how to use office 365 and x1 discovery to achieve your

HOW TO USE OFFICE 365 AND X1 DISCOVERY TO ACHIEVE

YOUR EDISCOVERY GOALS

AGENDA • Office 365 eDiscovery and Compliance features and functions

• X1 Distributed Discovery features and demo

• Q&A/Open Discussion with Audience

2 WWW.D4DISCOVERY.COM

PANELISTS


John Patzakis Executive Chairman of the Board

Rafe Stanley [Moderator] Discovery Engineer

Rachi Messing Senior Program Manager

OFFICE 365 RACHI MESSING


Digital trends are changing the way people work

Employees work on nearly 2x the number of teams than they did five years ago* 41% employees say mobile business apps are changing the way they work* Information overload wastes 25% of employee time, costing U.S. business $997B each year* 160M customer records leaked* 229 days to detect security infiltration*

* Multiple industry sources.

Office 365 Service offerings by category

Authoring

Word

Excel

PowerPoint

OneNote

Mail & Social

Outlook

Yammer

Sites & Content

OneDrive

SharePoint

Delve

Chat, Meetings & Voice

Microsoft Teams

Skype for Business

Analytics

Power BI

MyAnalytics

Office 365 Groups Graph Security & Compliance

73% orgs indicated security as a top challenge holding back SaaS adoption

89% of orgs required to govern content for compliance or business continuity purposes

63% of orgs state transparency challenges restrict them from growing their cloud usage

Top 3 Cloud Concerns

Best-in-class security with over a decade of experience building Enterprise software and online services

Privacy by design with a commitment to use customers’ information only to deliver services

Office 365 Built-in capabilities and customer controls

Commitment to meeting industry standards and delivering a rich set of applications which enable organizational compliance

Transparency in our operations so you can monitor the state of your service, track issues, and have historical view of availability

Office 365 Compliance Solutions

What solutions does Microsoft provide to bring data overload under control and support my ability to achieve organizational compliance?

Who is in control of the data in O365?

Office 365 In-Place Compliance Solutions

Preserve vital data

Organization needs

Find relevant data Monitor activity

Data Governance Import, store, preserve and expire data

eDiscovery Quickly identify the most relevant data

Auditing Monitor and investigate actions taken on data

Security & Compliance Center Manage compliance for all your data across Office 365

Security and Compliance Center

Bringing together different compliance tools with roles based permission controls

Scenario oriented workflows with cross-cutting policies spanning features

Powerful content discovery across Office 365 workloads

Proactive suggestions leveraging Microsoft Security Intelligence Graph


Preserve vital data

Organization needs






9

Traditional Data Governance

Challenges

Point in time data Captures data at a point in time which miss any edits in place or from transport agents in flight

Increased risks Content may be compromised moving from one environment to another

Increased time Waiting for indexing increases time required to find relevant data

Increased costs Having a separate copy of the data being stored significantly increases costs

No service wide insights Unable to leverage service wide machine learning to draw correlations between the data

Exchange Data Outsourced Data Journaling

Third party outsourced journaling

Many organizations transfer data to a third party hosted archiving service which has challenges

10

In-Place Office 365 Data Governance

Office 365 In-Place Data Governance

Benefits of In-Place Office over Journaling

Location, query or policy based Apply preservation to mailbox or SharePoint site, apply a query to hold less content, or use preservation policies

Higher fidelity and lower costs Content stays in Exchange and SharePoint, which results in lower storage costs, and higher fidelity data

No impact to users Seamlessly create, edit, and delete without knowing data is being preserved

Reduce risk Data is not duplicated to another provider or compliance boundary. Record all actions taken on the data

Insights Insights to enable you to keep what’s important, delete what’s not, and to share according to policy

Data stays in-place and does not need to be continually transferred out of Office 365 providing benefits

11

Ingestion of data outside Office 365 In-Place data creation, retention and archiving In-Place eDiscovery

Auditing

Export

Office 365 Compliance Data Lifecycle

Retention policies Unified Retention and Disposition Policy for workloads in Office 365

Records management End user classification in Outlook, SharePoint, OneDrive and Groups. Manual review and disposition, reporting and permissions

SEC 17A-4 compliant SEC 17A-4 whitepaper covering SharePoint, OneDrive, Groups, Skype, Preservation Lock, immutability, Supervisory Review

Import Drive Shipping, Network Upload and 3rd Party Data Ingestion (Facebook, Twitter, Bloomberg) through partners to provide cross platform compliance and governance

