations through increased management and regulatory response costs as well as potential brand and reputation damage.

    Why Do Some Organizations Struggle with E-Discovery?

    There are numerous reasons organizations struggle with e-discovery. The biggest issue is that unlike written documents, ESI exists in multiple forms, from email attachments to Zoom video call recordings. Tracking and archiving all this data in a consistent way is no small task. 

    Adding to this burden is the challenge of employees using their personal devices and public Wi-Fi networks to stay productive while working remotely, which accelerates the creation of data and raises a host of new governance issues. Spyware is of particular concern for security and legal teams, with attackers now able to embed malicious code directly on people’s mobile phones to infiltrate their organizations’ IT network and steal its data.

    Another difficulty is that many organizations still treat e-discovery as an afterthought. Like a dormant beast, it only gets the attention of legal and security teams when the organization comes under fire from regulators or plaintiffs. Rather than being prepared with a structured approach to e-discovery and a clear audit trail software, these organizations find themselves scrambling to identify and produce all relevant ESI under a deadline. 

    One of the biggest barriers to effective e-discovery is employee training. Teams must understand the importance of rigorous data archiving, as well as the legal and financial stakes if they cannot respond to an e-discovery request. To minimize human error, train employees to handle data responsibly, be mindful of what information they share over email on their personal devices, and avoid tampering with data once it is stored. 

    E-Discovery Best Practices

    The aims of bringing e-discovery in-house are two-fold. The first is to help organizations respond to requests quickly, effectively, and accurately. The second is to maintain data compliance and governance while driving down costs

    Organizations that choose to bring their e-discovery operations in house should consider the following principles to manage their data responsibly and stay on top of legal and regulatory requests, if and when they come.

    • Archive in the cloud for visibility and control. With organizations generating more ESI every year, they cannot afford to let e-discovery requests overwhelm their IT systems to the point where they cannot respond to requests in a timely manner. Archiving data and running e-discovery software in the cloud simplifies the process by eliminating challenges related to scale and giving companies visibility across all their ESI in a single location. As a bonus, this allows businesses to handle identification, preservation, collection, and review in-house rather than relying on expensive third-party suppliers.
    • Drive employee awareness to reduce risk. Whether they are being careless or simply distracted, employees represent an enormous compliance risk for every organization. It is not enough to tell employees to be careful with data. They need end-to-end awareness training, especially those in departments that manage their organization’s most sensitive and legally relevant data.
    • Ensure email continuity. Business continuity is a key aspect of compliance today. Even when facing a full-scale cyberattack, organizations must be able to access emails and other ESI in the event of an e-discovery request. Consider an immediate failover solution to ensure email keeps flowing even if a cyberattack takes systems down.
    • Simplify compliance through automated retention. The only constant in the world of regulation is change. From American regulators like the Securities and Exchange Commission to global bodies like the European Commission, the rules governing the archival, use, and sharing of data are always evolving. A prudent way to simplify company-wide compliance is by automating the execution of your retention policies.   

    Choosing the Right E-Discovery Solution for Your Company

    Choosing the right solution for your organization can be very important. Time is of the essence when it comes to meeting regulatory deadlines and ensuring your organization is ready to not only respond to inquiries, but properly manage all electronic data.

    Organizations should seek out a solution that offers:

    • A 100% cloud solution that enables organizations to scale easily as data needs grow. 
    • A single online data repository that consolidates email, files, IM messages and other ESI for comprehensive E-Discovery. 
    • Tools for in-house identification, preservation, collection and review. 
    • Fast search capabilities to speed data retrieval. 
    • Automated culling to significantly reduce third-party costs. 
    • Self-service features that enable legal and compliance teams to manage E-Discovery without help from IT. 
    • Case management features that streamline processing, review and analysis. 
    • Capabilities for centrally managed and rapidly deployed litigation holds. 
    • Tools for early case assessments. 
    • Multi-layered defenses against cyberattacks and loss of data availability. 
    • Comprehensive data retention policies that enable in-depth control over data purge requests by clients for compliance with GDPR and other regulatory environments.

    The Bottom Line

    E-discovery is a complex but necessary capability when running a modern organization, but it doesn’t have to be overwhelming. New software solutions have democratized e-discovery for all organizations. By adding strict data controls and employee awareness training, organizations can handle growing volumes of data and take e-discovery requests in stride. Learn how Mimecast can help.


    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Back to Top