November 10, 2014


A legal hold is a written directive issued by attorneys instructing clients to preserve relevant evidence – such as paper documents and electronically stored information – in an anticipated litigation, audit, or government investigation. However, as businesses increasingly store data in electronic formats, it’s becoming ever more important to be able to manage, preserve, classify, and search electronically stored information (ESI).

A legal hold includes the following steps:

  • Issuing a written hold notice
  • Identifying the right stakeholders
  • Coordinating data identification and preservation
  • Monitoring the implementation of the hold

Who Needs to Comply

Any organization that can potentially come under litigation should educate employees on the company’s legal hold policy as well as how to respond to any legal hold notice they may receive. When a legal hold is issued, attorneys should ascertain that the recipients listed in the legal hold understand their responsibilities. Also, working within the organization’s legal framework, attorneys and the IT Department will take all appropriate steps to retain and preserve ESI.

Risks in Non-compliance

When evidence is destroyed, lost, or altered, the ramifications can be detrimental as it becomes virtually impossible to prove or defend a case. An organization’s failure to prevent spoliation of evidence can result in court-ordered sanctions as well as fines, especially if ESI is found to have been destroyed because a legal hold was not effectively carried out.

Below are consequences and regulations set forth by each association and regulating party.

Title 18 of United States Code Sections

Under Title 18 of United States Code Sections, the individual responsible will be fined and/or face jail time.

“Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both.” 18 U.S.C. Sec. 1519.

Federal Rules of Civil Procedure

Under Federal Rules of Civil Procedure Rule 37 possible sanctions are as follows:

  • dismissal of the wrongdoer’s claim
  • entering judgment against the wrongdoer
  • imposing fines on the wrongdoer

How Varonis can help with Legal Hold

1. Finding Evidence

DatAnswers maintains an index so that files containing specific terms can be found at any time.

The Varonis IDU Classification Framework is a data classification engine that can incrementally scan file servers and intranets for documents based on a multitude of criteria: keywords, patterns, date created, date last accessed, date modified, user access, owner, and many more, making it possible for IT to find and preserve relevant evidence.

The IDU Classification Framework is efficient and performs true incremental scans, knowing exactly which files have been modified and require rescanning without checking every single location.

The IDU Classification Framework is an automated classification engine. It does not rely on users to manually flag or tag data (though that is possible). It classifies data across multiple platforms (Windows, NAS, SharePoint, etc.).

Also critical to preserving evidence, DatAdvantage can identify and locate all ESI, show which users and groups have access, and provide an audit on all ESI, such as when the file, directory services object, and email was open, edited, deleted etc.

2. Holding Evidence

Once relevant evidence has been found by the IDU Classification Framework, the Varonis Data Transport Engine can automatically migrate or copy documents into a secure location designated for legal hold where the files cannot be modified or deleted.

Brintons Carpets selects C24 as their strategic hosting partner

October 28, 2014

Birmingham, West Midlands, 28th October 2014 – Brintons Carpets Ltd are the world’s leading manufacturer of high-quality woven carpets and have selected C24 to be their strategic hosting partner for the global delivery of their business critical applications. The solutions will see C24 deliver Epicor ERP systems, Microsoft Exchange and a variety of other applications from their tier IV datacentre.

Like many other growing enterprises, Brintons were reaching a turning point in their business and IT needed to transform to cope with new business demands. An increasingly complex IT environment was making it difficult to manage a large technology infrastructure with the same resources, and Brintons recognised that in order to keep providing such high levels of service to their customers, they would need to re-evaluate their existing IT platforms to ensure they still fulfilled the needs of the business. Brintons also identified the importance of working with a true partner; as technology is so central to the services that Brintons delivers globally, they needed a strategic hosting partner that could offer flexibility and scalability for their operations.

C24 partnered closely with Brintons application providers to deliver a holistic and simple to manage solution that would help solve some of the challenges faced by an evolving business. C24 recognised that the smooth delivery of the enterprise hosting solution to Brintons was an ability to partner seamlessly with Brintons’ own IT team and third party providers involved in the overall solution.

