Tuesday, 15 October 2013

Thinking about Security

Security seems to be one of the (many) operational 'things' that many lawyers don't want to deal with. Whether its the security of their buildings ("Why do I need to carry this stupid ID badge around with me?") or the security of their emails ("Just copy that confidential email to my Yahoo account, will you?").

Sadly security is an issue and does need to be taken seriously. Fortunately there are some simple things to do - these might not make your systems completely secure, but for many lawyers, doing something (anything) is better that the situation at the moment where many are doing nothing. At this stage we're just thinking about your computer security:
  1. Make sure that your phone and tablet have a password assigned - and that the password is necessary to see the contents of the phone after any length of time. Yes - I know that it's a pain to keep typing in those pesky details, but it does help to keep your data a bit more secure;
  2. Make sure the password isn't '9999' or '0000' - those are the first that everyone tries;
  3. Make sure that your laptop is encrypted. I can imagine that many of those reading this are now sighing in frustration. It is not, however, complicated. If you use a Mac - and so many more do now - then good encryption is built in and needs to be switched on. MAKE SURE YOU KNOW YOUR ENCRYPTION PASSWORD - and no, please don't write it down anywhere. If you are a Windows user, there are plenty of systems available to encrypt your hard disk such as BitLocker from Microsoft. It's about as good as any of them and, being Microsoft's you shouldn't see any compatibility issues;
  4. Don't send information to your personal email account - Yahoo, Gmail, Outlook.com etc etc. I know that it's convenient but it is massively insecure;
  5. Think about encrypting all emails. This used to be difficult, but products like mKryptor make is cheap and simple. Who knows, be ability to easily send and received encrypted emails without your clients loading software might be a way to more sales;
  6. Think about where your laptop, phone and tablet are - don't leave them on the train...;
There you go - 6 simple things that you can do that will significantly improve your security.

One last message - based on just too much experience of this question - for those of you engaged in Criminal Law and using CJSM - there is no way to forward emails to your personal account. Think it through...

No comments:

Post a Comment