SharePoint eDiscovery Center is a legal must for organizations

It's necessary for organizations to have a way to efficiently locate and retrieve data in response to a subpoena. One especially helpful tool in this type of situation is SharePoint 2013's eDiscovery Center.

    Requires Free Membership to View

An eDiscovery Center is really nothing more than a special type of site collection, but to perform e-discovery, you'll have to create one since it is not deployed by default.

Figure 1. To build an eDiscovery Center, you must create a site collection.

The concept of creating an eDiscovery Center may seem foreign at first, but it's based on a process SharePoint admins should recognize, as creating one is similar to creating a site collection.

Creating an eDiscovery Center

To create an eDiscovery Center, open the SharePoint Central Administration console and click on the Create Site Collections link. From here, enter a title for the eDiscovery Center you want to create. Next, enter an optional description and a URL path (Figure 1).

Figure 2. You must select the eDiscovery Center template.

The lower portion of the interface contains an option to select a template. Go to the Enterprise tab and select the eDiscovery Center option (Figure 2). Specify a primary and an optional secondary administrator and click OK.

Once you've completed those steps, you can see what the eDiscovery Center looks like (Figure 3).

Using the eDiscovery Center

In the eDiscovery Center, it's possible to have multiple cases for performing e-discovery at any one time in any organization. Therefore, the eDiscovery Center is designed to allow you to designate multiple cases. You can perform a separate set of e-discovery queries for each case.

Figure 3. This is the SharePoint eDiscovery Center.

To get started, click the Create New Case button. You will then be prompted to assign a name and an optional description to the case. Click OK to create the case.

A case is really nothing more than a SharePoint site that exists within the SharePoint site collection. The interface makes it easy to query SharePoint content (Figure 4).

Figure 4. This is an e-discovery case.

Searching content is only half of the e-discovery process. Query results are typically placed on legal hold so they can't be deleted, modified or purged at the end of the document lifecycle. When possible, e-discovery performs an in-place hold to minimize storage consumption. This keeps SharePoint from having to copy all of the documents on legal hold.

If a user attempts to modify a held document, SharePoint uses a copy-on-write operation, which allows the user to make the requested modification while also retaining an unmodified copy for legal reasons.

Other important things to know

The SharePoint eDiscovery Center is based on search queries, which in turn are based on the Search Service Application. This means an e-discovery operation can only return results for items visible to the Search Service Application. As such, you will have to build your eDiscovery Center around your Search Service Applications.

For example, if your organization uses five separate Search Service Applications to crawl specific SharePoint sites, then you will have to create a separate eDiscovery Center for each Search Service Application. This is because the eDiscovery Center is unable to return results that aren't visible to the associated Search Service Application.

While you plan your Search Service Application architecture, keep in mind that the eDiscovery Center can discover content on Lync and Exchange servers, as well -- you'll have to create a trust relationship between SharePoint and Exchange and/or Lync to do so. You'll also have to configure SharePoint to crawl the Exchange or Lync servers.

SharePoint 2013 makes it easy for admins to create an eDiscovery Center and perform the e-discovery process. The trick is to make sure the eDiscovery Center has the necessary rights to crawl all of the content you want to examine.

About the author
Brien Posey is an eight-time Microsoft MVP for his work with Windows Server, IIS, Exchange Server and file system storage technologies. Brien has served as CIO for a nationwide chain of hospitals and health care facilities, and was once responsible for IT operations at Fort Knox. He has also served as a network administrator for some of the nation's largest insurance companies.

This was first published in August 2013

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.