Archives for June 2017
“Security Fatigue and its Impact on Law Firm Security” by Sensei’s Sharon Nelson and John Simek was featured in the May 2017 issue of the San Bernardino Bar Association Bulletin.
Excerpt: People are inherently lazy. After all, why do something today that you can put off until tomorrow? Users hate to do anything that would slow down their access to their computer or data. That means they would much rather just sit at a keyboard and start to surf the Internet instead of entering logon credentials and then entering a second factor. How many times have you been tired of the constant password changes only to resort to using one you know you’ll remember and have previously used? Didn’t feel like creating a new account so passed on that online purchase? You are not alone.
A recent study from the National Institute of Technology (NIST) found that the majority of typical computer users experience security fatigue, which leads to risky computing behavior at work and in their personal lives. Security fatigue is defined as a reluctance or weariness to deal with computer security. So what does this mean for law firms? A balanced approach is the way to go. If you make things too difficult for the users, they will find ways around the security measures.
See the entire article on page 12 of the bulletin here.
In this article they pose the following questions and provide expert guidance. Can lawyers actually manage their technology (instead of it managing them)? Can firms create and enforce policies that provide a secure environment for their users and protect client data, rather than acting like computer usage and security if the “Wild Wild West,” where anything goes?
Because lawyers are constantly handling confidential or sensitive information, cybersecurity and the careful handling of this information are an important part of running a successful firm. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek talk to Jim McCauley about some of the ethical issues lawyers face and how the Virginia Bar is helping to educate lawyers on how to handle these issues. Some of these issues include information security and common scams used to hack into confidential data.
- 63 percent used work mobile devices for personal activities
- 94 percent used mobile business devices to connect to public Wi-Fi networks
- 78.5 percent used public Wi-Fi to check work email, and
- 60 percent used public Wi-Fi to gain access to work documents
Last month, Sensei’s John Simek was cited in the article “Things You’ll Wish You Had Done When Your Star Employee Defects” by John B. Farmer of Brand Bodyguards. Brand Bodyguards are experienced trademark lawyers who specialize in monitoring for trademark infringements and policing them.
Excerpt: Sometimes departing employees try to take important company data with them to use in the new job. They might send it out through a personal email account, or upload it to a cloud service, such as Dropbox.
You want to record electronic evidence of any such illicit activity in case you need it in a legal fight.
According to John Simek, who is a principal with the technology services firm Sensei Enterprises, your company’s computer network should be configured to log extensive server and firewall activity.
Simek also said that, for about $30 per computer, you can log all activity between that computer and any devices connected to it by a USB port.
Let’s look at a few statistics. A 2015 Computing Technology Industry Association online survey of 1,200 full-time employees found that 45 percent of the respondents had never had any cybersecurity training from employers, 63 percent used work mobile devices for personal activities, and 94 percent used mobile business devices to connect to public Wi-Fi networks. That same year, an Association of Corporate Counsel survey of over 1,000 general counsels found that only one-in-three tracked attendance at mandatory cybersecurity training, only 19 percent gave a test, and only 17 percent had “simulated security events.” That needs to change.
It’s no secret that access to justice is a significant issue within the legal industry, but when did lawyers first recognize the problem and how are they working to solve it? In this episode of The Digital Edge, hosts Sharon Nelson and Jim Calloway discuss low bono legal services with Shantelle Argyle, executive director of Open Legal Services. Their discussion includes the unintended consequences of the access to justice movement, the biggest barriers to innovation in legal services, and the role of Open Legal Services as a legal aid organization. They also discuss what’s different about today’s legal services consumers and how they affect access to justice.