A key part of any information security strategy is disposing of data once it’s no longer needed. Failure to do so can lead to serious breaches of data-protection and privacy policies, compliance problems, and added costs.

When it comes to selecting ways to destroy data, organizations have a short menu. There are basically three options: overwriting, which is covering up old data with information; degaussing, which erases the magnetic field of the storage media; and physical destruction, which employs techniques such as disk shredding. Each of these techniques has benefits and drawbacks, experts say.

Some organizations use more than one method. For example, microprocessor maker Intel uses all three, “depending on what we’re trying to do and for what purpose,” says Malcolm Harkins, CISO and vice president of the IT group.

[Also read Why information must be destroyed by Ben Rothke]

The data destruction market hasn’t changed much in the past few years, says Ben Rothke, an information security professional with extensive experience in data destruction. “If there is any trend, it is that more firms are aware of the importance of data destruction,” Rothke says.

Still, some organizations, particularly smaller ones, need more education about data destruction, according to Jay Heiser, an analyst at research firm Gartner. “We consider this a very important topic, but it is not one that Gartner clients spend a lot of time asking us about,” Heiser says.

via The in-depth guide to data destruction | Security – InfoWorld.

What is the Foreign Corrupt Practices act and why should you be concerned about it?  Matthew Reinhard of the Washington, D.C.-based law firm Miller & Chevalier, says FCPA penalties have increased “exponentially” over the past decade and could pose a significant economic risk to investment managers. Reinhard would know—he focuses his practice on white collar crime, internal investigations and complex civil litigation and has conducted internal investigations into allegations of FCPA violations. He spoke to FINalternatives’ recently about the implications of the FCPA for private equity and hedge fund managers.

via Lawyer: Hedge Funds Must Heed Foreign Corrupt Practices Act | FINalternatives.

Memo to KPMG: When a federal judge sends a strong signal that she doesn’t want to show up her magistrate judge, you should heed the warning.

In January, you may recall, U.S. District Judge Colleen McMahon of Manhattan federal court attempted to moot a hot e-discovery dispute between the audit firm KPMG and a putative class of audit associates suing KPMG for unpaid overtime. The federal magistrate overseeing discovery in the case had ordered KPMG to preserve the computer hard drives of every potential class member, including those who had left the firm. KPMG’s lawyers at Sidley Austin argued that storing the hard drives could end up costing more than the plaintiffs’ claims are worth. The Chamber of Commerce and the International Association of Defense Counsel piled on, asserting that the magistrate’s e-discovery order had the potential to fundamentally change the balance of power in class actions by making it too expensive for KPMG and other defendants in similar situations to continue litigating cases against them.

McMahon was clearly reluctant to second-guess U.S. Magistrate Judge James Cott, so in a Jan. 3 order conditionally certifying a class of audit associates, she hinted that her ruling, which focused on a classwide question of KPMG’s policy rather than individualized facts, had mooted the e-discovery flap. KPMG and the plaintiffs, represented by Outten & Golden, declined to take the hint. KPMG continued its call for McMahon to overturn the magistrate’s discovery order.

On Friday, McMahon said no — and blamed KPMG for the predicament. Significantly, the judge agreed with KPMG’s amici that “proportionality is necessarily a factor in determining a party’s preservation obligations.” She said that it doesn’t make sense for the cost of retaining e-discovery to outweigh the potential value of the information that’s being preserved. But McMahon’s 22-page opinion concluded that KPMG had been so obdurate in refusing access to the hard drives that she couldn’t conduct a proportionality analysis.

via Judge to KPMG: Save the hard drives — and blame yourself.

Wolfram|Alpha–the “computational knowledge engine” that lets you pose questions about math, history, and other factual stuff and get reliable responses, often in the form of beautifully-done infographics–is an extraordinary creation. But more than two and a half years after its debut, it’s still not the Google-like breakout hit I keep thinking it should be.

On Wednesday, the site’s creators are launching the most ambitious update its gotten since it launched, a premium version called Wolfram|Alpha Pro that will cost $2.99 a month for students and $4.99 a month for the rest of us. Dieter Bohn of The Verge has a meaty look at what’s new, including the ability to upload your own data sets, fiddle with the visualizations and download the data behind the engine’s answers.

(MORE: Search, Plus Your World: Google’s Risky Gambit)

Data geeks should enjoy these advanced options. Even if I don’t sign up myself, I’m rooting for the Pro version to be a success, since a Wolfram|Alpha that’s a thriving business has the best shot at being around for a very long time to come.

via Hey, Wolfram|Alpha Isn’t Just for Pros | Techland | TIME.com.

As part of a sting operation, Symantec told a hacker group that it would pay $50,000 to keep the source code for some of the its flagship security products off the Internet, the company confirmed to CNET this evening.

An e-mail exchange revealing the extortion attempt posted to Pastebin (see below) today shows a purported Symantec employee named Sam Thomas negotiating payment with an individual named “Yamatough” to prevent the release of PCAnywhere and Norton Antivirus code. Yamatough is the Twitter identity of an individual or group that had previously threatened to release the source code for Norton Antivirus.

via Hackers: $50,000 to keep Symantec source code private – ZDNet.