Sarah Goode, IT Manager at Brintons Carpets, commented, “As a mid-market business, finding a hosting partner with the right skills who have an understanding of both the applications and the supporting infrastructure wasn’t easy; C24 showed a true understanding of both areas but just as importantly, they are willing to work closely with us to deliver our desired business outcomes.”

David Ricketts, Head of Marketing at C24, commented, “Brintons Carpets is one of the UK’s most recognisable brands, with a history of delivering the very best quality for organisations across the globe. For us at C24, the opportunity to work with them; delivering their critical applications to sites across the world, specifically across the UK, Europe, Asia, USA and Australia, highlights how far we have come as a hosting business. The team are really looking forward to delivering on their high expectations over the coming three years.”


About Brintons Carpets Ltd

Brintons has been making British carpets in Kidderminster for 230 years, focusing on delivering superior quality. Proud of their phenomenal British heritage, their 1400 employees worldwide help to create a quality product and global brand.

About C24 Ltd

C24 Ltd is one of the UK’s leading specialist Managed Hosting providers. Working with businesses all over the globe, the company manages, secures and delivers critical business applications to over 100 countries globally. Solutions are tailored to each business and range from traditional email hosting to secure back-up and managed hosting of Enterprise Resource Planning (ERP) solutions, business productivity applications and high availability disaster recovery.

Press Contact

David Ricketts, Head of Marketing, C24 Ltd, / 0121 550 4569


October 23, 2014

During a recent visit to Brazil, I encountered many customers and partners who faced a similar challenge – providing their clients with a safe, secure and genuinely easy way to share files and collaborate with data.  All faced a number of barriers and none were happy with the current offerings of cloud based file sharing solutions.  Generally speaking:

  • All required a secure way to share files with internal and external people– partners, vendors and employees
  • All tried to block access to file sharing sites and no one thought they were successful in doing so
  • All were concerned about the additional resource requirements to manage and control cloud file shares
  • Many wanted the same user experience and processes  for internal  and external collaboration
  • Not one had a plan to fulfill these requirements
  • All were required by the business areas to provide a solution in the near term

The following 5 criteria summarize their requirements, which are not currently fulfilled by cloud based file sharing solutions:

1. Ongoing guarantee of rightful access

Customers clearly state that the security of cloud based file sharing solutions is a primary concern.  They require a comprehensive audit trail of all usage activity, the ability to ensure permissions are granted and revoked at the appropriate times by the appropriate people, and the ability to develop different profiles for different data and people based on data sensitivity, customer location, and role.

2. Ability to leverage existing infrastructure and processes

Customers want to leverage their existing infrastructure and processes instead of purchasing a new solution, and have no wish to reinvent their processes for managing data on a third-party cloud solution.  Customers have processes and applications to perform backup, archival, provisioning and management of existing infrastructure, and they are confused about how to perform these functions within a cloud-base file sharing solution.

3. Ensuring Reliability with Accountability

IT organizations have defined service levels for their internal clients,  and are accountable for the delivery of each service. If they don’t deliver, there is no question about whose responsibility it is.  Service levels associated with cloud based file sharing must be negotiated like other third party services – there are typically few guarantees of performance and remedies for non-performance are limited.

4. Providing an intuitively simple user experience

Regardless of the solution, IT Managers are very concerned about a new user experience for their clients.  Most indicate that a different user experience will require training, impact the number of calls for support, and reduce productivity at least temporarily.  Ultimately, IT Managers would like leverage the user experience that their user population has already mastered.

5. Predictable expense

Typical cloud based file sharing solutions are priced based on amount of storage— storage requirements often grow at a surprising rate. Customers may need to negotiate storage costs with cloud providers on an ongoing basis.


October 14, 2014

To get a sense of where the PCI Data Security Standard (DSS) is heading, it helps to take a look beyond the actual language in the requirements. In August, PCI published a DSS 3.0 best practices document that provided additional context for the 12 DSS requirements and their almost 300 sub-controls. It’s well worth looking at. The key point is that PCI compliance is not a project you do once a year just for the official assessments.

