A server administrator receives an email with a PDF attachment identified as a subpoena from a law firm. The subpoena commands the immediate release of all email communications and user files for a specific employee. What is the MOST appropriate initial action for the administrator to take?
Implement a legal hold on the employee's data to prevent alteration or deletion.
Begin exporting the requested data to a secure, isolated folder.
Contact the law firm that issued the subpoena to verify its authenticity.
Forward the subpoena to the company's legal department and await guidance.
The correct action is to immediately forward the subpoena to the organization's legal counsel or designated legal department. It is the legal team's responsibility to validate the subpoena's authenticity, determine its scope, and decide on the appropriate response. An administrator should not act on a legal request without direction from counsel to avoid legal risks, such as contempt of court or improper disclosure of data. While placing a legal hold is a crucial part of the process, it should only be done after the legal department has validated the request and given instructions to do so. Directly compiling data or contacting the issuing party is incorrect as these actions bypass necessary legal review and could create liability for the organization.