While much of current commentary on electronic discovery is focused on enterprises in the private sector, government agencies also routinely face demands for the production of electronically stored information (ESI) in litigation, investigations, examinations, Freedom of Information Act (FOIA) requests and other core activities. Many of the e-discovery-related challenges faced by large corporations and government agencies are similar, but requirements for public sector organizations stand out due to the very large scale of many productions, the diversity of data types and formats, and the extensive and stringent data security protocols driven by government regulations and standards programs.

Complicating these fundamental challenges are recent public-sector initiatives that bring new urgency to efforts to move agency data and technology tools to a cloud computing environment. These initiatives include:

  • Cloud Smart, a relatively new strategy developed by the Office of Management Budget (OMB) "to accelerate agency adoption of cloud-based solutions" and provide practical implementation guidance.
  • The Federal Information Technology Acquisition Reform Act (FITARA), which was passed by Congress in December 2014; FITARA permits CIOs to establish cloud service working capital funds and is the driving force behind new "scorecards" that grade agencies on their progress in various components of IT modernization, including migration to the cloud.
  • The Modernizing Government Technology Act, attached as an amendment to the 2018 National Defense Authorization Act, which plays an important role by providing capital for modernization initiatives that include adoption of commercial cloud technology.

While the current trend of federal agencies embracing cloud computing is driven to a large extent by these and other initiatives, many executives and IT experts in many government agencies (including state and local agencies) have already concluded that moving to the cloud has the potential to bring real and lasting benefits for both agencies and their constituents.

Responses to a 2019 Deloitte survey focused on e-discovery practices for government agencies cite data volume, insufficient staffing, insufficient technology and the processing of multiple data types as primary challenges. By moving to the cloud, agencies can address these challenges more systematically. They can reduce their physical footprint, realize significant cost savings—especially over the long term as investments in on-premises infrastructure and maintenance are curtailed—and take advantage of unprecedented scalability and flexibility for adapting to rapidly evolving IT challenges. Agency constituents also stand to benefit from more nimble, responsive and transparent services that reflect the latest innovations from the private sector.

|

Cloud Migration Represents a Cultural Change

But moving to the cloud represents much more than a technology change. In addition to presenting an array of new technical challenges, migration also imposes profound changes on agency culture. Organizations will need to rethink a broad range of established policies, processes and templates. They will be implementing changes that extend well beyond technical data migration problems to issues affecting personnel, security, connectivity and more.

For example, on-demand cloud and software-as-a-service (SaaS) billing models may not align naturally with the ways agencies are used to managing their budgets. Employees may be unsettled by the new approach to information infrastructure: "If I can't see it, does it really exist?" These are not trivial concerns, and organizations managing the changes will be best-served by vendors that have developed mature technology specifically for agencies over a number of years and have broad experience mitigating both the technical and cultural challenges that are an inevitable part of the migration process.

|

Security as the Prevailing Concern

In the federal space, and increasingly among state agencies, the Federal Risk and Authorization Management Program (FedRAMP) is the key security standard that agencies—and the vendors they engage with—must meet before they can move data to the cloud. FedRAMP is a government-wide program serving agencies, cloud services providers and third-party assessment organizations (3PAOs). Any vendor wishing to sell and/or operate a cloud solution to the government will need to attain FedRAMP certification.

FedRAMP provides a standardized approach to security assessment, authorization and monitoring of cloud services, and leverages 3PAOs to validate that individual vendors and their cloud solutions have the necessary controls in place to keep data secure. In addition to accelerating adoption and improving confidence in secure cloud solutions among agencies, the FedRAMP program aims to ensure consistent application of existing security practices, and increase automation and continuous data monitoring in near-real-time.

Much government data is extremely sensitive, and a user authentication model for cloud solutions governed by role-based security access rights with case-level, document-level and field-level security is essential. For e-discovery vendors of cloud-based solutions, a security mindset must be embedded at every level of organizational culture.

|

Government Productions Are Often Massive and Complex

Government agencies responding to data requests typically collect a wide variety of data from a multitude of sources. When requesting data from various government entities, they can provide guidelines and request data in desired formats, but are often not able to require that data be provided in a specific format. A few examples of challenging data types include Bloomberg data, Cellebrite data, GIS data from U.S. Geological Survey (USGS) and low-quality PDFs.

Cloud vendors entering this market segment may need to support literally hundreds of data formats and be able to extract metadata and underlying file types. They must also be equipped to manage very large productions; more than a third of respondents (36%) to the Deloitte survey report working on cases involving more than a terabyte of data.

But agencies are moving in the right direction. With careful planning and proven, experienced vendors, public sector organizations stand to benefit tremendously from the latest advances in cloud computing and position themselves to respond more nimbly to constantly changing e-discovery requirements, including ground-shifting developments like increasing ubiquity of mobile devices and data types.

The cloud offers agencies a significant reduction in the total cost of ownership for their infrastructure, the opportunity to consolidate multiple applications and databases in a single repository and interface, more rigorous and centralized control over security, more flexibility and speed in developing custom tools and applications, and more responsive and transparent provision of essential services like FOIA requests. The result for many agencies will be more efficient governance and more effective provision of services to constituents.

Amy Hilbert is the Vice President of Public Sector at Casepoint LLC. She has over 20 years of experience in organizational leadership and project management in the information technology industry. In her role, Amy leads Casepoint's foray into providing e-discovery and legal technology solutions to the government and public sector. Amy is seasoned in building and managing relationships across the federal, state, and local government markets. Prior to joining Casepoint, Amy held positions as Vice President of Client Services and Director of Business Development Operations.