By Jeff Jenkins | Chief Information Security Officer, LexisNexis Legal & Professional Summary How LexisNexis is Upholding AI Security and Privacy in Law The Gold Standard of Security and...
In-house counsel that operate with a small team, or perhaps even as a one-person legal department, are all too familiar with the daily juggling act between corporate governance, contract drafting, employment...
In-house counsel are caught up in a transformational wave, fueled by rapid innovations in AI, that could reshape the way they deliver legal services to their internal clients and manage work in partnership...
* The views expressed in externally authored materials linked or published on this site do not necessarily reflect the views of LexisNexis Legal & Professional. Corporate legal departments are under...
* The views expressed in externally authored materials linked or published on this site do not necessarily reflect the views of LexisNexis Legal & Professional. As AI is poised to transform workplaces...
* The views expressed in externally authored materials linked or published on this site do not necessarily reflect the views of LexisNexis Legal & Professional.
A large section of the legal industry has gone digital as a result of the Coronavirus pandemic—something experts didn’t think we’d see anytime soon. Yet with so many firm employees spending more time online, it means that cybercriminal activity is rising as well.
For law firms that weren’t prepared to go digital, the time is now to enforce and reinforce some prudent security policies.
Here are three things to help you (and your law firm) stay safe while working online from a home office.
One of the toughest lessons many law firms learned as a result of the pandemic is that they were simply not prepared to shift their entire workforce to virtual offices. Firms that didn’t have a remote workforce quickly learned that the tools they had on hand were not intended, nor designed to work safely off-site, even through a VPN or the internet.
A VPN, or virtual private network, is a service that allows access the internet, as if you were connected to a private network—anonymously and from any location.
Unfortunately, many of the security tools used by law firms depend on the local network and aren’t well-equipped to go remote—often exposing partners and employees to cyber risks.
While law firms have begun to spend more money in IT security, data breaches are still costing companies billions.
It is for this reason that remote-connection tools such as VPNs, instant messenger platforms, video conferencing tools and daily employee webinars are particularly valuable.
But even these platforms aren’t wholly prepared for the types of threats out there, with Zoom Video Communications already having some legal troubles with instances of ‘Zoom Bombing’.
“Zoom bombing,” according to Grit Daily News, a New York based news outlet for millennials and Gen-Z, is a new technique in the wake of COVID-19, where attackers are able to identify, discover and infiltrate insecure video conferences.
If you aren’t familiar with two- or multi-factor authentication, you should be. That’s when there’s a redundant security checkpoint that makes doubly sure you are who you say you are.
You want to make it as difficult as possible for data to pass between the machine originating the connection and your remote/virtual desktop. A firm’s security team should bridge this gap by disabling “shared drive” access between the host and virtual device—no information should be passing directly between the two.
From a security standpoint, make sure that you’re aware of your firm’s security policies, with specific regard to phishing emails. “Phishing” is a form of social engineering, in which online attackers use your online interests against you. No matter how savvy you may be with cybersecurity, these are unprecedented times.
Stay vigilant—cybercriminals are exploiting the Coronavirus pandemic to send fake emails with dangerous links to employees.
For example, you may get an email message that appears to come from company officials or your IT department, asking you to open a link to a new company policy related to the coronavirus. If you click on the attachment or embedded link, you could potential download malware onto your device.
If an email look suspicious to you, don’t click. Instead, immediately report the phishing attempt to your employer. Want to learn how to detect phishing? The FTC has an entire subsection of its website dedicated to the topic.
Andrew Rossow is a telephonic solutions consultant at LexisNexis. He is also a practicing millennial attorney, law professor, entrepreneur, writer and speaker on privacy, cybersecurity, AI, AR/VR, blockchain and digital currencies. He has written for many outlets and contributed to cybersecurity and technology publications. He currently writes for The Today Show, Grit Daily News, Law360, and CoinTelegraph. Utilizing his millennial background to its fullest potential, Rossow provides a well-rounded perspective on social media crime, technology and privacy implications. He has been featured in Fast Company, Entrepreneur, and Forbes.