Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Advances in technology are often made ahead of the curve in regard to public policy. It is quite often possible to do something technically, but not an acceptable practice to implement for either security or privacy reasons. For example, it is possible to have someone’s complete medical record available electronically, and stored somewhere so that whenever the individual goes to a new doctor, the doctor would have a complete history on the patient, and even the patient’s relatives. But because of privacy and security issues, that is not a common practice. The same issues relating to client confidentiality and security affect lawyers as well. As discussed in previous columns, it is technically possible to make a lawyer’s files accessible anywhere, which can provide for great convenience whenever traveling or working from home. But security issues can put a damper on that mobility. Wireless networks can be set up easily by a user without extensive IT experience. Many of these products are made for the home or small office, and can be assembled out of the box, with little advance knowledge. However, because they are so simple to set up, they come with the “lowest common denominator” security settings for ease of use. That means any computer near the network may be able to access it. Wireless networks in a small firm are a great feature. They can eliminate the hardwiring of workstations, and allow users to wander around more freely in the office. If a user goes to one of the “hot spots” Philadelphia has set up, such as in Love Park, he or she can access data on a machine back in the office. But most likely the machines set up in a firm to accept outside connections are not fully networked machines complete with security protocols, but simply “shared” workstations. But if the attorney can access that data, so can a hacker, unless a level of security is installed. One of the techniques hackers use is called “packet sniffing,” which allows them to intercept and copy any of the data being sent out over the wireless network. While this may not matter much in a home environment, it certainly does when law firm client records are involved. Before any fancy software or detection system is installed on your computer, one of the most basic concepts is to make sure that the administrator user name and password are not common. For example, in Windows 2000, don’t let the administrator username be “administrator” and the password be blank. Likewise, under any version of Windows, make sure that any regular user on the machine does not have administrator rights to it. The next step in ensuring security is installing a personal firewall on the device being accessed from the outside, and turning off file sharing. An inexpensive product from Norton or McAfee is the first step in this direction. For example, a five-user license for Norton Personal Firewall costs around $175. You can also use the Windows XP Professional personal firewall as well. Once the network is set up it’s important to also see if any unauthorized access points have been made. A network scanner, such s GFI LanGuard ( http://www.gfi.com ), checks the network for all potential methods that a hacker might use to attack the network by finding vulnerabilities. Depending on the content of the machine, another level of security may be to require any outside access to a network be through a virtual private network. Only established users on a VPN can access the network, eliminating the possibility of unauthorized users. Hardware settings on your wireless network router, which usually come with the default settings on, can be changed to provide another level of security. MAC addressing and WEP encryption, also settings with your network router, can be enabled as well to provide additional security. Consult your hardware documentation for more information on these settings. To get a better handle on wireless networks and wireless network hacking, read through a few books on the subject. Wi-Fo The Secrets of Wireless Hackingby Andrew Vladimirov, Konstantin V. Gavrilenko and Andrei A. Mikhailovsky, or WarDriving: Drive, Detect, Defend, A Guide to Wireless Securityby Chris Hurley provide a good start. So as you can see, the concept of wireless networks is very appealing, but when put into practice, the benefits may not outweigh the policy issues, particularly for a small firm or solo practitioner who does not have the time to invest in heavy duty network security. BRIAN R. HARRIS is the database administrator for the American Lawyer Media-Pennsylvania division and the former editor-in-chief ofThe Legal Intelligencer . Harris can be contacted at [email protected].

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

Reprints & Licensing
Mentioned in a Law.com story?

License our industry-leading legal content to extend your thought leadership and build your brand.


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.