How to optimize EnCase for a work-from-home workforce

The current global situation has necessitated home-working by many millions of employees, but in the legal and law-enforcement world, there is still a requirement to…

OpenText profile picture
OpenText

March 20, 20204 minute read

Descriptive text explaining the contents of the image.

The current global situation has necessitated home-working by many millions of employees, but in the legal and law-enforcement world, there is still a requirement to investigate, respond to eDiscovery requests or maintain a secure environment with rapid incident response capabilities.

We introduced flexible deployment options for our OpenText™ EnCase™ solutions a number of years ago, and while the best practice for remote workers is a persistent connection to a VPN, we know this will not always be possible. And so, to help home-based employees to stay productive, following are some tips to help you overcome common “work-from-home” challenges and fully leverage OpenText™ EnCase™ Endpoint Investigator, OpenText™ EnCase™ eDiscovery and OpenText™ EnCase™ Endpoint Security.

NOTE: ALL FUNCTIONALITY AND OPTIONS DESCRIBED BELOW ARE AVAILABLE TO CUSTOMERS TODAY WITH NO ADDITIONAL CHARGES. AND IF YOU NEED ANY ASSISTANCE ON ANYTHING RELATING TO YOUR ENCASE SOLUTION, CONTACT US AT EnCaseWFHsupport@opentext.com.

The Enhanced Agent

EnCase Endpoint Investigator, EnCase eDiscovery and EnCase Endpoint Security all support Enhanced Agent functionality critical to extending capabilities out to a remote workforce. If you have yet to configure the Enhanced Agent for use in your environment, now is the time to ensure the functionality is enabled and deployed.

The Enhanced Agent is designed to perform operations local to the employee system, pushing back results whenever VPN connection is re-established. For EnCase Endpoint Investigator and EnCase eDiscovery, this means confidently conducting investigations and performing eDiscovery collections. For EnCase Endpoint Security, this means persistent real-time threat detection on and off the network.

To assist in managing bandwidth constraints, the Enhanced Agent does not require an all-or-nothing approach. If you are only interested in critical devices/employees, you can restrict the use of the Enhanced Agent to meet those needs.

Sometimes it’s not practical to wait for VPN connectivity to receive results. In that case, all you need is a cloud-based repository with a public-facing UNC path and EnCase can be configured to point to that path for data transmission.

The Check-in Agent (EnCase Endpoint Investigator only)

As an alternative to the Enhanced Agent approach, EnCase Endpoint Investigator supports a feature known as “Check-in Agent” where the standard Passive Agent can be configured to ‘check-in’ upon a VPN connection for specific operations such as Sweep Enterprise, Snapshot and File Processor jobs. Alternatively, a SAFE can be set up in the DMZ for check-in functionality, and the Snapshot job can even be set to run continuously with this option.

While job validation is not supported for Check-in agent-based jobs – if a device disconnects the job is simply marked as “completed” – many customers feel having this option is better than no ability at all. Therefore, we recommend this option only if the Enhanced Agent approach is not one you are able to take.

Unlimited Components

As a customer of EnCase Endpoint Investigator, EnCase eDiscovery, or EnCase Endpoint Security you are entitled to ‘all-you-can-eat’ software components allowing you to scale out operations to cover all situations, and ensuring that your  EnCase architecture is set up in an optimal way to overcome bandwidth, resource or geographical constraints.

EnCase Portable devices (EnCase Endpoint Investigator only)

EnCase Endpoint Investigator can be used to create a “portable” collection USB. This device can then be mailed to wherever an employee is working for on-site collection. No EnCase knowledge is needed by the person performing the collection on-site.

For specific questions related to the use or configuration of your EnCase products as your organization maintains work-from-home policies, please email us at EnCaseWFHsupport@opentext.com. For more information on the tips covered above, check out the relevant user guides here.

Share this post

Share this post to x. Share to linkedin. Mail to
OpenText avatar image

OpenText

OpenText, The Information Company, enables organizations to gain insight through market-leading information management solutions, powered by OpenText Cloud Editions.

See all posts

More from the author

Three key aspects of being a threat hunter  

Three key aspects of being a threat hunter  

In today’s digital landscape, the role of a threat hunter has become indispensable. As cyber threats grow increasingly sophisticated, the need for professionals who can…

5 minute read

Fax and figures – automate your fax processes for maximum productivity

Fax and figures – automate your fax processes for maximum productivity

Manual fax processing isn’t scalable

4 minute read

Insights on AI and ISO 20022: OpenText helps shape the narrative at the Payments Canada Summit

Insights on AI and ISO 20022: OpenText helps shape the narrative at the Payments Canada Summit

The 2024 Payments Canada Summit recently concluded, bringing together industry leaders, innovators, and key stakeholders to discuss the most recent trends and insights in payments….

5 minute read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.

Sign up