SlideShare a Scribd company logo

Secure Cloud For Legal Professionals

Z
ZitaAdlTrk

A presentation at Legalex 2019, a legal tech event for the British legal sector. Secure cloud for legal professionals. Presentation by a data protection counsel.

Law
1 of 20
Download to read offline
Secure Cloud for Legal Professionals Petra Kovacsics LL.M., Data Protection Counsel
Petra Kovacsics LL.M. Data Protection Counsel Introduction Agenda 1. The most significant cyber threats for law firms 2. Moving to the cloud – pros and cons 3. The Solicitors Regulation Authority (SRA) Code of Conduct 4. The Bar Council’s Recommendations relevant provisions
The most significant cyber threats that law firms should be aware of Source: National Cyber Security Centre: The cyber threat to UK legal sector 2018 PHISHING The amount stolen from law firms through phishing in the first quarter of 2017 was 300% higher than the previous year. HUMAN ERROR Over 50% of data breaches are caused by insiders. RANSOMWARE WannaCry incident in May 2017, which affected 200,000 computers in 24 hours. SUPPLY CHAIN COMPROMISE Supply chain compromises have increased significantly - as much as 200% in 2017.
Cyber threats cost time and money for UK businesses 60%of law firms reported suffering some form of security incident in 2018 46%of law firms reported loss or leakage of confidential information caused by their own staff ₤113is the per capita cost for each lost or stolen record 20%rise occurred in cyber-attacks on law firms since last year Sources: 2018 Cost of a Data Breach Study: Global Overview by Ponemon Institute PWC Law Firms’ Survey 2018
If a law firm does not safeguard confidential client information and client communications, they could involuntarily violate the duty of confidentiality and suffer devastating reputational damage. In other words, these rules require lawyers to not only keep abreast of the law but technology, as well.
PROS CONS Moving confidential data to the cloud – pros and cons
Companies have serious security concerns regarding moving to the cloud × Possibility of data loss × Possibility of data leakage × Losing control: who has access to my data? Who can modify my documents? × Possibility of being hacked
Does this mean law firms are not supposed to use cloud services?
What do legal professionals use now? The majority of legal professionals use consumer-grade cloud services to store and share documents. 100-499 lawyers 500+ lawyers Dropbox 54% 47% Google Docs 25% 32% iCloud 18% 32% Many others still use on-premise solutions as they have security and backup concerns regarding the cloud. Source: PWC Law Firms’ Survey 2017
Legal businesses have to be more careful when choosing a cloud provider.
The Solicitors Regulation Authority (SRA) Code of Conduct
SRA best practice for due diligence and to improve security ❑ Provider must be at a minimum compliant with ISO27001:2013. ❑ Secure communication channels while working on the move. ❑ Use automatic client-side encryption. ❑ Work with providers based in countries with strict data protection laws.
The Bar Council’s Recommendations relevant provisions
Bar Council Criteria #1: Store data on EU servers Remote servers used to store data should be in countries with adequate data protection regime.
Bar Council Criteria #2: Encrypt personal data in the cloud Providers applying server-side encryption store encryption keys and passwords on their servers, so their admins can see the stored files. With end-to-end encryption, these keys are not revealed to the provider, hence, the only people able to see the content are the ones with permission.
Bar Council Criteria #2: Encrypt personal data in the cloud Server-side encryption The encryption key is stored in the cloud in plaintext format, therefore the cloud provider can see your data.
Bar Council Criteria #2: Encrypt personal data in the cloud End-to-end encryption Only you and your recipients have the key to decrypt and see the files.
Bar Council Criteria #3: Use a zero knowledge provider Storing password and encryption keys in the cloud makes the stored data vulnerable – if the cloud provider can read it, so can hackers. Providers offering zero knowledge encryption do not store passwords, so the documents are absolutely secure.
Not all cloud providers are created equal
Read more about how Tresorit can help legal professionals work securely and productively in the cloud or read a customer testimony from Apogee Law Group. Try Tresorit for FREE Take the opportunity to try our ultra-secure service for free Schedule a live demo Learn more about Tresorit and cloud encryption from our experts The materials available in this presentation are for informational purposes only and do not constitute legal advice. To obtain advice with respect to a particular issue, you should contact your attorney.

