The practice of law in 2017 is markedly different than it was even a decade ago, in part due to advances in technology. That’s why lawyers in many jurisdictions now have an ethical obligation to understand and stay on top of changes in technology (with 27 states now requiring it). Understanding and using secure technology in law firms is all the more important in light of the ABA’s recent ethics opinion, which encourages lawyers to avoid unsecure email when sending certain types of confidential client information and suggests that lawyers consider using encrypted methods of communication, including secure, web-based client portals.
Are you staying on top of changes in technology and maintaining your clients’ confidentiality in this new era? How is your firm implementing technology and ensuring it’s secure? Are your efforts comparable to those of other firms? Let’s dive in and find out!
Securing law firm hardware
Computers have been around for a long time and are now commonplace in law firms. That’s why basic security measures for protecting hardware are being used in the vast majority of law firms. According to the ABA’s latest Legal Technology Survey Report, password protection continues to be the main security measure used by lawyers to protect their laptops and data, with more than 90% of lawyers using a password to protect physical access to their laptop and its data.
File and data encryption is another security measure used by lawyers to protect physical access to their laptops. According to the Report, 21% of solo and small firms firms with 2-9 attorneys implement file and data encryption as a protective measure in their firms. Of course, as you’ll learn in the next section, one of the easiest ways for solo and small firm lawyers to secure their firm’s data is by storing it in the cloud, rather than on firm servers and computers. By removing data from premise-based hardware and storing it in the cloud, risks are reduced and data is often more secure.
Secure computing in the cloud
Because technology changes so quickly, it’s more important than ever for lawyers to take steps to secure firm data in order to keep client information protected. According to the Report, one way solo and small firm lawyers addressed security concerns regarding law firm data was by using cloud computing instead of premise-based software. In fact, solo and small firm lawyers were the most likely to use cloud computing in their law practices compared to their larger counterparts, with 35% of solos using cloud computing software in their practices in 2016, as did 35% of firms with 2-9 attorneys, 29% of firms with 10-49 attorneys, and 19% of firms of 100 or more lawyers.
Solo and small firm lawyers reported that cloud-based legal software helped to solve 3 different security issues for them by: 1) Providing robust data back-up and recovery (47%), 2) Eliminating IT and software management requirements (40%), and 3) Offering better security than they were able to provide in-office (32%).
The data also shows that solo and small firm lawyers were the least likely to experience unauthorized attempts to access their law firm data. According to the Report, solo and small firm lawyers were the least likely to experience a breach in the past year at only 8%, followed by 11% of firms with 2-9 lawyers. Larger firms, on the other hand, were much more likely to experience a breach, with 26% of firms with 500 or more lawyers reporting security breaches in the past year, up 15% compared to 2012.
Securing client communications in the cloud
Because of the ABA’s recent Opinion 477 (discussed above), it’s more important than ever for lawyers to ensure that their communications with clients are protected since 92% of lawyers report sending confidential or privileged communications and documents via e-mail. And, according to the Report, lawyers communicate electronically more than ever with the average lawyer sending 223 confidential or privileged communications and documents per year to clients via e-mail.
However, the security measures taken by lawyers when communicating with clients via email are varied, and often insufficient. The majority of lawyers (70%) simply rely on confidentiality statements in the body of e-mail messages. Another 30% use some type of encryption, and an additional 27% merely rely on confidentiality statements in the subject lines of e-mail messages.
Because email can be difficult to secure, lawyers are increasingly communicating and collaborating with their clients online. According to the Report, 33% of lawyers now share documents with their clients online. Another 26% report using online messaging and communication tools with their clients. Solo lawyers led with way with 29% reporting that their firms offered online messaging and communication access to clients, with small firms of 2-9 lawyers coming in at 24%.
Additionally, secure client portals are being incorporated into more solo and small firms, with 22% of lawyers surveyed offering clients access to a secure client portal for communication, document sharing, invoice sharing, bill payments, and more. And one of the most popular client portal tools used by lawyers? MyCase! It was one of the top 5 client portal tools used by responding attorneys from firms of all sizes.
In addition to using cloud computing and secure client portals, another important security measure law firms can take is to use two-factor authentication. It’s an easy and powerful way to protect your firm’s data because it adds an additional layer of security, making it that much harder for unauthorized users to access your online accounts. For additional cybersecurity advice, including advice on why password managers are so important, check out this blog post.
And for even more tips on how to ethically and securely use technology in your law firm, watch the recap of this webinar, where Jim Calloway shares his wisdom on protecting client communications, suggests tools to use for data encryption, and much more!