Categories

February 2012

Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29      

Archives

Twit List!

Law Student Resources

Disaster Recovery

June 30, 2011

#CalBar Solo & Small Firm Summit Recap

MP900439382 Yeah, I know.  The summit ended Saturday at noon.  It's been a busy week for me, but better late than never.  I had to skip the Thursday sessions, but arrived early Friday morning.  I was backing up another one of my LPMT colleagues in the tech lab, so between his presentations and mine, I didn't get to attend anyone else's sessions, which was a shame, because there were some good ones.  I did catch the bulk of Stephen Fairley's morning keynote on marketing and SEO.  I can only say this; the man is right on about what he was saying.  It was similar to the advice I received from my web guru, Clint Brauer.  Bottom line; if you're going to make a serious attempt at creating an online presence, you need to understand how your information will propagate to the 'web before you develop web sites, create accounts, etc.

I didn't know what to expect for my labs on disaster planning, but for both sessions (I did the identical presentation back-to-back) I had full houses.  The attendees asked a lot of good questions - which is the first indication they're not bored - and although we had some technical difficulties, I was able to illustrate how, in some cases, a few minutes is all it takes to create a basic backup strategy.

Day three, Saturday, I took in the morning keynote on "Multitasking Gone Mad", or, how the more we multitask, the less we accomplish.  Now, this was Irwin Karp presenting - who also preceded me on the LPMT committee - but I'll tell you, the idea of doing one thing at a time is something to strive for, but awfully hard to accomplish.

The second session should really make the eDiscovery people excited.  It covered hearsay (civil, for the most part), but guess what the starring attraction of most of the examples was?  Electronic evidence!  For example, the presenter showed a slide from a traffic camera of a car colliding with a truck at an intersection.  Another was a photo of a simple bar code (not a QR code, like the one you see on my right sidebar).  In both instances, the question was, is this hearsay?  As usual, the answer was, it depends on your jurisdiction.

The third session was one that eDiscovery professionals most likely wouldn't be attending.  It covered the activity up to and including the arrest of a client.  As you know, I also handle criminal cases, so again, this was a good refresher for me.

So, basically a quick in-and-out, and barring any changes to the schedule, my next presentation will be at Calbar's annual meeting in September.

Posted by Perry L. Segal at 01:28 PM in Backup & Recovery Systems, Cost, Criminal Liability, Disaster Recovery, Education, Implementation, Law Practice Management, Scope, Strategy | | Comments (0) | TrackBack (0)

June 16, 2011

Tips & Tricks: A Password-Protected PDA May Save your Bacon One Day

MP900405586 Remember this post from precisely three months ago?  Well, I'm here to tell you; lightning does strike twice - and I mean exactly!

I'm out of town - in the same place I was three months ago - and once again, my Blackberry was working fine this morning...then it wasn't.  It was virtually the identical problem to last time (frozen solid), except for two glaring differences; 1) I haven't made any modifications to the device in a while, so there wasn't any clue as to why this happened and, 2) (this is critical) I could get to my password screen and unlock the device.  I would also like to note that I have virus software and upon reboot, was able to run a sweep before the device froze again - no sign of any contamination.

So, I went over to the same retail outlet, where some of the same people tried to do the same thing (a software repair push).  Fail!  I basically told the techs (same as last time) "I don't care if you have to wipe it out, I have no problem restoring from backup." (Yes, I have a recent backup, just like last time).  I also told them, "Whether this works or not, I have to walk out of here with a working device."

But - just like last time - no love.  They couldn't wipe the device, either.  Now, here's where it gets ugly.  Last time they had a spare Tour in stock - this time, they didn't.  So, they offered to have a new one shipped to me via overnight courier.  Normally this would be completely reasonable.  Unfortunately this happened today, and on this particular day, this device must work.  I can't forward my cell number elsewhere because I'm out of town, on the go and I need to be reachable (is that even a word?)

This is where the password-protection comes in.  With a Blackberry (not familiar with how other PDAs handle this), when password-protection is enabled, a companion security setting automatically enables a 'doomsday' scenario - and you can't turn it off (unless you disable password-protection altogether).  That's right; it doesn't just fail to unlock the device - it allows you to select the number of incorrect passwords you'll allow (from 3-10), then if that threshold is reached, the device wipes itself out.  Even the techs at the store didn't know this.  So, as a last resort, I suggested, since the only thing that did work was the password screen, try repeatedly entering an incorrect password to trigger doomsday.  Even though the device was frozen otherwise, I hoped that enough of the O/S was running in the background that it might work.

SUCCESS!!!

Most of you know I tend to be vague about my devices, but most of you also have long since figured out my PDA is a Blackberry.  The reason I mention it this time is, I'm afraid I'm worn out with them.  Just like my clients, I cannot afford to have a primary device crashing for no reason.  I lost more than half a day resolving this in the short-term, but for the long-term, I'm switching to a Droid.