The best practice is for DSS compliance to be a continual process: the controls should be well-integrated into daily IT operations and they should be monitored.

Hold that thought.

Clear and Present Dangers

One criticism of DSS is that it doesn’t take into account real-world threats. There’s some truth to this, though, the standard has addressed the most common threats at least since version 2.0—these are the injection style attacks we’ve written about.

In Requirement 6, “develop and maintain secure systems and applications,” there are sub-controls devoted to SQL and OS injection (6.5.1), buffer overflows (6.5.2), cross-site scripting (6.5.7), and cryptographic storage vulnerabilities (6.5.3)—think Pass the Hash. By my count, they’ve covered all the major bases—with one exception, which I’ll get to below.

The deeper problems are that these checks aren’t done on a more regular basis—as part of “business as usual”—and the official standard is not clear about what constitutes an adequate sample size when testing.

While it’s a PCI best practice to perform automated scanning for vulnerabilities and try to cover every port, file, URL, etc., it may not be practical in many scenarios, especially for large enterprises. Companies will then have to conduct a more selective testing regiment.

If you can’t test it all, then what constitutes an adequate sample?

This question is taken up in some detail in the PCI best practices. The answer they give is that the “samples must be sufficiently large to provide assurance that controls are implemented as expected.” Fair enough.

The other criteria that’s supposed to inform the sampling decision is an organization’s own risk profile.

Content at Risk

In other words, companies are supposed to know where cardholder data is located at all times, minimize what’s stored if possible, and make sure it’s protected. This information then should guide IT in deciding those apps and software on which to focus the testing efforts.

Not only should testing be performed more frequently, it’s also critical to have a current inventory, according to PCI, of the data that’s potentially hackable—let’s call it data at risk—and users who have access.

For Metadata Era readers, this is basically the Varonis “know your data” mantra. It becomes even more important because of a new attack vector that has not (yet) been directly addressed by PCI DSS. I’m referring to phishing and social engineering, which has been implicated in at least one of the major retail incidents in the last year.

Unlike the older style of injection attacks that targeted web and other back-end servers, phishing now opens the potential entry points to include every user’s desktop or laptop.

Effectively, any employee receiving a mail—an intern or the CEO­­—is at risk. Phishing obviously increases the chances of hackers getting inside and therefore raises the stakes for knowing and monitoring your data at all times, not just once a year.


October 7, 2014

During this past year, we’ve been reminded (too) many times that data breaches are costly and damaging to a company’s reputation. According to the Ponemon Institute’s 2014 Cost of Data Breach Study, the average total cost of a data breach—which can include credit monitoring, legal fees, remediation, and customer loss—for the companies who participated in the research report increased 15%, to $3.5 million USD. Also, the average cost paid for each lost or stolen record containing sensitive and confidential information increased more than 9% from $136 in 2013 to $145.i In short: failure to protect sensitive data has a quantifiable cost, and the theft of that data has bottom line implications. However, are C-level execs viewing files and emails containing customer records and other sensitive information as bits and bytes on a disk, or do they view them as piles of unprotected cash?

Unfortunately, it has been much more of the former, based on the huge data heists of the last year. The tide, though, may finally be changing. Here’s what HP CEO Meg Whitman had to say about the cloud, security, and Big Data:

“When I am with my fellow CEOs…these are three areas that me and my colleagues are worried about…Every CEO lives in fear of a Big Data breach, loss of data, a hack into the system that compromises our company’s reputation. And reputations take years and years to build and can be destroyed overnight.”

Our guess is that executives will have no choice but to join Ms. Whitman and start weighing the potential impact of data loss and how it can evaporate years of trust and brand equity in a heartbeat.

Unsure if your environment is well-protected? Get a free 30 day risk assessment! Varonis will show you where your sensitive content is, who has access to it, and more.


