A Law Firm’s Guide To Managed IT Services

Law Firm Managed IT Services

Law Firm Managed IT Services

Technological downtime can make or break a law firm. Even an hour of downtime can cost a small or medium firm as much as $250,000.

What Exactly Can Go Wrong?

Unfortunately, Murphy’s Law has been known to apply in legal cases, meaning if there is an opportunity for things to go wrong they will. It is important that your firm has a dedicated professional, our team of professionals, either inside or outside the firm that can honor your firm’s confidentiality and keep potential problems at bay and/or under control. Some potential issues include

Case Management Issues

Filing is most efficient when stored electronically. They manage related documents, billing, and customer relationships

Security Problems

Reputation is everything for a law firm, and that extends to the attorneys and other staff at the firm. Still, even with so much on the line, the American Bar Association found that as many as a quarter of firms did not have security policies in place. Nothing puts a damper on a firm’s reputation, or even on specific lawyers than a security breach,

Compliance Issues and Software Integration

Various industries and professions have their own set of confidentiality agreements, that any legal team that works with the company needs to follow in order to protect clients, consumers, and any others involved. Some of these include Health Insurance Portability and Accountability (HIPAA), the Gramm-Leach-Billey Act of 1999 (GLB) and the Sarbanes-Oxley Act (SOX). Following these privacy acts means that legal professionals are prevented from disclosing information. The same discretion needs to translate to technology compliance.It is necessary to have software in place that can handle this responsibility, and see to it that attorneys and anyone else with access can run any necessary software correctly and efficiently without violating compliance standards.

Internal Collaboration

Internal Collaboration is an issue that needs constant monitoring due to the way social media quickly evolves. It is common for attorneys to use the internet for communication, however, it is less common for them to communicate internally about a case, which would make their casework more efficient. The right social media integration can help improve communication and make casework more thorough and efficient. Salesforce, customer relationship management solutions are a common tool used by attorneys and their firms in order to produce better results for clients.

How a Managed Service Provider Can Help

Proactive and Regular Maintenance at a fixed can cost can help with all these issues by applying the knowledge to give your firm or business the right IT infrastructure that will support your needs. That means that attorneys and other employees will receive the training they need to serve your clients confidently and safely. if you have an existing system in place, we can analyze what you have been doing so that any necessary changes can be quickly set in motion.

While we at the {company} manage your system remotely, we are still there remotely to answer questions remotely that will improve customer relations and overall productivity. To learn more about how {company} can help your firm contact us today.

Tech Competence and Attorneys: New Changes You Need To Know About

IT Services Law Firms

If you are a lawyer or if you are hiring a lawyer, technology competence, often shortened to tech competence, is a term that you should be aware of. Recently, changes have been recommended in regards to tech competence and attorneys. Here is everything that you need to know about this topic.

Law Firm IT Support

What is Tech Competence?

Lawyers have always had a duty to be competent in the areas of law they practice. However, in 2012, the American Bar Association made a change to the Model Rules of Professional Conduct. The change being made was to make it clear that attorneys need to take steps to be competent in regards to technology. This change stated the lawyers need to stay competent in regards to the benefits and risks associated with technology that is relevant to their firm and line of work. Each state was free to adopt or reject this change, and to date, 36 states have adopted this change.

What New Changes Have Been Recommended in Regards to Tech Competence?

A committee met and issued a report in February of 2019 that recommended revisions be made to the current Rules of Professional Conduct in regards to technology. The changes that the committee recommended making were designed to make it clear that it is an attorney’s job and legal responsibility to ensure that they are competently representing their client. The changes that are being recommended to ensure that law firms and lawyers understand that this duty reaches into the technology that they use. The committee wanted to make it clear that it is a lawyer’s duty to ensure that client information is confidential, and as such, they are responsible for protecting against unauthorized access. Unauthorized access can occur if a database gets hacked or emails are intercepted.

The committee designed with making changes issued its report in February of 2019. The public was given the opportunity to comment and provide feedback through April 19, 2019. Currently, the recommendation is being reviewed by the D.C. Bar Board of Governors. Ultimately, they will decide if the recommendations should be passed on to the District of Columbia Court of Appeals, who ultimately sets the rules of practice within the District of Columbia.

IT Services Law Firms

How Can Your Law Firm Ensure You Are Meeting the New Guidelines?