Security and Compliance Center Office 365 experience to bring together all compliance and security experiences

Data Governance: Core Capabilities


Preserve vital data

Organization needs






eDiscovery in O365

Self-service case management tools Investigators can create & manage cases, put data on hold, perform searches and export

Wide range of scenarios Regulatory compliance, employment law, HR, financial, internal business requirements

Enable collaboration Between investigators & attorneys overseeing the case

Identify subjects, witnesses, custodians Search for relevant subjects or witnesses or custodians

Identify relevant data Search for data relevant to the investigation across Office 365 and imported data

Secure access Provide access based on role, delegated access and enable security filters to scope access

Search and Export Capabilities

Real-time in-place searching No waiting for indexing, always live and up-to-date across Office 365

Quickly find relevant data Proximity search, rich query syntax

Make decisions Query and source statistics help you to analyze results

Export with analysis Export into review tool

Light weight tagging Single-investigator cases Simple investigations

Full review tools Ready to load data package Larger investigations

Technology Partners Epiq Rational Enterprises Everlaw Recommind Kcura Servient iConect Zapproved iPro Zylab Mindseye

Download to PST or Native Folder Manual data review Move data between locations

Native export

Advanced eDiscovery Intelligently explore and analyze unstructured data to quickly identify what’s relevant

Predictive coding enables you to train the system to automatically distinguish between likely relevant and non-relevant documents

Identify relevant documents

Use clustering technology to look at documents in context and identify relationships between them

Identify data relationships

Use near duplicate detection to organize the data and reconstruct email threads from unstructured data to reduce what’s sent to review

Organize and reduce data prior to review


Preserve vital data

Organization needs






Azure Active

Directory

Security & Compliance

Center

SharePoint Online

Power BI

Opt-in for all O365

tenants

1 billion events

collected daily

Office 365 Auditing

Exchange Online Admin activity, end-user (mailbox) activity Security and Compliance Center Admin activity Azure Active Directory Office 365 logins, directory activity Power BI Admin activity SharePoint Online and OneDrive for Business File activity, sharing activity

What Data Is Audited?

Visibility Rolling 90-day public roadmap of what’s coming

Control First release program and deferred service branch

Cadence Regular releases of new innovations

Cloud updates on a regular basis

Innovation & Release Management

X1 JOHN PATZAKIS


How to Use Office 365 and X1 to Achieve Your eDiscovery Goals L I V E W E B I N A R

Numerous Challenges • Custodian self-collection not defensible:

• Nat’l Day Laborer Org. Network v. US Immigration & Customs

Enforcement Agency, (S.D.N.Y. Jul. 13, 2012)

• GN Netcom, Inc. v. Plantronics, Inc., No. 12-1318-LPS, 2016 U.S.

Dist. (D. Del. July 12, 2016).

• Lack of Uniformity and Transparency

• Disruption

• But full-disk imaging is disruptive, expensive and not

required by the courts

Central Index Approach • Substantial scalability challenges

• Requires huge network bandwidth and computational resources • Team of FTEs to deal with index corruption, database crashes, etc. • Any real enterprise-wide success stories?

Crawling Solutions Are Slow & Cumbersome • Must collect all data and transmit over the network to be

searched by the solution. Requires several hours per end-point

• Must start search over if even a tiny change to keyword or metadata search criteria

Enterprise architecture considerations • Most eDiscovery software must collect and migrate all

custodian data BEFORE searching and culling begins• Counter-productive to the very purpose of a cloud-based O365

investment.

• Standard network infrastructures do not support timelymigrations of terabytes of data.

• Next generation eDiscovery solutions must search andprocess cloud data in place and consolidate non-cloudsources with cloud sources

S O L U T I O N

• Revolutionizes how organizations search, identify and collect

documents at the desktop level across up to thousands of endpoints and network sources with industry-leading speed

• Empowers legal and IT teams to generate and actually adjust key terms in real-time, before collection

• Maps to O365 workflow and many information governance use cases

Distributed Discovery

X1 Distributed Discovery Product Demo

Q&A/OPEN DISCUSSION Please send your questions through the chat window. We will answer as many as we can. The rest will be answered in an email to you next week.


THANK YOU!

WWW.D4DISCOVERY.COM 7

All attendees will receive the presentation recording and slides tomorrow, Friday, August 4.

If you have any questions or need assistance from a forensics expert, please contact: [email protected].

how to use office 365 and x1 discovery to achieve your

Documents