Daily, law firms generate large volumes of paperwork, with letters and forms changing hands via faxes, express mail delivery, and increasingly, in digital formats such as PDF. With everything from internal partner memos and court filings to privileged communications with clients now existing in digital spaces, security is more important than ever. Protecting these documents, not only from outsiders but also from internal misuse, requires a proactive approach to document security.
With that in mind, here are seven ways law firms can take action to better protect sensitive legal documents from misuse and potential exposure.
The first step towards improved document security across entire law firms is the simplest one — give your team the right tools for the job. Without software that can handle tasks such as password-protecting PDFs or granting specific permission to partners and clerks, establishing an in-office framework for secure document handling is next to impossible. Opt for modern, cost-effective and well-maintained solutions built with businesses like yours in mind. This option includes desktop and mobile software, and cloud services – including SharePoint with baked-in security features for enterprise users.
Password protecting sensitive client information and restricting access only works when two elements come together — good password creation and strong encryption. An excellent password doesn't mean much if it comprises an outdated, broken encryption method, while even the most robust cryptography today can't reduce the insecurity of using "password123" on essential files.
Look for software supporting the current standard, AES-256. Another version, AES-128, is still in widespread use and frequently receives the stamp-of-approval from security-oriented firms. The numbers here refer to the length in bits of the cryptographic key used to encode data — more bits equals a much longer time to guess all potential combinations. For law firms facing obligations for protecting client information and other secret data, AES-enabled software is a must-have.
Not everyone in the office should have the opportunity to view any file. With a locked filing cabinet containing important current case files, for instance, it's easy enough to keep the key with a trusted partner rather than an intern or clerk. The same principle should apply for the firm's computer systems, using operating system-level tools and software to establish strict permissions for files throughout the business. Altering a document's attributes to prohibit printing and copying is necessary, too. Digital document security doesn't matter much if someone can simply carry sensitive data away on a hard copy.
When preparing documents for archiving or for transmission to another firm as part of discovery, ensure your team removes document metadata thoroughly. These basic attributes of the file, hidden away in obscure menus, could accidentally reveal privileged information or otherwise sensitive data your team is responsible for. Stripping metadata from a file is easy with the right tools and provides additional assurances you've taken all the right steps.
Locking down documents and keeping them in the right hands are imperative aspects of any lawyer's approach to secure document procedures. However, there are also considerations to make concerning signing paperwork. Taking the signing process online avoids the delays of the mail system and provides an accountable, traceable history for the document — with the appropriately featured e-signature tools. Such tools should contain certificate-based security, either self-signed or issued by a trusted certificate authority. With these, providing verifiable proof of unaltered signatures is simple.
Data loss doesn't only occur when disk drives fail. When password protecting PDFs and other information, take care not to lose or forget the password. If determined bad actors can't break through the encryption, you won't either. Using password managers may provide an option for addressing this risk.
All the investments in software and new computer-based processes won't matter if your firm lacks clear guidelines for document handling. Everyone should understand their role in protecting private information, especially when communicating with clients or sharing documents with opposing counsel. Establish a concise set of rules governing access, replication, storage and more so that every member of the firm knows the right thing to do.
Safeguarding documents from tampering and misuse isn’t only a matter of best practices; it’s often a legal responsibility, too. By taking these steps to improve the security of the digital files a firm uses daily, it's possible to work with fewer concerns and greater flexibility. From choosing the right software to training staff on best practices, there’s always at least one thing every firm can do to improve its security footing.
Ben Liu is an experienced eCommerce Director from Irvine, California with more than 15 years of experience building brands and refining the development of revenue streams. After generating more than $100 million of incremental revenue improvements in previous positions for heavy hitters across the tech industry, he joined Kofax. Now a driving force behind innovative marketing efforts and the growing popularity of Kofax Power PDF with SMBs, Ben continues to improve outreach via innovative chatbots, data-driven marketing analysis, and a dedication to consumer-first content. Ben brings an engineer's eye for detail to Kofax along with a passion for helping brands reach their potential.
Copyright © 2019 Legal IT Professionals. All Rights Reserved.