It is axiomatic that the volumes of electronically-stored information (ESI) generated by organizations are vast and ever-increasing. Correspondingly, the amount of ESI that must be preserved, collected, processed, and reviewed for internal investigations, active litigation, and regulatory compliance never stops growing.

Today, it is a practical and ethical requirement for practitioners in these areas to take the necessary steps to protect the ESI they are managing for those purposes, which means keeping up with evolving security and compliance best practices – as well as adapting to the rapidly changing tactics to threat actors.

In this practice guide, we will discuss why ESI must be protected and how you can protect it, including fundamentals of security compliance frameworks, role-based access control, cloud storage vs. on-premises storage, and data encryption.

In this practice guide:

• The relative merits of common security compliance frameworks
• The pros and cons of cloud and on-premises storage environments
• The essential need for data encryption at rest and in transit

• The need for everyone to contribute to data protection
• The critical importance of role-based access control
• The need to adapt to evolving threat tactics