It is not only the law firms who understand the need for data protection and security, clients and consumers are becoming much more savvy and are realising that they too, need to protect their own. With newspapers filled with stories of hackers attacking large multinational companies and mobile devices with sensitive data being lost or stolen, security is fast becoming a top priority for most businesses today.
Here are 3 ways to secure your firm’s information and reputation...
As the mobile workforce expands, sensitive documents now need to be created, shared, stored and printed both in and outside of the office. Security measures should be applied throughout the different document processes within a firm’s workflow as this information travels. This includes:
- Data encryption – each laptop, tablet, mobile phone and other printing and file sharing device that is connected to the corporate network brings some security risks. And with the growing numbers of devices, firms should encrypt their documents at all stages of the workflow whether the data is at rest or is in transit. Encryption can - and should - be applied to data when it is stored in the user’s hard drive, or when it is sent to a printer, scanned to an email exchange server or to a Cloud based file storage system, or even when uploading and downloading to and from a mobile devices.
- Limiting access to sensitive data – to avoid sensitive information being disclosed, permissions within files and folder settings should be changed, allowing access to only those who are authorised.
- Secure scanning and printing – many printers and scanners use ‘pull printing’ to force users to authenticate themselves before releasing a document. This is done by entering a pin code or using a smartcard and ensures that confidential documents are not accidentally retrieved by unauthorised colleagues, or left abandoned on the printer.
- Internet endpoint security – With the increase in devices connecting to the corporate network, an endpoint security solution protects firms from viruses and hackers and helps IT departments monitor, control and moderate how or what information employees receive, send or access through the internet. This management tool helps create feasible policies and guideline based around internet access, blocked websites, application and the use of social media in the workplace.
2. BYOD, Mobility and Security
The trend of mobile workers using their own devices (BYOD) is rising. Employees store documents on consumer Cloud based applications which are not always secure but conveniently provides access to documents at all time from outside the office. However, it is the fact that these documents now reside outside of the corporate firewall and well out the law firm’s control that is the cause for concern.
- Secure file sharing technologies allow encrypted files to be stored, shared and accessed on mobile devices. It acts as a back-up for important documents within an environment that the IT team is in full control of. There are varying grades of security from basic SSL to high end military grade level, but the minimum that a law firm should considered is an ISO 27001 accredited server which conforms to industry best standards when it comes to information security management.
- Encrypted data when data is transferred how do you guard against security threats? File encryption technology can automatically and transparently encrypt files and folders placed on file servers and can only be read and modified by those who have an encryption key.
- Remote Wipe data if a device is lost or stolen, the data contained within can be wiped immediately. IT teams also gain centralised and granular level control of data and set rules to restrict certain users accessing highly sensitive documents.
3. Promote security and enhance your law firm’s reputation
- Internal promotion and communication - Law firms need to assess and prioritise the risks that they face and establish a strategy for their security requirements, which can then be implemented. However to execute this successfully, education and enforcement of measures, guidelines and policies internally is an absolute must. It only takes a single rogue device to spread malware through the corporate network.
- External communication: Cases of clients proactively asking law firms to demonstrate their security measures and procedures as part of the tender process are becoming more common. A recent example includes a global banking institution that holds sensitive customer information that undertook an audit to evaluate the law firm’s security procedures. Therefore if a law firm can show their clients that they comply with ISO 27001 standards or have transparent internal processes with a tight hold on security, this should be communicated through client newsletters, pitch and tender documents and other sales and marketing material.
Nila Hirani [
]
Copitrak Scan is a software solution widely used within law firms to associate printing and scanning activities with specific client matters, to track and manage associated costs and boost recovery rates. It can be seamlessly integrated with most existing DMS systems including iManage, eDocs, SharePoint and the file sharing platform, Nikec Docstore. Copitrak Scan is also available for Copitrak embedded products. Visit nikecsolutions.com for more information
No comments :
Post a Comment