Legal firms are a rich repository of corporate secrets, business strategies and intellectual property. For the same reason, they are often targets for cyber thieves and spies. With the greater use of mobile devices and cloud computing, the cyber risks for law firms are diverse, with increased hacking and data interception threats.
Conflicting client standards, management challenges, resistance to new technology and lack of State bar mandates may be the reasons that keep lawyers from implementing additional data security measures.
A recent New York Times article has sparked an interesting discussion in the legal community about data security measures at law firms. The article reports that big corporate clients are asking their law firms to take more steps to guard against online intrusions that could compromise sensitive information.
Remote intrusion, the primary concern with regard to computer security is, usually by way of malicious software, otherwise known as “malware” or a “virus”. An intrusion prevention system such as firewall and anti-virus software can be used to keep away attackers from gaining access to your network.
While Wall Street banks are pressing outside legal firms to ensure that their computer systems employ top-tier technologies to detect and deter attacks from hackers, some financial institutions are asking them to fill out lengthy 60-page questionnaires detailing their cyber security measures, while others are doing on-site inspections. Other companies are asking law firms to stop putting files on portable thumb drives, emailing them to non-secure iPads, and working on computers linked to a shared network in countries such as China and Russia where hacking is prevalent, said the people briefed on the matter.
An important thing to note in the context of the numerous security threats is the practice of legal process outsourcing, including legal transcription outsourcing. It is crucial to ensure that the staffs at the chosen legal Firm Transcription/legal process outsourcing company knows the importance of ensuring the security and confidentiality of the legal records they handle. They should ideally have in place innovative measures to avoid information leaks. Secure file transfer options are a must; moreover, it should be ensured that client data cannot be accessed at any cost without proper authorization. Specialized law firms dealing with healthcare data such as Workers Compensation, personal Injury or social security disability etc have to maintain high security and also focus on HIPAA compliance. The push from corporate clients is expected to have more impact on changing law firms’ approaches in handling online security.