While the changes in regards to tech competence and lawyers have not yet been approved, it is expected that it will be. It is also expected that many of the 36 states who adopted the tech competence changes will follow the District of Columbia’s lead and adopted these rules. As such, you may find yourself wondering what this means for you as a law firm, lawyer or individual or business looking to hire a law firm. If you are a lawyer or law firm, you need to ensure that you are taking steps to protect any personal client information. You need to ensure your website is secure, that you are sending all confidential emails in an encrypted manner, and take steps to ensure your cloud is secure. As a client, you want to ask law firms what steps they have taken to ensure the technology they use is secure.

As technology advances, new changes will likely be made to tech competence and the way it impacts attorneys and law firms. Being proactive and ensuring the technology you use is secure is the best way to meet your requirements under the new guidelines.

What Is Technology Competence

According to the LawSites blog, as of this writing, there are 36 states that have adopted the ABA’s updated Model Rule 1.1, which states that lawyers should maintain technology competence. The rule is purposefully vague to allow for the constant changes in technology that the legal industry is encountering. Unfortunately, the vagueness can create some anxiety for lawyers who want to meet the requirements of the rule. What does the ABA mean by “technology competence”, and how can lawyers achieve competence?

Lawyers discussing Technology Compentence

To better understand the expectations of the ABA and the states embracing its rules, it is necessary to take a closer look at how technology has impacted legal representation and ways that it can improve a lawyer’s practice.

Your main goal as a lawyer has always been to represent your client to the best of your ability. It was once enough to be knowledgeable in your legal area to ensure competent representation, but skilled representation today also means being able to use technology to improve efficiency, security and ideally the results you get for clients.

Technology Competence—The Basics

Update to ABA Model Rule 1.1

To get a grasp on what technology competence means for you and your practice, it is helpful to read the updated ABA rules:

Maintaining Competence

To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject.

As you can see, the rule is not terribly specific about what it means to be competent in technology for a lawyer. It states that you should, “…keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology…” However, if you consider what the relevant technologies are in law—and their benefits and risks—you can get a clearer idea of how to approach tech in your own practice.

Relevant Technology in Law

There are some technologies that are quite relevant to the practice of law and are being used by lawyers across the country and the globe. These include:

Electronic Discovery

Discovery has always been the backbone of case building, but electronic tools have increased the power and efficiency of the discovery process in numerous ways. These tools allow for more comprehensive preservation of information, more thorough review of information and faster production of information. Failing to leverage electronic tools in the discovery process is doing clients a disservice.

Law Firm Technology Competence in USA

Internet Investigations

You do not have to be a professional internet investigator to get a lot of benefit out of internet searches. Just being able to do simple internet searches for information can make the investigation process faster and more thorough than it otherwise would be. There are also numerous tools available online for conducting investigations.

Cyber Security

Considering that most of the information you obtain for clients and from clients will be digital, it is incredibly important that you take basic cyber security measures to protect that information. From hackers looking to blackmail victims to government agencies reviewing every bit of information they can get their hands on, there is a multitude of actors who can target your data and compromise your practice.

Understanding the Technology Used by Clients

The clients you represent are using technology in a myriad of ways. You need to have a basic understanding—or possibly a much more in-depth understanding—of what tech they are using and how they use it. That means educating yourself not only on legal tech but also on any tech pertinent to your clients and their legal needs.

Courtroom Technology

There are a variety of tech tools that can make you more effective in the courtroom. They can help you better organize, present and explain information to your audience. Every little advantage you can get can make a difference when presenting your case.

Legal Technologies that Make Business Easier and More Efficient

Many legal technology tools are fairly mundane, but that does not make them any less useful. You can leverage them to provide your legal services with less work on your end. File sharing, automated document assembly and electronic court scheduling are all useful.

Using Technology to Better Serve Your Clients

Your ability to serve your clients is improved in many different ways through technology competence. While it may take time and effort to improve your competency, the benefits of doing so can be significant for both your clients and your practice.

To learn more about legal technologies that might benefit your firm, please contact our managed IT services team.

What Technology Should Small Law Firms Choose

Lawyers Looking At A Computer

It is questionable whether there is any industry today that has not been forced to adopt new technology to remain competitive. But for small law firms, the need to utilize technology appropriately is necessary for more than just competitiveness—it is actually being increasingly pushed by jurisdiction. In just the past few years, the ABA Model Rule 1.1 went through revisions so that the rule now states that attorneys need to maintain a certain level of competence with technology, and 36 states have adopted the revised comment to Rule 1.1.

