How to find crucial digital evidence in the big data haystack

Locating key info with the latest tech

Across businesses today, a range of departments are faced with the challenge of finding crucial evidence amongst the ever-growing volume of digital data that is produced. From investigators, information security officers, auditors, records managers, HR to in-house counsel, they all need to find evidence – whether it be an inappropriate email, an important contract or a data breach trail – amongst the organisation's unstructured data.

One way to deal with the volume of data efficiently and get to the facts faster, is to share the workload amongst or between departments by dividing up the data for review and collaborating on the results. Paul Slater, Director of Forensic Solutions at Nuix, reveals how Nuix's Web Review and Analytics tool allows organisations to do just that.

TechRadar Pro: What are the three biggest challenges facing investigators, internal auditors, or in-house lawyers in finding crucial evidence in large data sets?

Paul Slater: The first big challenge is the volume of data. Today, we use multiple devices to generate huge amounts of content. That means sorting through a lot of data, including a lot that's irrelevant, whenever they're conducting an investigation or responding to litigation or regulators.

The second is that it's hard to share data between forensic IT teams and investigators, less tech-savvy people, subject matter experts and lawyers. That's a worrying disconnect in the investigation process.

The third challenge is that forensic investigators still follow the traditional process of examining each evidence source individually. Often they really need to find the meaningful connections between multiple sources.

TRP: How can companies go about solving these challenges?

PS: Information governance policies applied through technology can help prevent build-up of data in the first place.

With the right technology and workflows, companies can also make investigations more efficient by dividing up digital evidence and spreading the review workload between multiple people. Also putting evidence in front of the people most qualified to understand its context, such as case investigators, lawyers or external subject matter experts.

They also need to move away from traditional linear forensic investigation methods towards workflows that will let them see all the evidence holistically and quickly locate the key facts.

TRP: Earlier this year, Nuix launched a Web Review and Analytics tool that makes it possible to search case data for evidence from any browser. Could you tell us a little more about how it works and who can use it?

PS: Nuix Web Review and Analytics provides access to case data from just about any web browser. It can scale to hundreds of cases and thousands of reviewers, with role-based access to control who sees what. Because Nuix Web Review and Analytics sits on top of a standard Nuix case file, it provides an incredibly simple workflow from data capture and processing to review and reporting.

Just about anyone can use Nuix Web Review and Analytics, including non-technical investigators, subject matter experts and external parties.

TRP: What industry needs/pain-points did Nuix observe which led your organisation to develop this tool?

PS: We wanted to build a tool that the industry really needed, so we looked to our own experiences as forensic investigators and also canvassed industry experts from our customer base around the world.

We found that traditional review tools are too focused on the flat, textual content of emails and documents. Investigators also need to consider photos, videos, content from social media sites, mobile devices and more. And they want analytics capabilities to identify patterns and trends, and find hidden connections between people, objects, locations and events. So that's what we gave them.

TRP: What advantages are there in an application that makes reviewing evidence possible online? How can Nuix ensure that sensitive information can be kept secure over the web?

ABOUT THE AUTHOR

Editor, TechRadar Pro

Désiré (Twitter, Google+) has been musing and writing about technology since 1997. Following an eight-year stint at ITProPortal.com where he discovered the joys of global techfests, developing an uncanny attraction for anything silicon, Désiré now heads up TechRadar Pro.