The eDiscovery Paradigm Shift: Results of the 2012 eDSG Investigation of Cloud Service Providers and eDiscovery

Over the past 90 days I have been investigating how Cloud Service Providers (CSPs) and their clients are managing eDiscovery and Information Governance in the CSP clouds. I interviewed and studied the public policies of over 60 CSPs and also talked to the general counsel, IT executives and business line managers of over 50 global 2000 organizations that were currently utilizing a CSP, 25 organizations that were considering utilizing a CSP and 10 organization that were not currently utilizing or considering utilizing a CSP.

The results of this investigation are as follows:

THE STATISTICAL RESULTS

Understanding of eDiscovery?

I asked the participants if they understood the general requirements and practice of eDiscovery.

95% of the CSPs indicated and proved throughout the interview that they did not.
98% of the general counsel from the global 2000 indicated that they did.
65% of the IT executives from the global 2000 indicated that they did.
90% of the business line managers from the global 2000 indicated that they did not.

Understanding of Information Governance?

I asked the participants if they understood the general requirements and practice of Information Governance.

75% of the CSPs indicated and proved throughout the interview that they did not.
95% of the general counsel from the global 2000 indicated that they did.
85% of the IT executives from the global 2000 indicated that they did.
75% of the business line managers from the global 2000 indicated that they did not.

Global 2000 eDiscovery Policy for Electronically Stored Information (ESI) stored with a CSP?

I asked the global 2000 participants if they had an eDiscovery policy for Electronically Stored Information (ESI) stored with a CSP.

90% of the general counsel from the global 2000 indicated that they did not.
90% of the IT executives from the global 2000 indicated that they did not.
99% of the business line managers from the global 2000 indicated that they did not.

CSP eDiscovery Policy for Clients?

I asked the CSP participants if they had an eDiscovery policy for their clients.

98% of the CSPs indicated and proved throughout the interview that they did not.

Global 2000 Information Governance Policy for Electronically Stored Information (ESI) stored with a CSP?

I asked the global 2000 participants if they had an Information Governance policy for Electronically Stored Information (ESI) stored with a CSP.

92% of the general counsel from the global 2000 indicated that they did not.
75% of the IT executives from the global 2000 indicated that they did not.
99% of the business line managers from the global 2000 indicated that they did not.

CSP Information Governance Policy for Clients?

I asked the CSP participants if they had an Information Governance policy for their clients.

98% of the CSPs indicated and proved throughout the interview that they did not.

Consider eDiscovery When Choosing a CSP?

I asked the global 2000 participants if they considered eDiscovery when choosing a CSP.

100% of the general counsel from the global 2000 indicated that they did not.
99% of the IT executives from the global 2000 indicated that they did not.
100% of the business line managers from the global 2000 indicated that they did not.

Consider Information Governance When Choosing a CSP?

I asked the global 2000 participants if they considered eDiscovery when choosing a CSP.

100% of the general counsel from the global 2000 indicated that they did not.
99% of the IT executives from the global 2000 indicated that they did not.
100% of the business line managers from the global 2000 indicated that they did not.

Does Your CSP Organization consider eDiscovery to be a Client's Issue?I asked the CSP participants if they consider eDiscovery to be a Client's Issue?

100% of the CSPs indicated and proved throughout the interview that they did.

Does Your CSP Organization consider Information Governance to be a Client's Issue?I asked the CSP participants if they consider Information Governance to be a client's Issue?

100% of the CSPs indicated and proved throughout the interview that they did.

Would You Consider an eDiscovery Offering as a Key Competitive Advantage?

I asked the participants if they would consider eDiscovery to be a key competitive advantage.

25% of the CSPs indicated and proved throughout the interview that they did not.
75% of the general counsel from the global 2000 indicated that they did.
85% of the IT executives from the global 2000 indicated that they did.
90% of the business line managers from the global 2000 indicated that they did.

Please note that I believe that by the time I got this part of the interview that many of the participants were beginning to understand the value of an eDiscovery and/or Information Governance offering by CSP and therefore this new found understanding may have influenced their answers.

