Securing Legal Data with Cyber Forensics & Proper Incident Response Teamwork

A National Receivership Firm

Cyber forensics involves the science of collecting, inspecting, interpreting, reporting, and presenting electronic evidence from computers, including hard drives and deleted files

In this case, our client, a Receivership Services firm, sought assistance from Launch's cyber team to manage just this with the receivership of a national law firm that had been shut down by the Department of Justice amidst embezzlement allegations.

Client Goals

This Receivership firm found itself entrusted with the challenge of overseeing all the law firm’s assets, which triggered the need for comprehensive asset management, in depth cyber forensics, and robust cybersecurity prevention solutions. The primary objective? To orchestrate the seamless transition of an extensive range of digital assets, spanning from Enterprise Resource and Planning (ERP) systems to massive email archives, complex clustered file shares, and custom-built applications, totaling a whopping 180 terabytes of legal data (that’s 2.5x the information in the Library of Congress). All this had to happen with the highest standards of asset management and adhere to necessary legal protocols.

Challenge at Hand

Our client usually deals with small to medium-sized businesses in receiverships, so dealing with the closure of a national law firm loomed large. With 30 racks of hardware securely housed between 4 data centers scattered across the country, safeguarding this legal information took precedence. Enter Launch. We helped navigate this data landscape, while meticulously upholding our legal and fiduciary responsibilities.

Our Approach

Working closely together, Launch's cybersecurity experts and our receivership client partnered on the design of a multi-point solution addressing the full scope of data needs, file management, and compliance.  

Major forensic initiatives included:

  • Comprehensive Asset Assessment: We started at the top and worked our way down, optimizing assets to keep long-term storage needs in check.
  • Email Management Expertise: We combed through mailboxes within Exchange and implemented legal hold retention policies, ensuring data preservation while eliminating the need for an email ecosystem.
  • File Management Mastery: We tracked down relevant file share data, prioritizing the files needed for the receivership while archiving less critical data for potential future access.
  • Custom Application Migration: Their custom MSSQL and file management program was our next target. We reverse-engineered and relocated it to a new datacenter using Active Directory cloning, HyperV system setup, and network hardening.
  • Courtroom Compliance: Of course, we needed court approval every step of the way.  

All in all, the project took 9 months and over 3,000 hours of meticulous preparation to make sure everything ran like a well-oiled machine. All the while, we made sure legal teams had secure data at their fingertips, ready for action in compliance with court regulations.

Outcome & Ongoing Efforts

Our strategic solution empowered the efficient management of the law firm's assets during the first phase of the receivership. What’s next? As civil court receivership matters often extend over 3 to 7 years, we will continue the ongoing review of our clients’ assets in transition.

Holistic Cyber Hygiene and Why It Matters   

A robust security culture within modern organizations hinges on crucial components such as Cyber Forensics and Incident Response Management. These elements empower efficient investigation and analysis of digital evidence, facilitating rapid identification, response, and mitigation of cyber incidents. Additionally, robust policy formulation and enforcement, often overseen by aligned legal and compliance departments, creates a sound security culture for all. By integrating these key components, organizations proactively defend against evolving cyber threats, safeguarding data and operations effectively.  

Looking for further insights on cultivating a holistic security culture within your organization? Check out this recent podcast with TechSpective discussing the strategies needed for establishing an environment where individuals recognize that security is a collective responsibility spanning beyond just IT – it's a business concern that applies to everyone.