Why Computer Security Is Critical for Lawyers

138 views

Published on

It is crucial for the legal professionals to recognize cyber threats and take immediate action to defend against cyber intrusions of client data and other confidential information.

Published in: Law, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
138
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Why Computer Security Is Critical for Lawyers

  1. 1. Why Computer Security Is Critical for Lawyers It is crucial for the legal professionals to recognize cyber threats and take immediate action to defend against cyber intrusions of client data and other confidential information. Law firms are a prime target for cyber criminals as they store a large amount of valuable and sensitive confidential client information on their computer networks. The cyber risks for law firms are diverse and changing day by day with increased hacking and data interception threats and greater use of mobile devices and cloud computing. The New York Times in a recent article drew attention to the fact that a growing number of big corporate clients are asking their law firms to take more steps to guard against online intrusions that could compromise sensitive information. Cyber Risks – What Is Involved Cyber criminals may steal personal and confidential data. The theft and subsequent publication of confidential information held on a law firm's computer could be very damaging for both the law firm and its clients. Further risks may involve: o Cyber extortion: Cyber extortion is a crime that involves a cyber attack, or threat of it, against an organization coupled with a demand for money to stop the attack. The majority of cyber extortion episodes go unreported because victims mostly shun publicity. o Phishing and spear phishing: Phishing is the process by which cyber thieves are able to lure unsuspecting victims to a malicious link that executes malware. These malicious links are usually presented to a user through an e-mail message. Spear-phishing is particularly focused on a single user or department within an organization. Cyber criminals gather information about a victim, which is then used to construct a fraudulent email, intended to trick the victim. Rather than being obviously nefarious, these emails are very realistic.
  2. 2. o Free downloads: Be careful of sites that offer free viewing or downloading of copyrighted material. Such sites can deliver malware by exploiting a web browser. Once the web browser is compromised, additional malware can be queued to download. o Outdated software: Outdated software is often an easy target for cyber criminals wanting to gain unauthorized access to a computer. Therefore, updating all software regularly lowers the chance of a malware breakout. o Wi-Fi risks: Though legal professionals appreciate the convenience of mobile computing, mobile devices such as laptops, smartphones, and portable electronic storage devices pose distinct threats to data security. Wireless connections are vulnerable and may allow the interception of your confidential communications. Wi-Fi method is more commonly used than device-specific malware for stealing data from laptops and mobile devices. Remedies for Data Loss and Corruption Law firms are already bound by a number of different laws and regulations to address cyber security issues, including the SRA Code of Conduct, the Legal Services Act, the Data Protection Act, contract, tort law and the law of confidence. o Identify the true URL before clicking: Phishing attacks are not problematic unless the user clicks on the link to the malicious web server within the message. Before you click, “hover” your cursor over the link to see the true URL o Anti-virus software: An intrusion prevention system such as firewall or anti-virus software can be used to keep away attackers from gaining access to your network. o Encryption: Encryption safeguards data by scrambling it, making it useless without a password or security token. It is crucial to encrypt all protected information sent from or stored on any electronic device. Automated applications such as BoxCryptor, Cloudfogger, SecretSync or SugarSync can encrypt files at your desktop before they are transmitted to Cloud storage. The local software encrypts the files
  3. 3. using your encryption key and then sends the documents to your Cloud storage folder, such as Dropbox. Automated email encryption provided by ZixCorp can simply attach a file to an email and select “send encrypted.” Inbound messages from ZixCorp customers are automatically decrypted and delivered to the lawyer’s normal email inbox. Data Security and Legal Transcription Lawyers relying on professional legal transcription service providers for transcribing their legal reports, legal notes and dictation summaries and court transcripts should also ensure that the provider follows standard security measures to protect your client data. Before signing up for the project, ensure that the company uses advanced transcription software and provides safe file transfer options. Also make sure that the transcriptionists ensure confidentiality when handling sensitive legal information.

×