Recommended

Is your cloud GDPR compliant?
Is your cloud GDPR compliant?Is your cloud GDPR compliant?
Is your cloud GDPR compliant?Jacklin Berry
 
20181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 36520181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 365Arjan Cornelissen
 
Data Security For Insurance Solutions
Data Security For Insurance SolutionsData Security For Insurance Solutions
Data Security For Insurance SolutionsSeclore
 
Azure Privacy & GDPR @ Service Management World
Azure Privacy & GDPR @ Service Management WorldAzure Privacy & GDPR @ Service Management World
Azure Privacy & GDPR @ Service Management WorldJP Clementi
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Customer Data Privacy & Protection | Seclore
Customer Data Privacy & Protection | SecloreCustomer Data Privacy & Protection | Seclore
Customer Data Privacy & Protection | SecloreSeclore
 
Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions Seclore
 
Encryption During Communication
Encryption During CommunicationEncryption During Communication
Encryption During CommunicationPECB
 

Recommended

Is your cloud GDPR compliant?
Is your cloud GDPR compliant?Is your cloud GDPR compliant?
Is your cloud GDPR compliant?Jacklin Berry
 
20181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 36520181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 365Arjan Cornelissen
 
Data Security For Insurance Solutions
Data Security For Insurance SolutionsData Security For Insurance Solutions
Data Security For Insurance SolutionsSeclore
 
Azure Privacy & GDPR @ Service Management World
Azure Privacy & GDPR @ Service Management WorldAzure Privacy & GDPR @ Service Management World
Azure Privacy & GDPR @ Service Management WorldJP Clementi
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Customer Data Privacy & Protection | Seclore
Customer Data Privacy & Protection | SecloreCustomer Data Privacy & Protection | Seclore
Customer Data Privacy & Protection | SecloreSeclore
 
Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions Seclore
 
Encryption During Communication
Encryption During CommunicationEncryption During Communication
Encryption During CommunicationPECB
 
20181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 36520181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 365Arjan Cornelissen
 
Securing IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSecuring IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSeclore
 
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdfSania Baker
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore
 
CWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCapgemini
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_ImplementedBrandon Walston
 
Seclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore
 
Seclore Advantage Channel Program
Seclore Advantage Channel ProgramSeclore Advantage Channel Program
Seclore Advantage Channel ProgramSeclore
 
Email encryption plus | Seclore
Email encryption plus | SecloreEmail encryption plus | Seclore
Email encryption plus | SecloreSeclore
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreSeclore
 
C:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionC:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionYustinus Simon
 
Inbound Data Protection
Inbound Data ProtectionInbound Data Protection
Inbound Data ProtectionSeclore
 
Seclore Decrypter For Email
Seclore Decrypter For EmailSeclore Decrypter For Email
Seclore Decrypter For EmailSeclore
 
7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By StellariseElena Tatarenkova
 
Data security
Data securityData security
Data securityAbdulBasit938
 
IRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreIRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreSeclore
 
GDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreGDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreSeclore
 
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerMimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerEliza Hedegaard
 
Data security
Data securityData security
Data securityTapan Khilar
 
The Ins and Outs of Data Security: Kareo Success Summit
The Ins and Outs of Data Security: Kareo Success SummitThe Ins and Outs of Data Security: Kareo Success Summit
The Ins and Outs of Data Security: Kareo Success SummitKareo
 
Data breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerData breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerZitaAdlTrk
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsCloudMask inc.
 

More Related Content

What's hot

20181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 36520181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 365Arjan Cornelissen
 
Securing IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSecuring IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSeclore
 
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdfSania Baker
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore
 
CWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCapgemini
 
Seclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore
 
Seclore Advantage Channel Program
Seclore Advantage Channel ProgramSeclore Advantage Channel Program
Seclore Advantage Channel ProgramSeclore
 
Email encryption plus | Seclore
Email encryption plus | SecloreEmail encryption plus | Seclore
Email encryption plus | SecloreSeclore
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreSeclore
 
C:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionC:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionYustinus Simon
 
Inbound Data Protection
Inbound Data ProtectionInbound Data Protection
Inbound Data ProtectionSeclore
 
Seclore Decrypter For Email
Seclore Decrypter For EmailSeclore Decrypter For Email
Seclore Decrypter For EmailSeclore
 
7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By StellariseElena Tatarenkova
 
IRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreIRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreSeclore
 
GDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreGDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreSeclore
 
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerMimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerEliza Hedegaard
 
The Ins and Outs of Data Security: Kareo Success Summit
The Ins and Outs of Data Security: Kareo Success SummitThe Ins and Outs of Data Security: Kareo Success Summit
The Ins and Outs of Data Security: Kareo Success SummitKareo
 

What's hot (20)

20181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 36520181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 365
 
Securing IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSecuring IBM ECM with Rights Management
Securing IBM ECM with Rights Management
 
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLP
 
CWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trust
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_Implemented
 
Seclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | Seclore
 
Seclore Advantage Channel Program
Seclore Advantage Channel ProgramSeclore Advantage Channel Program
Seclore Advantage Channel Program
 
Email encryption plus | Seclore
Email encryption plus | SecloreEmail encryption plus | Seclore
Email encryption plus | Seclore
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | Seclore
 
C:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionC:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_lossprevention
 
Inbound Data Protection
Inbound Data ProtectionInbound Data Protection
Inbound Data Protection
 
Seclore Decrypter For Email
Seclore Decrypter For EmailSeclore Decrypter For Email
Seclore Decrypter For Email
 
7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise
 
Data security
Data securityData security
Data security
 
IRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreIRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | Seclore
 
GDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreGDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | Seclore
 
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerMimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
 
Data security
Data securityData security
Data security
 
The Ins and Outs of Data Security: Kareo Success Summit
The Ins and Outs of Data Security: Kareo Success SummitThe Ins and Outs of Data Security: Kareo Success Summit
The Ins and Outs of Data Security: Kareo Success Summit
 

Similar to Secure Cloud For Legal Professionals

Data breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerData breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerZitaAdlTrk
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsCloudMask inc.
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
The CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticThe CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticEchoworx
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänsterTranscendent Group
 
Data Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfData Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfCiente
 
Carrying out safe exploration short of the actual data of codes and trapdoors
Carrying out safe exploration short of the actual data of codes and trapdoorsCarrying out safe exploration short of the actual data of codes and trapdoors
Carrying out safe exploration short of the actual data of codes and trapdoorsIaetsd Iaetsd
 
Are you preparing for GDPR?
Are you preparing for GDPR?Are you preparing for GDPR?
Are you preparing for GDPR?Chris Bullock
 
What is cloud encryption
What is cloud encryptionWhat is cloud encryption
What is cloud encryptionPrancer Io
 
Ethics and Security of Cloud Computing for Lawyers
Ethics and Security of Cloud Computing for LawyersEthics and Security of Cloud Computing for Lawyers
Ethics and Security of Cloud Computing for LawyersRobert Ambrogi
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020Ulf Mattsson
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsCyberhunter Cyber Security
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkIOSR Journals
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfDataSpace Academy
 
cloudThing GDPR Information Guide - Scott Jenkins
cloudThing GDPR Information Guide - Scott JenkinscloudThing GDPR Information Guide - Scott Jenkins
cloudThing GDPR Information Guide - Scott JenkinsCloud Thing
 
Guarding Your Digital Fortress: Advanced Data Security Options in Kolkata at ...
Guarding Your Digital Fortress: Advanced Data Security Options in Kolkata at ...Guarding Your Digital Fortress: Advanced Data Security Options in Kolkata at ...
Guarding Your Digital Fortress: Advanced Data Security Options in Kolkata at ...Webcraftzs Technologies
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxInfosectrain3
 
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110guestd7fc9c
 

Similar to Secure Cloud For Legal Professionals (20)

Data breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerData breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in Danger
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law Firms
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMask
 
The CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticThe CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be cryptic
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänster
 
Data Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfData Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdf
 
Carrying out safe exploration short of the actual data of codes and trapdoors
Carrying out safe exploration short of the actual data of codes and trapdoorsCarrying out safe exploration short of the actual data of codes and trapdoors
Carrying out safe exploration short of the actual data of codes and trapdoors
 
Are you preparing for GDPR?
Are you preparing for GDPR?Are you preparing for GDPR?
Are you preparing for GDPR?
 
What is cloud encryption
What is cloud encryptionWhat is cloud encryption
What is cloud encryption
 
Ethics and Security of Cloud Computing for Lawyers
Ethics and Security of Cloud Computing for LawyersEthics and Security of Cloud Computing for Lawyers
Ethics and Security of Cloud Computing for Lawyers
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutions
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
 
cloudThing GDPR Information Guide - Scott Jenkins
cloudThing GDPR Information Guide - Scott JenkinscloudThing GDPR Information Guide - Scott Jenkins
cloudThing GDPR Information Guide - Scott Jenkins
 
Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?
 
CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
 
Guarding Your Digital Fortress: Advanced Data Security Options in Kolkata at ...
Guarding Your Digital Fortress: Advanced Data Security Options in Kolkata at ...Guarding Your Digital Fortress: Advanced Data Security Options in Kolkata at ...
Guarding Your Digital Fortress: Advanced Data Security Options in Kolkata at ...
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptx
 
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
 

Recently uploaded

pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxPSSPRO12
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxRRR Chambers
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...James Watkins, III JD CFP®
 
一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书 一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书SS A
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书SS A
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteDeepikaK245113
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdfSUSHMITAPOTHAL
 
Essentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmmEssentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmm2020000445musaib
 
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxxAudience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxxMollyBrown86
 
PowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxPowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxca2or2tx
 
Introduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionIntroduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionAnuragMishra811030
 
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdfBPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdflaysamaeguardiano
 
INVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptxINVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptxnyabatejosphat1
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhaiShashankKumar441258
 
Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxfilippoluciani9
 
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881mayurchatre90
 
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceanilsa9823
 
Transferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptxTransferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptx2020000445musaib
 

Recently uploaded (20)

pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...
 
