Is Your Client and Firm Data Secure?aderantuser
How confident are you that your firm’s confidential and privileged data is safe? If your law firm resembles most in the world today, your employees regularly use unencrypted email and routinely store files on flash drives. You probably also have temporary and contract hires that come and go depending on the firm’s workload, and these employees may not be completely familiar with your firm’s current security protocols.
These common scenarios have recently been identified as key security risks for the typical firm. To highlight the scope of these risks, last May LexisNexis published the results of a survey of nearly 300 legal professionals. Their answers revealed that more than 70% of law firms view file sharing as “increasingly important” and 89% use unencrypted email as “the dominant means for sharing privileged communications.” And despite firms being mostly aware of the enormous risks of disclosing their confidential data, 77% still reported “that their primary means of securing documents is a confidentiality statement below the body of an email.”
As the New York Times recently noted in a story titled Law Firms Are Pressed on Security for Data, both clients and law enforcement have already taken notice of the lack of data security at many top firms. Corporate clients are demanding that more stringent measures be taken, while government officials are concerned with serious weaknesses that can be exploited. According to the story, the “vulnerability of American law firms to online attacks is a particular concern to law enforcement agencies because the firms are a rich repository of corporate secrets, business strategies and intellectual property.”
This data-security challenge shouldn’t lead to despair among your partners, however, since there are concrete steps your firm can take to lessen the risk. For example, the Law360 blog recently set forth the 5 Ways Law Firms Can Avoid a Data Breach Nightmare, and their list would be an excellent starting point for firms who are confronting these issues for the first time. Perhaps the two most important steps consist of educating yourself and your firm about the various data security issues, and then establishing a team to implement your security plan.
Moving your data to the cloud is another option that is gaining in popularity among firms. In a piece titled No Need to Fear Hanging in the Cloud, a senior attorney for Microsoft recently argued that firms had a number of good reasons to shift their practices to the cloud, including the enhanced data security. While this solution might not work for every firm, the important takeaway is that you can’t ignore your data security. It’s an ongoing problem that will likely get worse as networked devices proliferate at the law office.