Data Security for Law Firms: Sensitive Client Data Needs Protecting

Posted by C Henry on Tue, Feb 21st, 2017

For law firms providing services to clients, data security must be an important part of business. Law firms are constantly entrusted with highly sensitive information about their clients in the normal course of business. In this environment  the need for effective data security is of critical importance. Disaster Recovery and Compliance requirements require legal firms to implement robust and reliable solutions. Legal information regarding clients should be properly protected.

Why are law firms being increasingly targeted by cybercriminals?

The large quantity and quality of  documents containing valuable information is what attracts the cybercriminals. Also law firms are considered to be weak on data security. Lawyers are under pressure to do things quickly and efficiently making it difficult for IT teams to install robust security systems.

For law firms heavy email use makes email archiving critical for the business day-to-day operation. However some  law firms use their email client as a de facto document repository system. How are they protecting these servers? Have they implemented a reliable disaster recovery system?. For law firms it is imperative to recover data quickly and comply with regulatory compliance requirements. ArcTitans email archiving solution eliminates these challenges.

Archiving has become more important for risk management, so law firms are increasingly embracing these services.

ArcTitan Email Archiving for Law Firms

By implementing ArcTitan, law firms are able to achieve quick email recovery. Unique replication functionality provides the ability to failover to a remote server very easily. The web-based application allows access anytime and anywhere with robust security. By implementing the ArcTitan  Email Archiving solution, law firms can find and retrieve email related information within seconds.

 Law Firm sued after email hacked

Law firms with weak cybersecurity risk malpractice exposure, regulatory fines and disciplinary actions. Many US states have adopted strict rules of professional responsibility, requiring lawyers to make “reasonable efforts” to prevent the disclosure and unauthorized access to client information.

As recently as April last year a Manhattan investment banker sued their lawyer, whose email was hacked, causing the couple to wire $1.9 million to cybercriminals. The clients alleged that the attorney’s use of as  AOL email account resulted in their loss of nearly $2 million.  The court determined that the lawyers computer negligence allowed hackers access to all of the lawyer’s emails resulting in this criminal activity.

What can law firms do to improve their cybersecurity?

We recommend some network security basics :

• Strong password policy
• Disk encryption on all devices
• Implement a firewall
• Use reputable anti spam, antivirus and web filtering solutions
• Keep all of our security solutions updated – stay up to date with patching
• Storing regular backups of data – use the 3-2-1 backup strategy   
• Advanced email archiving

A lot of businesses think that backups are a substitute for archiving, which means that when it comes to storing their emails they’re spending too much money on the wrong technology. A backup is intended to restore the system to the state it was in at a specified time in the past. Backups don’t need for data to be easily searchable – they just need it to be accurate.

An archive, on the other hand, needs to contain a lot of information that can be accessed very quickly. One of the major reasons for archiving emails is to satisfy legal requirements. Exactly what were the terms of the contract for selling 1000 purple widgets in March 2010? To be really useful, an email archiving system needs to make finding information about purple widgets sold in the year 2010 very fast and very easy. This isn’t just useful for fulfilling legal requirements; email can contain a wealth of information about a company, and proper archiving can make that information readily available.

All law firms should encrypt files containing sensitive client data, and have an incident response plan in place that protects their clients and their firm. Lawyers can no longer profess ignorance of the risks and must take steps to protect their clients’ data.  In the age of data breaches, every law firm should be taking steps to harden its computer defenses—and better management of email accounts is only the first step.

To learn more about these and other features of ArcTitan, drop us a line at  info@titanhq.com. One of our sales engineers will promptly reply, address any questions, and even arrange for a free trial of ArcTitan.