Summary of an article published in Lawyer Monthly (Dec 14) by Gary Tierney, HP, which reviews if law firms are protecting their data effectively.
Law firms across the world want air tight network infrastructures. But with a store of sensitive, confidential and often commercially valuable client data on file, law firms are now registering hackers’ radars.
As the threat of cyber-security breaches has increased, protecting sensitive client data, and ensuring appropriate privacy and security has become a major concern for HR departments, CEOs and Partners alike.
In August, the ICO issued a warning to law firms following a string of data breaches, reminding them that a serious breach of the Data Protection Act could result in a fine of up to £500,000.
Clearly, now is the time for law firms to get their cyber defences in order.
Accessing and sharing information
Sharing sensitive and legally protected information is something that law firms do day in day out – however this can lead to data leaks. In the past, protecting electronically stored data was simply a matter of protecting the device that the data was stored on, for example the hard-drive. Now, data flows across vast networks into clouds and datacentres stored miles away from where the data was originally entered. What’s more, data is now frequently accessible across a plethora of devices – from tablets and flash-drives to phones and printers.
That’s why a fundamental component of any Law firm’s data security strategy should include enabling two-step verification processes, activating additional personal password protection to prevent specific systems from being accessed by unauthorised users, as well as data encryption.
Securing your IT and printer technology
Computers and servers tend to be the first technologies to be secured within any IT infrastructure, yet businesses often overlook “behind-the-desk technologies” like printers. In fact 90% of organisations have suffered data loss through unsecured printing according to Quocirca.
There are several other ways in which unsecured printing can contribute to a security breach or data loss and these risks are commonly overlooked, but could be deadly.
Fortunately the likelihood of these issues arising can be reduced via securing your printer network. HP has been working with end users to reduce these risks, and their latest host of solutions – HP Jet Advantage – does just that by implementing the appropriate level of security to the printer as it is applied to the rest of the network.
Other options for securing your printers include user identification through PINs, installing physical computer locks, shielding on input trays, data encrypted protocols, smart cards, and beyond these, it is crucial that firms implement robust monitoring systems to identify any potential vulnerabilities or threats.
Securing your paper
Simple as it may seem, with the vast paper files that firms keep on record, improper handling of paper files remains a serious issue.
Law firms therefore need to implement policies on how to secure paper records and also when to dispose of them. As part of this, ongoing training to staff throughout the firm should also be provided to accentuate why those policies are needed and improve compliance reviews to ensure that the policies are adhered to.
With so many threats to data security, devising a protection mechanism that works for your firm will involve planning, testing and refining your strategy. Staff need to know what is expected of them and their own personal responsibility for keeping information safe. But keeping data secure also involves using the tools available to plug gaps in your technology and print infrastructure and making sure that security is reviewed and updated regularly.
Read the full news article by Gary Tierney, Category Director Printing & Personal Systems Group at HP in December’s Lawyer Monthly Magazine