When organizations consider investing in e-discovery technology, a major question that must be addressed is,“how will the system be deployed?" There is no “best" deployment model. Every organization is unique, and the software deployment choice must reflect their specific needs and environment. Many organizations have limited IT resources available to implement and manage new applications. IT must always balance the requirement to meet the needs of lines of business, such as legal, while minimizing operational costs, preserving data security and working within the constraint of available staff resources. Some organizations have moved to primarily cloud-based systems or have completely outsourced their IT operations. In these cases, adding a new e-discovery system behind the company firewall may not be optimal and could require lengthy negotiation with third-party providers to implement and manage.
For this reason, the market has seen an increasing number of organizations opt for cloud-based e-discovery applications. According to a recent poll by eDiscovery Journal, 35% of corporate respondents said they are leaning toward cloud solutions or hybrid cloud/on-premise solutions for e-discovery.
E-Discovery in the cloud is a nebulous term that can describe a number of different things. Christine Taylor, analyst for the Taneja Group, identified three different ways the cloud can be used for e-discovery:
1) Using the cloud for e-discovery application delivery (Software as a Service (SaaS))
2) Archiving data to the cloud and contracting with the hosting provider to run e-discovery processes
3) Storing active data in the cloud that is subject to frequent security, privacy and other regulatory actions.
According to Talyor, the first two categories are relatively low risk while the third can present potential dangers because it requires that primary data be retrieved from an outside source when e-discovery arises.
There are several advantages to the SaaS e-discovery delivery model. Since the software application is maintained offsite by vendors, it can be quickly deployed, eliminates hardware installation and requires minimal training to get up and running. Further, internal IT departments are relieved of the burden of maintaining the application. While organizations must pay a regular fee to vendors for hosting and managing the application, the SaaS model cuts down expenditure on hiring additional IT professionals and other physical components for storing and managing massive amounts of data.
The major concern surrounding the SaaS model is data security and privacy. While organizations reap the benefits of quick deployment and minimal management needs, they also cede some control of their data to an outside entity. Reputable SaaS providers take data security very seriously and employ safeguards to protect against potential risks. Still, a company with large volumes of sensitive data may be hesitant to forfeit any degree of process ownership to a third party.
Cost is another key consideration when deciding between an on-premise or hosted system. Often, but not always, a perpetual license for software deployed behind the organization's firewall is considered a capital expenditure. Capital expenditures typically require stronger financial justification and are planned into the fiscal year's capital budget (long lead time). A hosted/cloud/SaaS model typically uses an expense budget, which requires less approvals and often results in a faster deployment. There is also the issue of total cost of ownership. On-premise applications require a significant upfront investment, but they tend to deliver greater returns on investment (ROI) over time.
Many companies employ a hybrid approach, investing in both on-premise and hosted e-discovery applications. The SaaS model is especially suitable for document review because it usually involves collaboration between multiple parties, such as law firms and service providers, in different locations who need access to the same data.
Some organizations like to have the flexibility to go from one option to the other. For example, an organization may wish to deploy an e-discovery application behind the company firewall but simply lack the internal IT resources to support such a system. If circumstances change, they may wish to deploy a platform that can move from a SaaS model to an on-premise deployment (or vice versa) without having to change vendors.
There are a host of things organizations must consider when deciding whether to invest in an on-premise or hosted system. The best strategy is to plan ahead, carefully evaluate internal and external needs and thoroughly vet potential vendors to ensure the system is a good fit.
To learn more about issues surrounding e-discovery and cloud computing, watch Exterro's recent webcast “E-Discovery Forecast: Cloudy with a Chance of Sanctions," here.