Matt Brunnquell of OpenText on the growing importance of document security


eDiscovery, originally the main focus of this blog, has properly become seen as a subset of wider document management functions. OpenText’s roots lie in document management, and it has met the changing market by acquiring eDiscovery and forensics companies (notably Recommind and Guidance Software) to bring those specialist activities to its corporate clients while continuing to develop its broader document management and information governance tools and skills.

eDiscovery itself has broadened, its remit extending beyond disputes to other areas of corporate activity (such as M&A) which require the collection and searching of large bodies of data. At the same time, security concerns have risen to the top of the list of risks which concern lawyers and their clients. The risks are both external and internal – third party actors intending loss or harm to a company, or insiders, perhaps abusing privileged access to data.

OpenText eDocs is designed to deal with threats like data breaches and insider risk threats – see this OpenText web page Organizations require additional security layers and this one about the latest release of eDocs which summarises the threats and the solutions, not least encryption of documents at rest, which OpenText eDocs brings.

Matt Brunnquell is Sales Director of OpenText eDocs. I spoke to him at LegalTech in New York and asked him about the rising interest in security from OpenText’s customers.

Security, Matt Brunnquell said, has been a major topic of concern in the last two years, and is not going away. Law firms inevitably have large collections of their clients’ key documents – those assembled for litigation or an acquisition tend to be the most important ones, making lawyers a prime target for attack.

Law firms are putting in defences but still finding vulnerabilities, which are sometimes their own and sometimes those of their clients. Their concern is about documents at rest, at document level and at file-server level.

The preferred solution lies in the encryption of documents at rest, combined with activity monitoring, bringing instant alerts when documents are threatened – historically, nearly 200 days elapse, on average, from incident to discovery by which time it is usually too late to mitigate the effects of the attack. Activity monitoring minimises the delay.

You can read more about insider leaks in an article by Rachel Teisch of OpenText called About that information leak: It’s coming from inside the organization.

More from Opentext