Global EDD Group provides and manages a wide range of electronic discovery and litigation support services from our technology base in Singapore, including:

• Data Collection, Preservation & Analysis
• Imaging & Coding
• Unicode OCR
• Automated Language Translation
• ESI Processing
• Early Case Assessment Tools (Singapore-based Hosting)
• Document Review Platform (SIngapore-based Hosting)
• Chinese, Japanese & Korean (CJK) First Pass Review
• Onsite Processing & Review System

Related articles

• Global EDD Group Celebrates The Year Of The Dragon With Expanded Asia Pacific Services (legaltechtoday.com)
• Global EDD Group: Your Local E-Discovery Resource, Worldwide (e-discovery.asia)

The three articles are: (1) “Complying With the Foreign Corrupt Practices Act: A Practical Primer”, authored by the University of Chicago Law School’s Corporate Lab, co-sponsored by Microsoft, and published by the ABA Global Anti-Corruption Task Force; (2) “The IP Practitioner’s ‘Cheat Sheet’ to the FCPA and Travel Act: Introducing the IP FCPA Decision Tree”, authored by Doug Sawyer and T. Markus Funk and published in the BNA Bloomberg Patent, Trademark & Copyright Journal; and (3) “Breaking Down the FCPA, Travel Act, and UK Bribery Act”, by T. Markus Funk, published in BNA Bloomberg White Collar Crime Report.

via A Triumvirate of FCPA Resources | Thomas Fox – JDSupra.

E-discovery is a costly necessity of modern litigation. With the ease of email and network data-storage came a deluge of litigation expenses. But producing parties, who historically have born the majority of these costs, may now find some relief in Rule 54(d) of the Federal Rules of Civil Procedure.

Rule 54(d) provides that “costs — other than attorney’s fees — should be allowed to the prevailing party.” The awardable or “taxable” costs are listed in 28 U.S.C. §1920, and include “[f]ees for exemplification and the costs of making copies of any materials where the copies are necessarily obtained for use in the case.” At first glance, this provision might not seem to encompass e-discovery costs. Since an amendment in 2008 that replaced the word “papers” with “any materials,” however, courts uniformly have concluded that §1920 covers at least some e-discovery costs.[FOOTNOTE 1]

The question that remains is what e-discovery costs are recoverable. Courts confronting this question have identified five elements that a party must establish to tax its adversary with e-discovery costs: (1) the party seeking costs must have been the “prevailing party”; (2) the costs must stem from a modern equivalent of “copying”; (3) the costs must have been necessary; (4) the costs must be reasonable; and (5) the costs must be sufficiently documented to support the other elements.

Although these elements provide a useful analytical framework, they provide an uncertain guide as to how courts will actually rule on requests to recover e-discovery costs. Indeed, courts frequently come to inconsistent conclusions regarding seemingly similar requests for costs. Although it remains the case that there are few bright-line rules as to what e-discovery costs are taxable, trends are beginning to emerge in how courts interpret each of these requirements.

via E-Discovery Cost Recovery in the Digital Age.

Terrorists combining a cyber attack with physical violence are the biggest security threat facing the 2012 Olympics, a digital forensics expert told CNBC.

Paul Gilham / Getty Images

“What we really have to worry about is the blended attack, in other words, someone causing a temporary disruption to the electronic structure, combined with a physical attack,” said Professor Peter Sommer, who acts as a court expert on cyber crime.

“The fact that you have the electronic attack makes it more difficult to deal with the physical attack,” he added.

With this year’s Games (taking place from July to September, including the Paralympics) expected to be the most hi-tech yet, Sommer says the “sheer number” of interlocking electronic systems makes the event vulnerable.

“We have a large numbers of systems, some of them central, some of them less obvious — but which may nevertheless be important — any of which could be attacked by any of a large number of people who have a message to make to the world, because that is what the Olympics gives them a chance to do,” he said.

via Cyber Attack Is Top Threat for Olympics: Expert — EU Business News – CNBC.

Motorola alerted customers on Friday that it shipped about 100 refurbished Xoom tablets that were not completely cleared of the original owner’s data prior to resale. The tablets were sold between October and December of 2011 through Woot.com. Oops.

According to Motorola, some of the compromised data potentially includes user names and passwords for email and social media accounts, as well as other password-protected sites and applications, and possibly even photographs and documents.

First, Motorola is offering customers who purchased a Motorola Xoom Wi-Fi tablet between March and October 2011–and then returned it–a complimentary two-year membership of Experian’s ProtectMyID Alert to mitigate any risks. Experian provides access to consumer credit data, and can be used as a tool to make sure the accidentally shared data is not put to nefarious use. The Xoom was available from a number of retailers during that period, including Amazon.com, Best Buy, BJ’s Wholesale, eBay, Office Max, Radio Shack, Sam’s Club, Staples, and others. If you bought one from the aforementioned retailers and returned it, best give Motorola (and Experian) a call.

via Motorola Tablet Goof: 4 Security Lessons For Users – Security – Mobile Security – Informationweek.