一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书 一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statute
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
Essentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmmEssentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmm
 
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxxAudience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
 
PowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxPowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptx
 
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Introduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionIntroduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusion
 
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdfBPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
 
INVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptxINVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptx
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
 
Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptx
 
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
 
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
 
Transferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptxTransferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptx
 

Secure Cloud For Legal Professionals

  • 1. Secure Cloud for Legal Professionals Petra Kovacsics LL.M., Data Protection Counsel
  • 2. Petra Kovacsics LL.M. Data Protection Counsel Introduction Agenda 1. The most significant cyber threats for law firms 2. Moving to the cloud – pros and cons 3. The Solicitors Regulation Authority (SRA) Code of Conduct 4. The Bar Council’s Recommendations relevant provisions
  • 3. The most significant cyber threats that law firms should be aware of Source: National Cyber Security Centre: The cyber threat to UK legal sector 2018 PHISHING The amount stolen from law firms through phishing in the first quarter of 2017 was 300% higher than the previous year. HUMAN ERROR Over 50% of data breaches are caused by insiders. RANSOMWARE WannaCry incident in May 2017, which affected 200,000 computers in 24 hours. SUPPLY CHAIN COMPROMISE Supply chain compromises have increased significantly - as much as 200% in 2017.
  • 4. Cyber threats cost time and money for UK businesses 60%of law firms reported suffering some form of security incident in 2018 46%of law firms reported loss or leakage of confidential information caused by their own staff ₤113is the per capita cost for each lost or stolen record 20%rise occurred in cyber-attacks on law firms since last year Sources: 2018 Cost of a Data Breach Study: Global Overview by Ponemon Institute PWC Law Firms’ Survey 2018
  • 5. If a law firm does not safeguard confidential client information and client communications, they could involuntarily violate the duty of confidentiality and suffer devastating reputational damage. In other words, these rules require lawyers to not only keep abreast of the law but technology, as well.
  • 6. PROS CONS Moving confidential data to the cloud – pros and cons
  • 7. Companies have serious security concerns regarding moving to the cloud × Possibility of data loss × Possibility of data leakage × Losing control: who has access to my data? Who can modify my documents? × Possibility of being hacked
  • 8. Does this mean law firms are not supposed to use cloud services?
  • 9. What do legal professionals use now? The majority of legal professionals use consumer-grade cloud services to store and share documents. 100-499 lawyers 500+ lawyers Dropbox 54% 47% Google Docs 25% 32% iCloud 18% 32% Many others still use on-premise solutions as they have security and backup concerns regarding the cloud. Source: PWC Law Firms’ Survey 2017
  • 10. Legal businesses have to be more careful when choosing a cloud provider.
  • 11. The Solicitors Regulation Authority (SRA) Code of Conduct
  • 12. SRA best practice for due diligence and to improve security ❑ Provider must be at a minimum compliant with ISO27001:2013. ❑ Secure communication channels while working on the move. ❑ Use automatic client-side encryption. ❑ Work with providers based in countries with strict data protection laws.
  • 14. Bar Council Criteria #1: Store data on EU servers Remote servers used to store data should be in countries with adequate data protection regime.
  • 15. Bar Council Criteria #2: Encrypt personal data in the cloud Providers applying server-side encryption store encryption keys and passwords on their servers, so their admins can see the stored files. With end-to-end encryption, these keys are not revealed to the provider, hence, the only people able to see the content are the ones with permission.
  • 16. Bar Council Criteria #2: Encrypt personal data in the cloud Server-side encryption The encryption key is stored in the cloud in plaintext format, therefore the cloud provider can see your data.
  • 17. Bar Council Criteria #2: Encrypt personal data in the cloud End-to-end encryption Only you and your recipients have the key to decrypt and see the files.
  • 18. Bar Council Criteria #3: Use a zero knowledge provider Storing password and encryption keys in the cloud makes the stored data vulnerable – if the cloud provider can read it, so can hackers. Providers offering zero knowledge encryption do not store passwords, so the documents are absolutely secure.
  • 19. Not all cloud providers are created equal
  • 20. Read more about how Tresorit can help legal professionals work securely and productively in the cloud or read a customer testimony from Apogee Law Group. Try Tresorit for FREE Take the opportunity to try our ultra-secure service for free Schedule a live demo Learn more about Tresorit and cloud encryption from our experts The materials available in this presentation are for informational purposes only and do not constitute legal advice. To obtain advice with respect to a particular issue, you should contact your attorney.