unfold-more book menu mail print close check keyboard-arrow-up keyboard-arrow-right keyboard-arrow-left keyboard-arrow-down align-justify links presentations articles file-o plus cancel plus2 linkedin youtube twitter instagram facebook google plus search

Recent News

What a Good Data Security Program Looks Like 

Law firms need a data security plan. Here is an outline of the major points that should be considered in the structure of law firm data security programs.

  • Management level responsibility for security. Data security cannot simply be farmed out to IT consultants. Lawyers need to be involved because of their obligation to assure confidentiality of client information.
  • Continuous monitoring of security developments. Threats to data security change frequently. Firms need a way to learn about these threats and deal with them.
  • Physical protection of machines. Systems are easier to compromise when equipment can be accessed by third parties. Review who has access to computer equipment, including cleaning crews.
  • Asset Management.  It is impossible to know if a threat affects you if you don’t know what software and hardware your office uses.
  • Human resource management: hiring, termination, training, monitoring. Many security breaches come from within. Usually these are caused by lack of training, but internal malicious activity threats must be considered.
  • Response planning. Despite best efforts, data breaches may occur. Know the law on reporting of breaches, and design response plans that can be quickly implemented.
  • Auditing, testing and certification. There are many ways to test and certify systems. Consider penetration tests to see where security vulnerabilities exist.

By Jett Hanna