Skip to main content
It looks like you're using Internet Explorer 11 or older. This website works best with modern browsers such as the latest versions of Chrome, Firefox, Safari, and Edge. If you continue with this browser, you may see unexpected results.

Legal Technology Tips, Tricks, & Treats 2019

Introduction

Four different sections of the rules of professional responsibility touch on the need to secure client information.  ABA Model Rule 1.1, which deals with competence; Rule 1.4, which involves communications; Rule 1.6, which covers the duty of confidentiality; and rules 5.1 through 5.3, which focus on lawyer and nonlawyer associations.

The reason cybersecurity is important for attorneys is simple.  They handle a lot of sensitive information for their clients and are therefore a target for hackers.

22% of law firms reported that they were victims of cyber attacks or data breach in 2017, and that percentage has been rising.

This guide will focus on the main areas of cybersecurity lawyers need to be aware of to prevent compromising client information.

Virtual Private Networks (VPN)

A Virtual Private Network is a connection method used to add security and privacy to private and public networks, like WiFi Hotspots and the Internet.  When using computers, smartphones, and tablets to work on client materials outside the office, using a VPN allows you to create a secure, encrypted tunnel to a secure internet point, and prevents your work from being intercepted.

Without a VPN, hackers can easily intercept information transmitted over unsecured wifi.

 

Passwords

Everyone uses passwords to protect their private information, but many also make simple mistakes that open up the possibility of a data breach.

Three simple tips for good passwords are:

  1. Make them hard to guess.  Generally, a long password that's easy to remember (think passphrase instead of password), is much harder for a computer to guess than a short, random password.
  2. Make them unique.  Even the hardest to guess password is useless if a service you use gets hacked and it's released into the wild.  As soon as usernames and passwords are hacked from one company, hackers go to work trying them on other targets, so use a password manager to keep track of unique passwords for every site.
  3. Make them one of several factors.  When possible, use two-factor authentication so that even if a hacker gets your password, they can't use it without also having your phone or some other identifying feature.

More Resources


University of Minnesota Law Library
Reference Desk: 612-625-4309 • Circulation Desk: 612-625-4300 • Contact Us