Law Firm Computer System Security [Guest Post]
We thank Michael J. Molenda, ME, JD., Member of The Florida Bar Standing Committee on Technology for this guest post.
The legal industry has embraced the use of technology to be more efficient and accurate. The legal profession also needs to keep pace with government and corporate demands for vigilance, and updating as necessary. Cost and performance realities must be known. Cyber hackers, viruses, identity theft, and data protection are subjects of great concern for all law firms. Today, threats to data and systems is at the highest levels ever. All firms have obligations and duties to strive to provide confidentiality to their clients and employees. To accomplish this, the integrity of all software and hardware must be tracked for authorized and unauthorized attempts to use.
Access to firm data is the first phase of necessary protection. The firm’s user accounts should be verified by the user at least every other day. If an employee leaves or is terminated that user account must be closed and tested to verify closure. Client data must be identified as “privileged accounts” with limited access to the data. Only those people who need to know should have access and their credentials should be checked quarterly.
The firm must have a strong password policy. Passwords should be tested and changed at least once per quarter. Passwords should be at least 8 characters long and have unusual patterns of letters and numbers. Good examples include mal272wa45re and Red782rock. Two factor authentication is highly recommended. A CASB, Cloud Access Security Broker, should be utilized as an on premises policy enforcement point. They are placed between cloud service providers and cloud service customers. Cisco Cloud Lock, Norton 360, Microsoft, and Symantec are a few industry leaders. The use of cloud storage and data protection is highly recommended.
Everyone loses data at some time. Law firm servers, hard drives, phones, and cloud centers may fail or be hacked at any time. Ransomware could hold your files hostage or infiltrators could launch a virus and delete or steal important files. It is strongly recommended you back up your files frequently. A good cloud service should do this for you daily. It is not expensive to back up files. It is very expensive to recreate them. The 3-2-1 rule of computer memory protection is useful. Three complete copies of all memory with one off site (think hurricanes & COVID), two types of media storage (USB, back up drive etc.), and one cloud storage option.
Most cyberattack recognition is not that difficult to detect. Cyberattack clues include: files are slow to transfer or view, copy is larger, smaller, truncated, missing or discolored, printer to computer interface has changed, printer drivers damaged, printer no longer prints in color, the dreaded blue or black screens, emails are juxtaposed, email addresses are changed. and new pop ups appear. Once you realize you are hacked contact local law enforcement, the Florida Bar, and seek computer support. Do not communicate with any hacker by phone or email.
System failure should be planned for. The plan will help minimize the real consequences should they occur. With an adequate backup system in place your IT department or provider can monitor security measures and quickly react to a breach while a backup is utilized. Think of your computer back up as the generator to your home or office if primary power is lost The IT security goal is to limit the damage caused by breaches as well as prevent them.
With hackers constantly trying to invade computers and phones, information security must continue to evolve to prove law firm vigilance. Let IT professionals test, test, and test again to discover vulnerabilities. This is well worth the cost and is your duty.
The aforementioned ransomware is the newest form of hacking for profit and law firm disruption. The hacker gains access to the law firm’s computer or phone system and then encrypts the system which prevents use by the targeted firm. When a ransom is paid then the encryption code is given to the firm to unlock the systems affected. There may have been damage done or theft of data before ransom was paid. This is a highly profitable white collar crime which is nearly untraceable due to bitcoin or similar payment. Do not communicate with any ransom felon without law enforcement assistance.
A good way for you to start a review of your firm’s IT status is to ask five questions.
What am I trying to protect and how? What are my gaps and vulnerabilities? How do I set priorities with the budget I have? How can I outsource my IT needs? Where can I get help?
Every midsize and larger city in Florida has e-listings of computer service specialists. Colleagues are an excellent reference. Calling vendors to set up a 1 hour presentation is useful. The Florida Bar’s LegalFuel.com site also provides guidance on IT issues.
About the Author(s)
Michael J. Molenda
Bachelor of Science in Mechanical Engineering, Michigan Technological University
Juris Doctor, University of Miami
Past instructor of Business and Technology Law at Florida Atlantic University
Area of Practice – Intellectual Property Law, Compliance Law, Cyber Law
Palm Beach County, Florida