Lawyers Looking At A Computer

With technology competency becoming a standard for practicing attorneys, it is clear that every law firm needs to do what it can to incorporate technology into their practice. What this adoption will mean may vary somewhat from firm to firm, but the general push should be to meet the standards of the industry in all possible areas. For many firms, that will mean making some changes.

Technology for Small Law Firms—What You Need to Know

Where you and your firm sit on the technology spectrum may be far different from another attorney or another firm. You may have already taken significant steps to incorporate technology tools into your operation. You may have been doing things the same way for decades and only be interested in making the minimal changes to comply with changing professional expectations. Or, you may be somewhere in the middle. The following tips are meant to serve as a starting point on how to identify where changes need to be made and to make those changes as efficiently as possible.

Set aside time for research and the adoption of new technology.

For most lawyers, time is at a premium. Between courting new clients, keeping up with legal changes, researching cases, preparing and filing documents, traveling and doing all the other things required for you to run your firm, you are probably quite pressed for free time. However, you are also adept at measuring the workload of new projects and making time for those projects—which means you have the ability and aptitude to make technical changes to your firm. You just need to remain aware of what you are getting into and set a pace that fits with your circumstances.

If you do not want to do all of the work yourself, you can also delegate or outsource it. Whether you assign duties to employees, hire an IT services company familiar known for servicing law firms, or both, you can accomplish a lot when you share the workload.

Learn what it means to be technically proficient as a law firm.

You may already have clear ideas about the changes you need to make. But if you aren’t, consider doing some research on legal tech today. There are books available that discuss legal tech for small firms and there are plenty of websites that do the same. Educate yourself on what a technologically savvy firm looks like today so you can see where your firm is lacking and where you should aim to be moving forward.

Areas to research include:

  • Document management
  • Time and billing software
  • Legal practice management software
  • Collaboration tools
  • Security technology
  • Mobile technology
  • Potential technology certifications available

Conduct an assessment of the technology your firm uses.

Once you have an idea of what the expectations for legal technology use are in today’s environment, you can conduct an assessment of your firm to see where you are and what changes you need to make. Identify what technology you currently use for various tasks, determine what changes need to be made, if any, and then make a plan to facilitate those changes.

Prioritize technology adoption.

Ideally, you could make all the changes you need to make simultaneously. But if you do not have the time, resources, or assistance to make all those changes possible right now, you will need to prioritize which are most important. Your priorities will be based on the specific goals of your firm. For example, e-filing is becoming an industry standard for law firms. If you are still using mostly paper, moving into an e-filing system will probably be a big priority. That may mean purchasing a scanner to digitize your existing documents, as well as implementing an e-filing system for your firm to use moving forward.

Consider Partnering With A Managed IT Services Company.

Most small firms do not have the resources to employ a dedicated IT department. Managed IT services offer a way to take advantage of technical proficiency and skill sets as you need them—like when you need to do a technology overhaul on your firm. You can get the assistance you need from professionals so you can focus on running your firm.

If you would like more information about managed IT services for your solo practice or small law firm, please contact us.

How Can Law Firms Use Microsoft Office 365’s E-Discovery Capabilities?

Legal eDiscovery

Legal eDiscovery

According to the American Bar Association, it is crucial for attorneys and e-discovery professionals to define the rules of engagement instead of leaving those details to the IT department. Attorneys are being held to much higher standards of knowledge when it comes to technology, especially in terms of electronic discovery. ABA Model Rule 11 states that attorneys bear a duty to provide competent representation for their clients, and translated into today’s language — that means a firm understanding of technology and all of the various implications. Fortunately, there are advanced tools already built into Microsoft Office 365 that can help support the needs of law offices as they create a proactive e-discovery strategy for their offices and for their clients.

E-Discovery in a Digital World

E-discovery is increasingly complex as you bring globalization and mobile platforms into the conversation. The ability for mobile phones and tablets to access even the most sensitive personal and legal data is an ongoing challenge, not to mention the ability of clients to easily share information that should have remained confidential. SMS text messages, social media chats, in-app notes — these types of interactions must all be appraised for potential inclusion in legal matters in the future. However, the information that is shared between attorneys, clients and other external parties can be more easily managed with tools from Microsoft Office that are already available to your e-discovery team.

Advanced Document Analysis in Microsoft Office 365

The electronic discovery tools available in Microsoft Office 365 are increasingly detailed and include the ability to identify content that is a near duplicate, perform predictive coding and consolidate information across email threads. While you may still need a dedicated e-discovery platform for more detailed analysis, Microsoft’s cloud-based productivity platform has many advanced features baked into the base functionality. Microsoft has been boosting their e-discovery chops with additions to the platform that will provide professionals with more of the tools that they need to wrangle and report on data and communications that will impact their various cases. Massive regulatory cases are not the only ones whose outcome may depend on a single email — there are also thousands of smaller cases that can be solved more quickly and accurately with access to the correct information gained through intensive e-discovery.