Posted by Perry L. Segal at 03:07 PM in Backup & Recovery Systems, Cost, Disaster Recovery, Security, Technology, Tips & Tricks | | Comments (0) | TrackBack (0)

Technorati Tags: , ,

May 11, 2011

e-Discovery California: Upcoming Presentations & Activities - May/June 2011

00443095
I thought it might be a good idea to share my presentation & conference schedule for the next couple of months...this will also explain why I haven't had as much time to post; I have deadlines!

May 17-18th:  As mentioned prior, I'll be attending LegalTech next week in downtown Los Angeles.  At the moment, I'm planning to attend both days.

June 1st:  I'm presenting a one-hour CLE for general credit at the Los Angeles County Bar Association Litigation Section Inn of Court, titled, "How to Lose an eDiscovery Case in 30 Days".  The synopsis:

"The steps you take in the first 30 days leading up to the initial 'Meet & Confer' can make or break your case.  This program will discuss what to do before, during and after to keep you on track."

June 24th:  I'll be making two one-hour CLE presentations in the computer lab (.5-hour general & .5-hour ethics credit, limited to 25 people per lab) at the California Bar's Solo and Small Firm Summit at the Anaheim Marriott, titled, "Earth, Wind, Fire, Flood & ESI: Disaster-Planning for the Law Office".  The synopsis:

"A ‘disaster' encompasses a lot more than you might think. The ‘physical' office is covered; what about the ‘virtual' office? If you suffer a catastrophic failure on Monday, can you be back in business Tuesday morning? Are there ethical issues? It's 2 am. Do you know where your data is?"

Hey, that's what I get for writing synopses at the last minute, late at night.  How many times do you think a tech-weenie like myself has used the line, "It's 2 am. Do you know where your data is?"  (Answer: Too many times!!!).

I'm sure Hillary Clinton thanks me.

 

Posted by Perry L. Segal at 03:38 PM in Backup & Recovery Systems, Disaster Recovery, e-Discovery California, Education, Law Practice Management, Strategy, Technology | | Comments (0) | TrackBack (0)

Technorati Tags: , , , , ,

April 27, 2011

EC2 Say, Amazon...Not So EC2 Do...

MP900425511

 

Folks, I'm not going to bag on Amazon.com too much for their Elastic Compute Cloud (EC2) failure; I'm sure they're getting enough flack from their customers.  However, this is why I dislike any absolute statements when we're dealing with this type of technology.  Technically, they're right.  You don't have to worry about the cloud.  You do have to worry about your cloud.

The cloud may have a backup plan for you.  Do you have a backup plan for your cloud?

Posted by Perry L. Segal at 03:50 PM in Backup & Recovery Systems, Cost, Disaster Recovery, Implementation, Strategy, Technology | | Comments (0) | TrackBack (0)

Technorati Tags: ,

April 07, 2011

Glossary of Excuses

MP900448581
Risk.  What is it, exactly?  Here are a few good definitions:

"The possibility of suffering harm or loss; danger."

"Product of the impact of the severity (consequence) and impact of the likelihood (probability) of a hazardous event or phenomenon."

"The quantifiable likelihood of loss or less-than-expected returns."

"The amount of statistical gamble that someone (usually management) is willing to take against a loss. That loss can for example be either in profits, reputation, market share, or franchise."

Ok...so, knowing that all of this is on the line, why do I keep hearing words like, "Underestimated", "Miscalculated", "Unexpected" and "Unanticipated" every time something goes wrong?

I'm unimpressed.

The latest is the crack (or should I say, sun roof) that appeared in the fuselage of a Boeing 737.  As either lawyers or techies, our miscalculations are bad enough, but when these people miscalculate (as in our previous study of Japan's nuclear mishap), other people die!

As a human being, I have to at least give Boeing credit for stepping up to the plate and publicly acknowledging their mistakes.  As an attorney?  Well...that's another matter, entirely.

A company I worked with many years ago hadn't implemented any disaster-planning.  When their catastrophic event occurred (prior to my arrival), they were essentially out of business for close to three weeks before the systems could be rebuilt.  In another incident, one of my direct reports was fooling around with an Exchange server and ended up accidentally deleting one of the accounts.  Too bad it happened to belong to the CEO...

Yep, disregarding risk may result in a death...but in our disciplines, it's more likely to be one of us!

Posted by Perry L. Segal at 02:57 PM in Backup & Recovery Systems, Cost, Disaster Recovery, Implementation, Law Practice Management, Management, Strategy | | Comments (0) | TrackBack (0)

Technorati Tags:

April 01, 2011

The Cloud: When it's Good, it's Very, Very Good - But When it's Bad...

