Hoge Fenton Jones & Appel is a multi-service law firm headquartered in Silicon Valley. As a member of Mackrell International, a premier network of independent law firms in 60 countries, the firm’s reach extends around the world. Mackrell International has been named a Top Ranked Chambers Global Leading Law Firm Network.
Seth Silapasvang, Director of Information Technology at Hoge Fenton, leads the internal IT team supporting multiple offices and is responsible for compliance and risk management. “It’s critical that we are fully compliant with regulations, such as Gramm-Leach-Bliley Act (GLBA), while being minimally disruptive to our business and attorneys. On top of that, non-compliance fines can range from one thousand to hundreds of thousands of dollars. Rubrik Sonar is an essential part of meeting regulatory compliance while providing operational efficiencies via automated searches and reporting,” said Silapasvang.
Time Savings for Audits via Automation vs a Manual Approach
Prior to Rubrik Sonar, Silapasvang and team relied on a time-consuming manual approach to search for sensitive or PII information for audits. “We adhere to regulatory compliance as well as annual and client-led audits. The process before consisted of Excel spreadsheets. To create a data repository meant entering information line by line. On top of that, it was extremely difficult to control user access,” stated Silapasvang. “For one high profile case, we had to assign one person as the sole owner, who then brought a flash drive everywhere to make changes on only his computer.”
In addition, Sonar helps Silapasvang’s team reduce time spent on completing such requests. “When a search request comes, finding the information is extremely difficult because it can be in multiple places. A search for something simple can take a few hours, and complex multi-location searches can take longer to pinpoint exact data. Rubrik and Sonar immediately save us at least half our current search times and that differential expands exponentially for larger requests. We save even more resources because we can now automate it with Sonar and just one person instead of having to dedicate a search team for fast deadlines,” said Silapasvang.
Granular Search to Increase Efficiency for e-Discovery and Compliance
Hoge Fenton uses Sonar to perform on-demand search requests for client cases. Silapasvang added, “The advantage of Sonar is it allows us to be more efficient on how we do e-Discovery. We can use Sonar to run global searches across massive amounts of data. These searches would include looking for specific names or email addresses in order to understand where files are located and if they are in the right locations. With Sonar, we can identify hotspots without impacting our production environment and then comb through the results more finely, making our current e-Discovery processes and tools more effective.” Furthermore, Hoge Fenton leveraged Sonar’s predefined policies to assist with compliance for GLBA, US PII, and US Financials. Today, they are continuously monitoring patterns for bank account information, credit card numbers, social security numbers, taxpayer information, and more.
Improving Retention Policies to Address the Right to Be Forgotten
New data privacy laws have increasingly strict requirements regarding access and deletion of individuals’ data. “With California Consumer Privacy Act (CCPA) and General Data Protection Regulation (GDPR), certain sensitive data is subject to access requests, such as the right to be forgotten, and is required to be aged out over a shorter period of time, such as 30 days. However, we may need to keep certain legacy backups to meet other compliance requirements. With Sonar, we can identify and segregate at a granular level which files or folders need to be removed and adjust our retention policies accordingly to meet the 30-day requirement while keeping the rest of the backup for a longer period of time,” said Silapasvang. Additional benefits include:
- Less than 15-minute setup: “To onboard Sonar, it took less than 15 minutes to toggle on the software and create data discovery policies or searches.”
- No impact to production: “With Rubrik, we can perform search queries across all our backup data seamlessly in the background without impacting production. It takes less than half the time to run this in Rubrik than in my own environment.”
- Custom search and policies: “The predefined policy templates make it easy to get started, and I love how customizable the policies and searches are for more granular control.”
- Intuitive UI: “The user experience is a delight. I love the simplicity and design. Links and buttons do not just what you expect, but also lead to further insight into our data.”
Learn more about how law firms are leveraging Rubrik here.
Dive deeper into our data retention and legal hold capabilities here.