Collecting and Preserving Crucial Electronic Data

The ability to easily share information is a boon for attorneys and clients alike, as people are increasingly ready to work from remote locations and while on-the-go. Law offices must take additional measures to ensure the security and consistency of data due to these additional pressures, and Office 365 can create clean transfer records across various mobile platforms, desktops and email. Attorneys and their staff must have a firm understanding of the flow of information throughout their various systems to take full advantage of the ways they can collect and preserve this crucial electronic data.

Investing in advanced e-discovery software may be necessary, but there are many ways that law offices are able to streamline their data structures and workflow by leveraging the advanced functionality that is already available within Microsoft Office 365. Speak with your local technology professionals to better understand Microsoft’s options for improved security and deeper data insights.

Should Law Firms Start Their Own Podcasts?

Lawyers Podcasts

Lawyers Podcasts

Podcasts are huge these days. Popular podcast Serial has been downloaded millions of times and has become a pop culture phenomenon right alongside other “did they really do it” series like Netflix’s Making a Murderer. Podcasts are also used for informational and educational purposes. NPR offers its programs in podcast form so users can listen at their own pace. They’ve even developed programming that doesn’t broadcast on the radio. It only exists in podcast form.

The podcast has arrived, and it doesn’t appear to be going anywhere anytime soon. The question for law firms, as with any new tech innovation, is whether developing a podcast for the firm makes sense. We believe creating a podcast can be a powerful, memorable branding tool. Here are a few reasons why your firm should consider starting one.

A Branded Podcast Builds Credibility and Engagement

The problem most law firms face isn’t competence. The process of becoming a lawyer usually takes care of this. The problem firms face is getting their name out into the community effectively. You want to communicate that you’re competent and successful but at the same time approachable. Much of law firm advertising veers far in one direction or the other. You see “prestige” billboards that may communicate “you can’t afford me” to a good portion of the community, and you see cheesy TV commercials that communicate “we’re not a serious firm” to another portion of the community.

Creating a podcast is a low-cost, low-effort way to engage with your community. You can communicate in a down-to-earth fashion by just being yourself. You can use a podcast to indirectly convince community members of your ability and skill, and you can disarm the negative notions that can come from prestige advertising.

It’s an Inexpensive Advertising Tool

Another advantage of podcasting is cost. It’s very inexpensive to produce a podcast, and it costs nothing to host it. All you need to produce it is some simple audio recording equipment and a topic that you can discuss. Hosting a podcast is a simple affair using a hosting tool like Libsyn. Hosting tools like this one will automatically publish your podcast to iTunes and all the other major podcast services. Once your content is published, you can promote your podcast using your existing social media channels through both regular and paid posts.

Compare this to the costs of producing video for social and the costs of traditional advertising. To produce social video, you’ll have to invest in video recording equipment. If you want a quality product, you’ll probably end up having to hire a video production group to produce them. Then, consider traditional print and TV advertising. The costs are astronomical compared to the costs of producing a podcast.

It’s an Attractive Alternative to Video

Let’s be honest: we don’t all look like the beautiful pretend lawyers on Suits. Even if you are blessed with great looks, you may not be comfortable in front of the camera. If video makes you look shifty, insecure, or nervous, you’re not helping your firm’s advertising efforts. Focusing your efforts on a podcast avoids the difficulties and aesthetic concerns that come with video.

The other issue with video is that they need to be short. Videos, especially in advertising, need to be fairly “snackable.” Podcasts, on the other hand, can take a deeper dive. People often listen on their commute or at the gym, so they are looking for content of a certain length. Going deeper on a given topic is one way to reaffirm your credibility, too.

Getting Started

If you’re ready to start a podcast for your firm here’s a brief guide to the steps you need to take.

Equipment

You can record audio using the internal microphone on your laptop, but it won’t sound very good. Invest in a midrange USB microphone, like the Snowball or Yeti from Blue. The difference in sound quality will astound you. You can easily record one or two people around a microphone like those. If you plan to invite more than one guest onto your podcast, you may need an additional microphone.