I've been hearing a lot more pro-cloud chest-thumping lately.  One article basically said, "Fears of the cloud are overblown. You need to get off it!"

I don't think the creators of "Binky" would agree.

What I'd like to know is, were there backups?  If so, were those deleted, too?

Posted by Perry L. Segal at 07:37 AM in Backup & Recovery Systems, Cost, Criminal Liability, Disaster Recovery, Security, Technology | | Comments (0) | TrackBack (0)

March 30, 2011

Japan Epilogue: (Un)Safe Harbor: 10% x 50 Years = Prison?

MP900321207

We started with a premise:  A disaster has occurred.  What now

We segued into a limited examination:  Were we properly prepared?  Why or why not

Now, comes the all-too-familiar Watergate-esque finale:  What did we know; and when did we know it?

According to this comprehensive report, officials were warned that there was a 10% risk within a 50-year span of a tsunami swamping the protective barriers of the Fukushima Dai-ichi nuclear power plant - and disregarded it.  What result?

  • Human toll: incalculable
  • Environmental damage due to radiation contamination: incalculable
  • Damage to 'hard assets' (plant, equipment, etc): incalculable
  • Near-term cost to replace loss of % of daily supply of electricity to Japanese citizens: incalculable
  • Evacuation and relocation costs: incalculable
  • Current financial losses to shareholders of TEPCO: $30 billion dollars of market value
  • Errors and Omissions losses to insurance carriers: incalculable

I could go on, but you get the idea.  Now for the bad news.  That's not the worst of it.  How about:

  • Liability of executives, government officials, etc. for negligence.  I'm referring to all liabilities (i.e., not just financial issues), since some parties may enjoy sovereign immunity; but that doesn't address their political liabilities.
  • Liability of executives, government officials, etc. for criminal negligence.  Think that it isn't a distinct possibility?
  • Liability of corporate executives to their shareholders for massive losses due to lack of reasonable prudence.

You know what?  I have to stop now.  This feels ghoulish.

The point I'm making is, certainly, this is about as bad as a disaster gets, but we can all learn from it because there's only one item we need to change - scale.  Plus, the most important thing relevant to us in the real-life case study we're now seeing is what happens when we're wrong.

Worried eDiscovery clients always ask me how they're ever going to do everything right.  I tell them, there is no such thing.  It's impossible to anticipate everything, but as a rule of thumb, the fallback position is the basic negligence standard:

Knew, or should have known.

If they acted in good faith based on what they knew or should have reasonably anticipated at a given point in time - and present a defensible position as to why they acted - they'll likely preserve safe harbor.  Naturally, one can never completely account for the odd rogue judge.  The day all judges rule alike is the day I give a specific answer.  In the meantime, you do the best you can.

The key is in making sure you have the appropriate harbor pilot.

Posted by Perry L. Segal at 05:37 PM in Backup & Recovery Systems, Cost, Criminal Liability, Disaster Recovery, Duties, Implementation, Management, Sanctions, Scope | | Comments (0) | TrackBack (0)

March 25, 2011

Japan Redux: You can lead a Board to Water, but you can't make them Drink

MP900400964 It's been roughly two weeks since the devastating events in Japan.  As I mentioned in my initial post regarding their disaster-recovery efforts, we weren't going to know all of the elements we needed to know at that time in order to make an assessment - and we don't know them now.  On the other hand, we know enough to put them under a magnifying glass.  If you're part of a disaster-preparedness team, a cursory examination of their nuclear mess is a true 'teachable moment'.

Why do I keep harping on this?  Because litigation may take on all of the elements of a disaster-recovery operation in that out of nowhere, you're tasked with finding, restoring and producing massive quantities of information - possibly from several sources and/or geographic locations.  And, somebody has to pay for it (Zubulake, Toshiba, et al).  Oh, and tic-toc - the clock is ticking...

Let me preface this by saying that armchair quarterbacking is easy - and this is not a 'bash Japan' post.  You don't kick someone when they're down (but you do try to learn from their mistakes).  Nor is it an "I told you so" post - at least, not by me.  Let's be honest, for a moment.  Sometimes, when a person says "I told you so", they really did tell you so.  So what?  The issue isn't what they told you, the issues are:

  1. Did they tell you something of substance?
  2. Did they provide facts & figures to support it?
  3. Were they qualified to make the assessment? (i.e. on what basis should you rely on their opinion?)
  4. Was it relevant to the concerns at hand?
  5. If you answered 'yes' to one through four, did you give their information careful, deliberative and proper consideration?
  6. Did you solicit, collect and examine supporting and/or dissenting viewpoints to confirm/contradict the opinion?
  7. Was a 'Cost vs. Benefit' analysis performed?
  8. Did you adopt all (or some) of their recommendations?
  9. Why?
  10. Did you dismiss all (or some) of their recommendations?
  11. Why?
  12. Have you properly assessed every possible risk?
  13. Are you qualified to answer question #12, and if not, what other sources should you consult? ("Know what you don't know")
  14. What is the timetable to re-convene in order to re-assess the situation and modify the plan, if necessary?