Would You Consider an Information Governance Offering as a Key Competitive Advantage?

I asked the participants if they would consider eDiscovery to be a key competitive advantage.

25% of the CSPs indicated and proved throughout the interview that they did not.
75% of the general counsel from the global 2000 indicated that they did.
85% of the IT executives from the global 2000 indicated that they did.
90% of the business line managers from the global 2000 indicated that they did.

I asked the global 2000 participants if they had experienced an eDiscovery event with aCSP.

45% of the general counsel from the global 2000 indicated that they did.
55% of the IT executives from the global 2000 indicated that they did.
5% of the business line managers from the global 2000 indicated that they did.
90% of the business line managers from the global 2000 indicated that they were not sure.

Experienced an Information Governance Event with a CSP?

I aksed the global 2000 participants if they had experienced an Information Governance event with aCSP.

45% of the general counsel from the global 2000 indicated that they did.
55% of the IT executives from the global 2000 indicated that they did.
5% of the business line managers from the global 2000 indicated that they did.
90% of the business line managers from the global 2000 indicated that they were not sure.

COMMENTS

Without having to source any of the statistics on the accelerating increase in the amount of ESI that is being moved to the cloud, it is sufficient to assume that this trend is just beginning and will continue for the foreseeable future. As such, the requirements for eDiscovery and Information Governance of this ESI will also be increasing for the foreseeable future. Therefore, it is a strategic mistake for either CSPs or their clients to not be considering how this ever increasing volume ESI (in the CSPs cloud) is going to be identified, harvested, analyzed and process for the purpose of eDiscovery and Information Governance.

Given my position as stated in the previous paragrph, it is an understatement to say that after about the first 2 weeks of these interviews, I was shocked to learn that most of the executives from the CSPs didn't really even understand the significance of eDiscovery and Information Governance and as a result had nothing implemented nor anything in their product road maps to support eDiscovery or information governance.

As an attempt to be fair and, even though I don't agree, it is at least somewhat understandable that the CSPs that consider themselves to be providers of Infrastructure-as-a-Service (IaaS) only, support for eDiscovery and Information Governance may in fact be outside their legacy offerings. However, I am stunned at the lack of understanding and interest for eDiscovery and/or Information Governance among the CSPs that are offering general cloud storage or Platform-as-a-Service (PaaS).

I was also very disappointed to learn that most of the executives from the global 2000 organizations that I interviewed did not consider support for eDiscovery and Information Governance as a criteria for choosing a CSP.

RECOMMENDATIONS

Based upon the results of this investigation along with my associated experience with the policies, technologies and best practices available to support eDisocvery and Information Governance in the cloud, my recommendation for CSPs and any organization that is planning to utilize a CSP is a follows:

Cloud Service Providers (CSPs)My recommendations for CSPs is as follows:

Develop an internal understanding and experience of eDiscovery and Information Governance.
Talk to your prospects and clients about their eDiscovery and Information Governance requirements.
Educate and train all customer facing personnel on the importance of eDiscovery and Information Governance and how your organization plans to support it.
Develop a public policy for supporting eDiscovery and Information Governance.
Form partnerships with eDiscovery and Information Governance technology providers and consultants as part of your offering.
Leverage and eDiscovery and Information Governance offering as a key competitive advantage.

Prospects and Clients of CSPs

My recommendation for prospects and clients of CSPs is as follows:

Encourage collaboration in regards to eDiscovery and Information Governance between general counsel, IT and business line managers.
Develop a eDiscovery and Information Governance policy for ESI stored with CSPs.
Develop a set of eDiscovery and Information Governance support criteria for choosing a CSP.
Don't accept an answer of "we don't support eDiscovery and/or Information Governance" from a CSP.

PREDICTIONS

The CSP target market is going to start demanding support for both eDiscovery and Information Governance. And, those CSPs that offer it will indeed have a key competitive advantage over those that do not. The results could spell a signficant reshuffling of the current major players in CSP market.

The eDiscovery Paradigm Shift

Wednesday, March 7, 2012

Results of the 2012 eDSG Investigation of Cloud Service Providers and eDiscovery

No comments:

Post a Comment