Software

If you’re recording only one microphone, your software needs are simple. Free recording and editing programs like Audacity for PC and GarageBand for Mac will do just about everything you need. Call Recorder for Skype is an inexpensive Mac app that will simplify things for you, too. We recommend starting with this simple setup before exploring multi-mic (multi-track) recording. Once you’re familiar with the basic principles, you’ll have an easier time scaling up.

Topics and Launch

All that’s left is to come up with some topics and get going. Choose topics community members are likely wondering about and answer whatever questions they may have. This is a tool for getting clients in the door. Choose topics that offer as much value as possible, topics people will want to listen to.

All that’s left is to launch. Hit record, start talking, and publish!

Password Management: What Lawyers Must Know

Password Management

Password Management

Passwords are a problem. In one sense they are exactly the opposite of what they should be. They’re hard for users to remember but easy for intruders to guess or steal. The user frustrations with the current system make it ripe for abuse, and that’s exactly what’s taking place every day.

The best solution for lawyers and law firms alike is to implement a password management utility. We’ll take a look at that solution after exploring the nature of the problem in greater depth.

The Problems with Passwords

Can you even count how many digital sites and services you’re required to log in to with a username and password? Most people have upwards of one hundred. It’s challenging, if not impossible, to keep them all straight without some kind of assistance. People usually resort to one of several very insecure methods to solve this. One of the most common is reusing the same username and password on multiple sites.

Password Reuse Is Easy but Dangerous

Security professionals will tell you that reusing passwords is dangerous. This is because when (not if) your credentials are captured or stolen on one site, you become vulnerable on every other site that uses those same credentials. The problem here is that it’s just so easy to reuse passwords, especially on accounts we don’t consider to be sensitive in nature. Nearly half of security professionals themselves admit to reusing passwords, even though they know firsthand the dangers of doing so.

Strong, Unique Passwords Are Too Hard to Remember

If you’re not supposed to reuse passwords, then what should you do? Ideally, you should create a strong, unique password for every site. Each one should be lengthy (the longer the better) and should contain a mix of lower and uppercase letters, numbers, and symbols. The longer and more complex the password, the harder it is for a computer to crack it. People won’t be able to guess Gbje23+3zp?$T0n very well at all.

The problem with a password like Gbje23+3zp?$T0n, though, is obvious. You’ll have a tough time remembering even one of those, let alone a hundred.

Experts will suggest other tactics, like turning a familiar phrase into a password. “Four score and seven years ago our fathers brought forth a new nation” could become “4s&7yaoFbfaNN”. This method uses the first letters of each word (along with numbers and symbols where appropriate) to create a passcode that’s nearly inscrutable but that’s easier to remember.

This method helps, but it doesn’t scale well. It’s true you’ll have an easier time reproducing that than the previous example, but you’ll still have a tough time replicating that a hundred times over.

The Solution: Password Management

The best solution to the password conundrum is using a password management utility. Setting up a password management utility isn’t difficult, and putting one in place greatly increases your digital security. Once you’ve set up a password manager, you don’t even need to remember all those passwords. You just have to remember one.

How Password Management Tools Work

Password managers are programs or apps that function as a digital safe, or a digitally encrypted locker. All your passwords are stored inside the safe. Password management tools will also help you create long, complex, unique passwords for all your accounts. Some can even do this automatically once you supply your existing credentials.

With a password manager, it’s easy to maintain a different complex password for every account, because you no longer need to remember those passwords yourself. You just need to create and memorize one very strong password for the password manager itself.

Once you’ve set up a password manager, it will autocomplete the login fields on most websites. For the few that don’t auto-populate, you can access a database of your account credentials and copy and paste the proper credentials into the corresponding fields. All the major password managers also offer some degree of integration with both iOS and Android. Your passwords remain accessible, yet secure, on your mobile devices.

The Security of Password Management Tools

Password management tools stake their reputation on their security. They aren’t perfectly secure—nothing is. The Washington Post notes some of their flaws. They are, however, a vast improvement over most people’s current password practices. No one gets access to your vault without your master password, and hackers won’t get that password from the utility makers since they don’t store your master password anywhere. There’s no database to be hacked.

On that note, make sure your master password is itself long and complex. Consider using the “familiar phrase” tactic described earlier.

Conclusion

Lawyers have an obligation to keep their digital accounts secure. Doing so manually is difficult if not impossible. Implementing a strong password management solution is the answer. If you have more questions about implementing a quality password management system for your law firm, we’re here to help. Contact us today to discuss the options available.