[Add your own questions here]

What are questions nine and eleven about?  You should always be prepared to justify and/or defend your position.  After all, you may have to persuade your bosses today, but you never know who you might have to persuade tomorrow (I'm thinking...a judge?  A jury?)

Last night I read this article from the Washington Post (and others over the past few days) regarding how the Japanese authorities considered risk when assessing how to protect their nuclear plants.  In my opinion, if you commit to the short amount of time necessary to read the entire story, you'll learn more about disaster-preparedness than you ever could in a classroom; unless, of course, they're studying this disaster.

In an island nation, surrounded by volcanic activity, "experts" didn't even consider a major tsunami as part of the plan for the Fukushima Daiichi power plant because it was considered "unlikely".  But, here's an even better question, raised at the conclusion of the story:

"To what degree must regulators design expensive safeguards against once-a-millennium disasters, particularly as researchers learn more about the world’s rarest ancient catastrophes?"

Which leads me to the obvious follow-up:

  1. If a catastrophe occurs superior to our level of protection, what will be the likely result?
  2. Was this factored into our 'Cost vs. Benefit' analysis?

Two weeks ago, the experts may have thought that the risks were worth it.  But now that radiation is showing up in drinking water as far away as Tokyo?  My guess is, they wish they'd have built the retaining walls a few feet higher.

"Nobody anticipated..."

Posted by Perry L. Segal at 05:40 AM in Backup & Recovery Systems, Cost, Disaster Recovery, Duties, Education, Implementation, Science, Scope, Strategy, Technology, Zubulake | | Comments (0) | TrackBack (0)

March 16, 2011

Voyeurism: eDiscovery Style

MP900402022 So, my PDA was working fine this morning...then it wasn't.  A total and complete software crash.  I traced it down to an offending app, but it completely hosed (thank you, Canada) the O/S.  And of course, I'm out of town!  So, I located my carrier's nearby retail outlet and headed on over.  They couldn't repair it, even with their "push" software.  However, due to my predicament (out of town and desperate), they were able to swap me over to a new device.  Awesome!

How did I reward them for their excellent customer service?  By hounding the poor tech, first by insisting that he had to wipe my prior device clean and second, by insisting that he show me how he was going to do it, then let me watch.  The store was full, they were busy and I caught a person or two rolling their eyes at my request, but I persevered.

Quite frankly, the tech understood when I explained that as an attorney, there was confidential client info on the device and our ethics rules compel us to protect it (that, or he thought I was just making it all up so he would delete porn, or something...hey, as long as I get it done, let him imagine whatever he wants!)  But take note; I protected client information - as I'm obligated to do - and, I had a recent backup available on my laptop, so I lost virtually nothing.  Good for me; good for my clients!

Sadly, this is the eDiscovery equivalent of voyeurism.

e-Voyeurism?  Nahhhh...

Posted by Perry L. Segal at 05:45 PM in Backup & Recovery Systems, Disaster Recovery, Duties, Law Practice Management, Privilege, Security | | Comments (0) | TrackBack (0)

March 14, 2011

True Disaster-Recovery: What Japan Teaches Us

What if?  Those two words form the initial basis of a disaster-recovery conversation.  Like you, I've seen the heartbreaking pictures from Japan and what gets me is, a country that is known for having the best earthquake-disaster-preparedness in the world has suffered tremendous losses in spite of that fact.

The best laid plans...

Japan's nuclear facilities prepared for a monstrous earthquake, but not an 8.9.  Is there any way to plan for an 8.9?  And if so, at what cost?  Obviously, when contrasted with the devastation we've seen - and may yet see - I wouldn't blame you if you said money is no object.  But in reality, we're rarely given a blank check.  We're required to work within parameters; sometimes very constrictive ones.

Lessons learned:  No matter how thoroughly you plan, it's impossible to prepare for absolutely every contingency that may befall you.  In the future - when memory of this disaster has faded and the passage of time blunts the impact - when envisioning a worst-case-scenario for your disaster-recovery program, if those around you are prone to cut corners, remember Japan.

Posted by Perry L. Segal at 05:11 AM in Backup & Recovery Systems, Cost, Disaster Recovery, Implementation, Management, Science, Scope, Strategy, Technology | | Comments (0) | TrackBack (0)

Technorati Tags:

Next »

My Company


  • www
    ediscoverycalifornia.com

Litigation Hold Letter

Blogroll

Recent Posts