Insurers and other corporations need to develop systems to protect the authenticity of electronic documents, says a risk expert from Marsh Kroll Inc.[@@]
If they fail to develop an effective authentication system, they risk losing valuable evidence that could support their case in a court proceeding, according to Alan Brill, a member of Kroll, a subsidiary of Marsh & McLennan Companies, New York. His comments came during an on-line panel discussion on risk sponsored by MMC.
Despite the investment in electronic security, the average loss per security breach incident is greater that $200,000, Brill said. For financial institutions and insurers, the 2 major concerns are loss of proprietary information and unauthorized access to networks.
When an incident does occur and an insurer begins to develop its legal case, electronic records will be increasingly important. There is also the growing "CSI" phenomenon (named after the TV program), where juries expect to see forensic evidence that back up litigants' claims.
One problem with those records is lack of redundancy within the computer systems. Each time a record is opened, the record is altered, damaging the authenticity of the records, Brill said. He recommended companies create storage facilities, or logs, within their networks to document and copy records to show changes, who made them and when.
"The relevant records in criminal and civil cases are likely to be some form of digital log or digital record on a computer, server, or storage network or some form of back-up media," he said.