Why Reusing Passwords Is A Horrible Idea

Legal Password Management

Legal Password Management

No matter your profession, reusing passwords is a horrible idea. It’s dangerous and insecure. Reusing passwords is especially problematic for those working in fields like law, ones that require confidentiality in one form or another.

Many people already know that reusing passwords is unsafe, but they do it anyway. One recent survey conducted by Lastline revealed that nearly half (around 45%) of information security professionals polled admit to reusing passwords. These people get paid to work in information security, and yet they don’t follow some of the most basic protocols for keeping information safe.

If anyone should understand the dangers here, it would be information security professionals. You’re likely not an information security pro, though, so let’s look in greater detail at why reusing passwords is so bad.

A Broken System

First, cut yourself a little slack. The internet password system is inherently broken. Most people have well over a hundred digital accounts. These range from the seemingly trivial (paying a utility bill, “store insider” loyalty programs, and the like) to the vitally important (banking, proprietary business accounts, and so on). Each one requires a username and a password. To make things worse, many sites require a mix of characters (capital and lowercase letters, at least one number, and at least one symbol). Some sites won’t accept all the special characters, and various sites won’t even agree about which special characters are acceptable!

Cheating Ensues

Most people can’t easily memorize one hundred or so unique sets of site plus username plus password, so they cheat. Either they write all their passwords down in a notebook or they reuse the same password across multiple sites. Even worse, they may do both!

The Frequency of Reusing Passwords

How widespread is reusing passwords, really? A massive study from researchers at Virginia Tech found that the problem is quite severe. They analyzed 61.5 million passwords spread out over 28.8 million users and found that over half (52%) reused passwords wholesale. That doesn’t even account for people reusing the same basic word or phrase and just switching out a few characters or adding a new one to the end.

The Problem with Password Reuse

Here’s the problem with password reuse: credentials have a habit of being stolen. Companies frequently experience hacks where customer data is exposed. You may not consider it such a big deal if hackers got ahold of your username and password for Bargains ’R’ Us. You don’t shop there often and you don’t have any credit card info stored on their website. Is it really a big deal?

On its own, it’s likely not a very big deal. But if you reused the same username and password for, say, your bank or your credit card, it’s suddenly a very big deal!

The same goes for the sticky-note users out there. If you’ve ever written down your “go-to” password on a sticky note or in a notebook, consider who all has had access to that information. Family? Friends? Coworkers? The cleaning crew or service technicians? How easy would it be for someone to snag a quick picture of your password list? If you reuse your passwords, this problem escalates quickly.

One more problem worth noting is messaging or emailing passwords. Many of us have had the experience of texting, emailing, or messaging a password to a spouse or significant other. Those communications aren’t always secure, though, and often they stick around for a while. If someone gained access to your email, would they also gain access to sensitive passwords?

The Ubiquity of Data Breaches

Data breaches are happening all over the place, and some of them are huge. Yahoo had every single one of its 3 billion accounts breached. If you had a Yahoo account at the time of the breach, even an old dead one you never check, hackers may now have your sign-in info. If you used your go-to password on that account, then every other account you’re using that password for is now at risk. This is a big deal.

Solutions to the Password Problem

Passwords are a mess, and not reusing passwords is difficult. Here are some solutions that can help you clean up the mess and reduce frustration.

Enable Two-Factor Authentication Wherever Possible

Many websites offer two-factor authentication (2FA), which is much more secure. With 2FA, a one-time code is sent in a text message or email after logging in with username and password. Enable 2FA wherever possible.

Use a Password Manager

Password managers solve the problem of memorizing hundreds of unique passwords. They store all your passwords in an encrypted vault that you secure with one strong master password. We recommend using a good password manager. Doing so makes strong password security easy.

Conclusion

Understanding the danger behind reusing passwords is an important first step in securing your digital life. For help securing your workplace against digital threats, enlist the help of professionals like us. Contact us today to learn how we can help keep your systems secure.

Password Management For Law Firms (Questions/Answers)

Password Management

We can’t function without passwords. So much of the internet is built on the concept of a username plus a password that the concept is core to users’ internet experience. It’s a clever but imperfect system that could certainly be improved upon, but until a game-changing replacement comes along, we have to play the game.

Password Management

There’s a lot that doesn’t work very well about this system, and many people have questions about what password management best practices are. To that end, here’s a Q&A about passwords and password management.

What’s the biggest problem with how people use passwords?

The biggest problem with internet passwords is password management. Users have dozens if not hundreds of username/password combinations that they need for personal and business use. The problem with this is that nearly no one can reliably remember one hundred unique passwords. Many users, then, select overly simple (and easy to guess) passwords, or they reuse passwords across many sites.

