Instant Insights / Is Your Law Firm’s Data Secure Enough? Probably Not.

Cyberattacks are a fast-moving target, and it’s imperative that law firms, with their confidential client information, get ahead of them. Law.com’s reporting, however, shows that many law firms are poised to get caught flatfooted should hackers infiltrate their data. In this Instant Insights, we look at where the security holes are and what law firms should do to get up to speed.


Thank you for sharing!

Your article was successfully shared with the contacts you provided.

Law firms are obligated to protect their client’s data, as dictated by federal and state laws as well as local jurisdictional ethics rules. You’ll read and understand the relevant rules—you’re a lawyer, that’s basically what you do. Technical compliance, however, is where the rubber meets the road. Leaving aside the matter of data breach reporting, to focus on the preliminary issue of data protection, questions of technical compliance, at a number of levels, come to the fore.

Data hackers are relentlessly poking at systems, in order to find weaknesses. It’s telling that a common technique is known as a brute force attack. Throwing everything they have in a concentrated blast at one part of the wall before moving on to the next is basic siege mechanics for hackers. So, in order to effectively track your data, it’s important to protect it at all levels— and, there are a lot of layers here to look after.

Take the humble Microsoft Word document, and consider the myriad ways it might be subject to exposure. At the document level, you’ve got the potential for exposed metadata (essentially buried information about edits), as well as questions about restrictions on document access: Is it encrypted? Do viewers have “read-only” access, or which ones have read-only access? Can the document be forwarded, or printed? Will access to the document expire after a set time period? You can trigger basic protections like those alluded to above within Microsoft Word, or even via conversion to a PDF management program, like Adobe Acrobat; but, unless you’re asking relevant questions related to data security, and acting on those, you’re potentially exposing sensitive data.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

Advanced Private Equity Term Sheets and Series A DocumentsBook

This encyclopedic legal business guide is packed with state-of-the-art analysis, forms and commentary, all designed to help you master the most crucial stages of the...

Get More Information

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.