Most law firms have transitioned to a business model that allows their staff to work from home at least part of the time. While a hybrid work environment creates some unique obligations for their leadership, the basics of how they keep proprietary information secure can be instructive for almost any profession.
Back in 2019, most attorneys worked from a central office. When the pandemic began, law firms rapidly dispersed their workforce to keep their business running. The result was a patchwork of tech tools that worked (sort of), allowing operations to continue (sort of) while we all figured out how to deal with the new reality.
It’s clear that the remote/hybrid work model is here to stay, so it’s important to make the transition from the makeshift toolkit that was created haphazardly to a platform that meets all the interests of the firm.
What Has Changed, And Why It Matters.
There are three important changes to the legal landscape that impact how a law firm needs to think about its relationship with technology:
- Cybersecurity Recommendations Becoming Requirements: The initial shift to video conferencing and other online tools exposed many firms to data theft and ransomware attacks by cybercriminals. In early 2021, the ABA Committee on Ethics & Professional Responsibility published Formal Opinion 498 which reminded lawyers of their obligations in the new virtual world, but did little to provide guidance on how to secure their virtual operations. Local Bar Associations have also begun to issue cybersecurity recommendations and requirements, although the details of how to achieve compliance are largely being left to the individual firms.
- Client Expectations Around Data Protection Increasing: More and more clients are becoming aware of the risks involved with having their confidential information reside on an attorney’s unprotected computer. Creating protection policies that keep client data secure is easy to do with the right tools, but practically impossible if things aren’t set up correctly.
- Top Attorney Talent Expect A Robust Hybrid/Remote Model: The ability to work from anywhere is powerful, and it is also seen as something of a perq by attorneys. Recruiters need to have a story ready to sell potential new hires on how efficiently and effectively the firm’s IT infrastructure supports their ability to work remotely.
What It Takes To Get Remote/Hybrid Right
The first step in creating a secure IT system that meets the needs of your clients and your team is taking a realistic look at the mixture of systems, platforms, applications, networks, and staff training that make up your current system. Here are the areas your team should be evaluating on a routine basis:
- Cybersecurity: Every device that is used to access databases and client information needs to be secured with a business-class application to detect and eliminate cyberattacks.
- Offsight Backups: Hybrid work environments increase the likelihood of a successful ransomware attack, so having all of your data backed up in a manner that is completely separate from your operational storage is crucial.
- Disaster Recovery Plan: Regardless of whether it’s a ransomware attack or some sort of technical system failure, having a written plan in place on the required steps to take to get everything back up and running in advance can get you back online days or weeks sooner than possible if you are trying to figure it all out in the middle of a crisis.
- Use Secure Remote Tools: When your team is working remotely, be sure that all of their connections to firm resources are encrypted and secure.
- Understand The Human Element: If you already have the right cybersecurity and remote connectivity in place, then your weakest IT link will be the people on your team. Hackers are continually trying to burrow into law firm IT systems by tricking staff into filling out a form or making a phone call that is masquerading as a bank, insurance company, or other law firm.
If your system has been cobbled together over the years, it may make sense to have someone like us come in and give you a professional assessment of the system’s security and usability. You can schedule a free consultation with me and I’ll be happy to work with you to make sure your IT solution is secure and efficient.