YourABA March 2013 Masthead
 

Pleading ignorance is not protection against client data loss, say ABA panelists

According to John Simek, vice president of Sensei Enterprises, “we’re addicted to our phones.” He cited that 58 percent of smartphone users can’t go one hour without checking their phones.

Simek and David Ries of Thorp Reed & Armstrong LLP teamed up to present the 2013 Midyear Meeting program “Locked Down: Security in Using Cloud Services and Mobile Devices.” The two emphasized the importance of protecting client data in the cloud, whether computing or using a smartphone.

There are no ethical violations if reasonable efforts are made to protect data, Ries said.

Clients may require special security measures, or they may give informed consent to forgo security measures, Ries said.

“Pleading ignorance won’t work,” Simek said. “Competence requires understanding the benefits and risks associated with the relevant technology. You must get a baseline knowledge or get help.”

“Competence requires understanding the benefits and risks associated with the relevant technology. You must get a baseline knowledge or get help.”

Law firms are targets for hacking attacks, Ries said. “It doesn’t matter if you’re large or small,” Simek added.

The consequences of being hacked include having to report to your insurer and give notice to clients, which is a “PR nightmare,” according to Simek.

Simek says to avoid “hot spots,” or areas offering free Wi-Fi, such as airports, coffee shops and hotels. “There is absolutely no security,” he said.

Simek and Ries also covered mobile threats. They said the biggest threat to mobile devices is their being lost or stolen: 30 percent to 70 percent of data breaches are from lost or stolen devices.

The way to avoid stolen data is to encrypt it, the two recommended. Encryption takes plain text and turns it into cypher text, which makes it totally unreadable. “It’s getting easier and easier [to do],” Ries said.

For example, if you enable a passcode, it will encrypt the data on iPads and recent iPhones, Ries said. Microsoft Office and Adobe Acrobat will encrypt text with the software. Or use encryption software such as PGP, TrueCrypt, Windows BitLocker and Mac FileVault.

Encrypted portable media is also available, such as the “iron key,” which is a USB drive with strong encryption ability, Ries said.

Other protections include making sure software is up to date and sending personal data only to an encrypted site (one that starts with https and has a lock symbol), Ries said.

If you must use public Wi-Fi, only use it with a VPN, which encrypts data, Simek said.

Finally, make sure you have strong passwords. Aim for 12 characters with a combination of upper and lowercase letters, punctuation marks and symbols. Do not use the same PIN in multiple places, Ries said.

This panel was sponsored by the ABA’s Government & Public Sector Lawyers Division and co-sponsored by the Law Practice Management Section.

Back to top

 

 

EYE ON ETHICS

Think twice before you call yourself an expert

TECHNOLOGY TRANSLATORS

Are you ready for Windows 8? Should you be?

FIRST FOCUS

Build your business
with pro bono

NEWS FROM THE 2013
ABA MIDYEAR MEETING

Corporate counsel discuss value-based billing at ABA meeting

Software tools help lawyers generate more business, happier clients

Internal compliance programs and the FCPA: What works, what doesn’t?

Pleading ignorance is not protection against client data loss, say ABA panelists

Midyear panel discusses disability issues in the workplace

AROUND THE ABA

Judge: 12 ways to lose trials and how to avoid them

Scroll the smarter way: The latest iPhone and iPad apps to help lawyers work more efficiently

Avoiding procrastination can help lawyers dodge disciplinary problems with ending attorney-client relationships

Law firms must prepare for disasters, large and small, experts advise

MEMBERSHIP

Renew your membership

MEMBER ADVANTAGE

Shipping just got more affordable with UPS