Law firms can’t afford to have anything less than an urgent approach to protecting client data. A single case of unauthorized access to a file or page of notes could potentially cost firms millions of dollars in recovery costs and a tarnished reputation.
You can help your firm by making document control and security a top priority. Here are five actions to consider when you get started.
Review and document everything that happens with documents that have sensitive client information.
Consider questions such as:
Where are they stored?
Are they indexed and classified?
Are they secured while in use, in transit, or at rest?
Who has access to them?
If you don’t have a way of obtaining this information, talk to a professional familiar with document workflow security. This capability is beneficial in today’s environment of increasing cybersecurity threats.
Use Security Features in Connection with Data on All Devices
Source: Law Practice Today, “Law Firm Cybersecurity Audits: Getting to Good,” February 12, 2016
Seek vendors that can provide a system for tracking who is handling workflow documents and what they are doing with them, i.e., scanning, copying, printing, distributing. Implement solutions that can track paper files, digital files, email attachments, and other documents that contain sensitive client information. Exposure can happen at any point during a firm’s possession of the information.
In the event there are questions about how a document was used and handled, you need a solution that provides fast and easy access to that information.
MOST COMMON TYPES OF SECURITY POLICIES AT LAW FIRMS
documents/record management and retention
internet use/computer use
Using document-workflow solutions and office equipment that have easy-to-use security features (such as badge scanners on printers) can help restrict document access to authorized personnel within the firm, and protect data from inside breaches. Task your IT staff or enlist a Canon certified specialist to “harden” your devices by activating the extensive security feature sets that reside within the equipment to help limit penetration from the outside.
It’s especially important that office equipment has security features that are transparent to users and are not otherwise disruptive to workflows. Smooth and continuous operations are important to law firm performance and financial health.
EMPLOYEE GROWTH CAN BE A SECURITY RISK
of firm partners believe headcount growth is a requirement to stay competitive
High-risk practices that professionals may use include emailing case documents back and forth on unsecured networks and/or relying on the use of USB drives which can contain malware. By giving your firm’s team easy-to-use mobile document sharing tools with user verification, you can help them adopt security features that still allow them to be fast and productive. This is an important capability, because transferring files with mobile devices occurs more often today.
Innovative solutions employ a variety of methods for securing client data, such as using a unique release code that can be sent directly to a compatible smartphone or another mobile device. The user can then enter the release code to access a document or send a document directly to a printer or copier within the firm.
Smartphone Usage is Exploding
of Americans own smartphones.
Source: Pew Research Center, “Mobile Fact Sheet,” January 12, 2017
Partners sometimes must be convinced to invest time and money in new resources, even for something as crucial as client privacy. One way to increase the likelihood of support is to identify ways to control the cost of acquiring and using security solutions, such as leveraging advanced security features within existing equipment to harden their security profile when possible. Look for a document-security platform that is expandable and can be used with a wide variety of brands of printers, copiers, and other office technology.
Ultimately though, comparing the cost of a security solution versus the effects of the monetary and reputation losses from a data breach might be the most compelling business case for investing in security.
A Data Breach Could Cost More Than $7 million
Average cost of breach of private data for U.S. organizations in 2017
Root Causes of a Data Breach in 2017*
malicious or criminal attack
Source: Ponemon Institute, 2017 Cost of Data Breach Study , June 2017
*based on benchmark sample
Don’t leave document security to chance. Using a unified platform that provides security, access control, and ease-of-use for document and workflow management can help ensure only authorized people can access sensitive content.