Specialist Legal Application Hosting Provider, C24, showcases the latest in business intelligence software to Legal Firms.

October 1, 2014

C24, an Applications Hosting Provider, showcased their Business Intelligence analytics platform, BI24, to legal firms at the Alternative Legal IT Conference 2014 earlier this month.

Held annually at the Belfry in Sutton Coldfield, leading technology suppliers to the UK Legal sector were present to meet with law firms and demonstrate how the sector could benefit from next generation technology solutions.

C24′s Business Intelligence analytics platform was on display, with C24′s technical specialists offering live demonstrations to clients throughout the day. Demos included showing how legal firms were using their internal data to understand how they could achieve savings across Work In Progress cases, who their top fee earners were and general fee trends and operational statistics to help make better business decisions, amongst many other topics. BI24 is a business analytics platform that centralises data and information and provides search engine functionality across the entire organisation, and is particularly helpful to legal customers who require holistic visibility of client and internal operations.

C24 has worked with numerous legal clients to deliver innovative business intelligence and hosting solutions. A recent win at Wright Hassall, a leading UK law firm, uncovered a number of challenges common to the legal sector, such as increasing demand from clients for more granular visibility of case activities and the need to drive further efficiencies across the organisation.

Martyn Wells, IT Director at Wright Hassall LLP, commented, “Expedient and insightful analytics are now essential in an industry where data hungry clients demand precise and granular views of activities conducted on their behalf. It is becoming increasingly clear that the days of monolithic data warehouse are over, and we sought a much more contemporary and agile solution; one that our users would understand and use intuitively.”

David Ricketts Head Of Sales and Marketing at C24, commented “C24’s on-going focus on the legal sector means that we are continually developing a significant portfolio of legal and professional services clients, and events like the Alternative Legal IT Conference and the Thomson Reuters Vantage Show enable us to connect directly with our legal clients and showcase the next generation technology in the law industry. The response to the business intelligence demonstrations using live data that we delivered at the show was fantastic and we are already speaking to a number of large law firms about how they too can benefit from increased visibility and business insight across their organisation”.

About C24
C24 is an enterprise applications hosting provider based in the West Midlands, delivering infrastructure hosting, business intelligence software and document management capabilities to clients across the globe. C24 works closely with key technology vendors and partners to deliver best of breed private cloud hosting solutions to customers, and is a HP Cloud Agile Service Provider Partner and a Microsoft Gold Hosting Partner.

Wearable Quadcopter Drone Makes for Next-Level Selfies

September 30, 2014

Nixie, the work of team leader Christoph Kohstall, project manager Jelena Jovanovic, and team member Michael Niedermayr, is a flexible, lightweight quadcopter designed to be worn on the wrist until needed. As Kohstall explains in the project’s finalist introduction video, “you should be able, with a gesture, to tell the quadcopter to unfold. Then, it’s going to take off from your wrist,” and, with guidance from its Intel Edison chip, “it knows where you are, it turns around, [and it] takes a picture of you.” When the user is satisfied with the shoot, Kohstall adds, the gadget “comes back; you can catch it from the air, and put it back on your wrist.”

A range of camera-equipped quadcopters have been on the market for some time, but Kohstall realized, with the help of his team, that the next step toward convenience and an improved user experience would be making a quadcopter drone wearable. In the team’s videoed interview, Jovanovic remembers early brainstorming moments:

Christoph came over one day, and he said, ‘I have a new idea for a quapcopter. And he looked at me with this mischievous grin, and he said, ‘I want to make your quapcopter wearable.’ And I thought, what?

The other wearable finalist projects include an “emotional prosthesis” gadget, an open (source) bionic hand and even an infant-monitoring chip called Babyguard. The ten teams of young entrepreneurs and developers selected as finalists are now developing their proposals into working, marketable prototypes with Intel’s help. Winners will be announced during the project’s final event on Nov. 2 and 3, with just one team claiming top honors and the $500,000 Make It Wearable Grand Prize.


Get every new post delivered to your Inbox.

Join 856 other followers