I’m in IT and I’ve worked for multinational companies with billions in revenue. Never seen a thorough discovery but many, many lawsuits and legal holds.
Nobody in IT tries to avoid providing information, but legal and the middlemen have absolutely no idea what data exists, where it exists, what the limitations are… half the time all they ask for are email records and file server records even though there may be texts somewhere, files on user systems or cloud shares that they never think to ask about… they rarely give us much information. We often aren’t even told what they are really looking for - we often just get a few keywords and a timeframe.
Haven’t seen external entities come in and comb through things either, and even if that existed they wouldn’t know where to look unless it’s documented - so things like old tapes, piles of hard drives in an ewaste pile and old backup appliances that are unplugged sitting in a server closet full of drives are totally unknown.
Plus if you know you will be sued there’s usually little reason to have retention longer than a year or two by policy for stuff like email and chat.
Then there’s all the messages sent by leadership in platforms outside of the company that nobody investigates, like WhatsApp or signal.
Maybe it’s different somewhere, but I just haven’t seen it yet.
I’m in IT and I’ve worked for multinational companies with billions in revenue. Never seen a thorough discovery but many, many lawsuits and legal holds.
Nobody in IT tries to avoid providing information, but legal and the middlemen have absolutely no idea what data exists, where it exists, what the limitations are… half the time all they ask for are email records and file server records even though there may be texts somewhere, files on user systems or cloud shares that they never think to ask about… they rarely give us much information. We often aren’t even told what they are really looking for - we often just get a few keywords and a timeframe.
Haven’t seen external entities come in and comb through things either, and even if that existed they wouldn’t know where to look unless it’s documented - so things like old tapes, piles of hard drives in an ewaste pile and old backup appliances that are unplugged sitting in a server closet full of drives are totally unknown.
Plus if you know you will be sued there’s usually little reason to have retention longer than a year or two by policy for stuff like email and chat.
Then there’s all the messages sent by leadership in platforms outside of the company that nobody investigates, like WhatsApp or signal.
Maybe it’s different somewhere, but I just haven’t seen it yet.