What’s wrong with reusing passwords?

We live in a world of data breaches. When (not if) someone hacks favorite retailer or hotel chain, it’s embarrassing for those companies, but probably doesn’t affect your life too much. If the culprits gain access to your username and password for those sites, it’s a nuisance, but the amount of damage they can do is limited.

But when your hotel rewards password is the same as your credit card password and your banking password, you could have a mess on your hands. Scammers know that at least 51% of people reuse passwords, and you can bet they’ll try those stolen passwords on other, more valuable sites.

What makes a strong password?

A strong password is one that neither human nor machine can guess easily. Forbes compiles an annual list of the worst passwords being widely used, and it’s topped with gems like password123456, and qwerty. These are terrible because they’re just about the first things a human might guess. Other bad choices on the human front are the names of people, pets, or places that everyone knows are meaningful to you.

On the machine side, the shorter and simpler the password, the easier to hack. Make your password harder to brute-force by adding length, capital letters, numbers, and symbols. A password of 12 to 16 characters that mixes all these character types is generally considered a strong password.

I just keep my passwords on a sticky note. What’s wrong with that?

In short, everything. A sticky note hidden under your keyboard isn’t exactly a state secret. Think about who might have momentary access to see that sticky note. Clients? The cleaning crew? Maintenance personnel? Who else? This is especially disconcerting In the legal world, where those passwords could give a bad actor access to confidential materials that are under attorney/client privilege.

How can I remember passwords like j#%3M82*mRz!+?

Truthfully, you probably can’t. While that’s a tough password to crack, it’s not very useful for you. A better approach is to take a phrase that you can remember (perhaps one that relates in some tangential way to the site you’re on), and then make the phrase longer and more complex.

For example, iloveturtles is an easy phrase to remember, but it’s not that challenging to guess or to crack. Mix up the phrase by adding replacement characters, like <3iL0v3TurtleS<3, and neither your office mate nor a computer will easily guess or break your password.

Admittedly, this method has limits. Your own memory can be an obstacle, and sites vary with which characters they’ll allow in passwords.

I can’t remember 100 unique, complex passwords. What are my options?

Passwords need to be complex, and you shouldn’t reuse them from site to site. This creates a problem: Who can remember them all? One option that’s gaining a lot of traction in both the personal and enterprise markets, including in the law and legal tech fields, is using a password management tool. You’ve likely seen these advertised as “the last password you’ll ever need” or “one password to rule them all”; stuff like that. Password management tools are a reliable, secure way to generate and remember unique, complex passwords for all the sites and accounts you have.

How does a password management tool work?

Password management tools vary a little bit in terms of functionality, but at the core the services are similar.

  1. First, you input or import all your existing credentials to the password management tool.
  2. Next, you turn all your current weak passwords into strong ones. Some password management tools can do this automatically for you on many websites.
  3. Last, you create one strong, secure password for your password management tool account.

After you’ve completed these steps, you’ll have just one password to remember—the password to your password management tool. It will store the rest of your credentials in a secure, encrypted vault and use them to log you into whatever account you need.

Are password management tools secure?

Yes. The companies offering these tools would be sued out of existence if not. Don’t believe us? Check out what a panel of experts has to say on the topic.

Conclusion

If you have additional questions about implementing a password management tool in your law office, contact us today. We’re here to help.

Cloud Computing For Lawyers (2019 Introductory Guide)

Cloud Computer Lawyers

Cloud Computer Lawyers

Attorneys have unique needs for the storage of information while needing to access data on clients and cases from remote locations. That’s why cloud computing has become such a popular option for lawyers. However, the value of cloud computing needs to be tempered with concerns about security and privacy.

Below is your 2019 introductory guide to cloud computing for lawyers.

What Is Cloud Computing?

Cloud computing is web-based, off-site storage of software and data, and is often referred to as software as a service (SaaS). It allows for access to files and software applications from most mobile devices if there’s an available internet connection.

Among some of the most popular commercial cloud-based storage solutions are Dropbox, Google Drive, OneDrive and iCloud. Some of these services are provided for free and others charge a nominal monthly or annual fee, usually based on the amount of storage required. Housing applications in the cloud usually is best done via a managed IT services provider that can configure and monitor the solution on your behalf.

What Are the Advantages to Cloud Computing?

