According to a March 9, 2017 article in National Law Review, “2016 was the year that law firm data breaches landed and stayed squarely in the national and international headlines.”
In Chicago, the firm Johnson & Bell is now subject to a proposed class-action lawsuit regarding a claim of lax data security and another firm, Edelson P.C., is actively targeting and suing legal practices that they claim have inadequate data security.
While the report that drove the article noted only 49% of responding firms had an email use policy they didn’t and really don’t have a way to know how many have open vulnerabilities or out-of-date firewall software, are behind on security patches to their servers and other devices, don’t have immediately recoverable backups of critical data or are using insecure data sharing services.
- CNN has reported that up to ONE MILLION new malware threats are released every day.
- Ransomware is the number one growing area of Malware attacks.
- Over 4,000 ransomware attacks are happening every day, an increase of 300% over 2015.
26% of the larger firms responding admitted to experiencing some kind of breach. TWENTY-SIX PERCENT!! Most of them were probably confident that their IT support organization had everything under control. Unfortunately, the more mundane but critical IT administration functions often get overlooked in exchange for more interesting activities.
“Most of them were probably confident that their IT support organization had everything under control.”
As legal professionals know, the ABA has rules (ABA Model Rules 1.1, 1.6) associated with safeguarding client information and then there are all manner of regulatory and contractual obligations that may apply – especially for health and financial services clients. And none of that covers the risk of potentially embarrassing a client if private information were to be made public.
We’d like to help. The Brightworks Group, an Indianapolis-based IT Managed Services firm founded and operated by senior level IT professionals is offering a FREE network security scan and technology state review.