Cloud computing helps busy attorneys stay connected to information critical to their work. Here’s a closer look at some of the core benefits of cloud computing for lawyers:

  • Access. Attorneys are often working out of the office meeting with clients or appearing in court. When they need access to information, it’s usually an urgent situation. With cloud-based access, attorneys can access necessary information in the moment of need. Wherever there’s an internet connection, lawyers can immediately connect, without needing to email files to one’s self or using hard-to-use remote software to log in.
  • Cost. Cloud computing is predictable and inexpensive, with a flat monthly or annual fee that allows for better collaboration, networking and storage.
  • Backup. Cloud computing provides you with a reliable and protected digital backup of your files and applications, ensuring they are recoverable and usable in the event of software corruption, server failure, human error, natural disaster or cyber attack.
  • Multi-Device Functionality. Cloud computing allows you to access information from any device (smartphones, laptops, desktops or tablets) or operating system. If you use a PC at the office and a Mac at home, there’s no issue.
  • Less Internal IT Costs. When you use cloud solutions, you won’t have to buy, install and maintain servers and other equipment if you were hosting these applications and information yourself. Software licensing is often included in monthly managed IT services, which can monitor your software warranty and renewal terms and timing. Also, cloud solutions provide for automated updating and patching, meaning you’ll have access to new features and updated security measures. The cloud option means less burden on internal IT staffers or the need for expensive one-time service requests by third parties.
  • E-Filing. When your firm needs to file materials with courts or government agencies, digital files — and remote access to them — makes e-filing simpler. There’s no need to convert paper to PDFs or hand-deliver information when required documents can be sent digitally.
  • Scalability. Cloud computing allows for flexible expansion or contraction as your firm’s needs evolve. You quickly can add more storage or reduce your capacity. With the cloud, you will not have to scramble to buy, install and configure a new server or overbuy server space you do not need.
  • Intuitive Use. Setting up a workstation for a new employee takes a lot of time, especially to install software and train them on applications. A cloud-based infrastructure means new users can be added or removed quickly. You can also reduce your PC purchase costs by using simpler devices that cost hundreds less.

How Is Information Secured in Cloud Computing?

Keeping information protected is a moral and legal obligation for attorneys. With cloud computing, you have added security functions and peace of mind.

Lawyers are obligated to provide “reasonable care” to prevent unauthorized disclosures or access to information. However, states have different definitions of “reasonable care” but generally include the following:

  • Data encryption
  • Use of current, best-practice technology
  • Review of service providers’ requirements regarding data ownership and access

Cloud security features can ensure that data is encrypted while in transit or at rest, access is limited and suspicious activity is detected, quarantined and addressed before any serious damage occurs. Some law firms need to meet mandated guidelines for work with government agencies like the Department of Defense or the Central Intelligence Agency. In such cases, cloud security solutions are available that address those mandates through threat detection, machine learning and automated monitoring of data and applications.

What Are the Ethical Concerns Regarding Cloud Computing for Lawyers?

U.S. state ethics commissions have ruled that cloud computing is ethical, as long as the “reasonable steps” and conditions are met. According to a recent article by the American Bar Association, the Iowa Committee on Practice Ethics and Guidelines issued suggested questions attorneys should ask themselves and service providers:

  • Will I have unrestricted access to the stored data?
  • Have I stored the data elsewhere so that if access to my data is denied I can acquire the data via another source?
  • Have I performed due diligence regarding the company that will be storing my data?
  • Is it a solid company with an excellent operating record, and is its service recommended by others in the field?
  • In which country and state is it located, and where does it do business?
  • Does its end user’s licensing agreement (EULA) contain legal restrictions regarding its responsibility or liability, choice of law or forum, or limitation on damages?
  • Likewise, does its EULA grant it proprietary or user rights over my data?
  • What is the cost of the service, how is it paid, and what happens in the event of nonpayment?
  • In the event of a financial default, will I lose access to the data, does it become the property of the SaaS company, or is the data destroyed?
  • How do I terminate the relationship with the SaaS company?
  • What type of notice does the EULA require?
  • How do I retrieve my data, and does the SaaS company retain copies?
  • Are passwords required to access the program that contains my data?
  • Who has access to the passwords?
  • Will the public have access to my data?
  • If I allow nonclients access to a portion of the data, will they have access to other data that I want to be protected?
  • Recognizing that some data will require a higher degree of protection than other data, will I have the ability to encrypt certain data using higher-level encryption tools of my choosing?

Attorneys can gain considerable benefits with a cloud computing solution. Knowing the benefits, security provisions and due diligence to be done will help attorneys make an informed decision that keeps information accessible and safe.