Last week we looked back at the standout articles and posts from Law Practice Magazine and Law Practice Today in 2014. Now, we’re taking a look back at this blog and some of its thought-provoking, or otherwise interesting posts. I confess this has been tricky, as there is such good content; my inclination is to point you to the archives and call it a day.
I could do this the long way, like a 70,000 word exposition of all the good content, but I’m opting for the short way: a manageable post covering the Top 10 based on analytics. <READ MORE>
CryptoWall, one of a family of malware programs that encrypts files and demands a ransom from victims, has undergone a revamp that is frustrating security researchers.
At one time, CryptoWall was a second-rate successor to CryptoLocker, which largely disappeared after law enforcement shut down the Gameover Zeus botnet that was used to distribute it.
Ransomware has been around for more than a decade, but cybercriminals have resurrected the scam over the last couple of years with surprising success. Files on computers infected with ransomware are encrypted, and victims are encouraged to pay a ransom—usually in the virtual currency Bitcoin—to unlock their files.
Dell SecureWorks estimated in August 2014 that CryptoWall had infected 600,000 computers in the previous six months, netting as much as $1 million in ransoms. The fee demanded ranges from $100 to $500. <READ MORE>
For 2015 – Start off the New Year by ensuring your Business stays in Business.
You’re humming along in your business, and suddenly — out of the blue — the unexpected happens. It could be in the form of a natural disaster, or something else, like a medical emergency for you or your most valuable employee. You could lose your entire data system to a tech glitch, or sales of your new product could flat-line.
Any of these events could prevent a business from functioning, and that’s where contingency planning can save the day. Stephen Bush, who is CEO ofAEX Commercial Financing Groupand has 30 years as a small-business consultant, sums it up: “Contingency planning involves asking yourself what could go wrong for every aspect of your business, and then preparing an action plan for what you will do if that happens.” Here is a four-step process you can use to prepare a contingency plan for your business. <READ MORE>
While the buzz around the Sony hack has shifted to the impact on free speech, and terrorist threats against movie theaters that dare to show the movie The Interview, there are many layers to the Sony debacle. One element that made for salacious headlines immediately following the hack, but has since faded from the spotlight, was the hackers’ dumping of company emails onto the Web.
The messages of Sony executives were both damaging and embarrassing. The fallout should remind us that there are likely a few things in all our email archives that could be humiliating if a hacker, hacktivist, or malicious insider published the contents for all to see. I have thousands, or tens of thousands of emails, going back for years. It’s safe to assume that something in there would at least be embarrassing, if not damaging to me personally or professionally as well. <READ MORE>
From: Intuit QuickBooks, by Laura McCamyon December 15, 2014
Just because your business is small, don’t imagine you’re immune to the predatory tactics of malicious hackers. The National Cyber Security Alliance (NCSA) reports that 50 percent of small-business owners in a 2013 survey said they had experienced a cyber attack. Security breaches can be a serious problem for small businesses because they often don’t have the resources to recover from an attack.
If you are feeling overwhelmed at the thought of adding one more item to your overflowing to do list, there is good news. NCSA Executive Director Michael Kaiser offers eight ways to protect your data and your business.
1. Don’t Be Complacent
“It’s likely that small businesses are more vulnerable than larger businesses that are making larger investments in security. The bad guys know that,” Kaiser says. Cyber criminals have lots of tricks up their sleeves, from creating fake payroll entries to finding ways to siphon money out of your business bank account. “An operation that has good cash flow could have a fair amount of money in the bank at any given time,” he says, which makes it an attractive target. <READ MORE>
A strong security policy is one thing. Employees’ actual security behaviors are often quite another. In the complex and rapidly changing world of cyber security, experts say that training is essential to keep workers up to speed – and ensure your business stays safe.
How do you teach employees security tactics, and make sure they actually utilize them? Try these five tips to start: <READ MORE>
The phrase “cloud computing” is ubiquitous. Instagram. Dropbox. Google Apps. Evernote. Netflix. There is little in every day life not touched by cloud computing. That’s increasingly true for the practice of law and running a law firm as well. Here’s what you need to know to get the most of cloud computing applications, with an eye on ethics and client confidentiality.
The Basics of Cloud Computing
Cloud computing, broadly defined, is a category of software and services delivered over the Internet rather than installed locally on a user’s computer. Cloud computing offers a variety of potential advantages, including:
Low upfront costs.
Access from any device with an Internet connection.
Simple setup and configuration.
Built-in disaster preparedness.
Using cloud computing applications in your practice can give you freedom and flexibility. For example, it removes the worry of losing a day of work for solo and small firm lawyers, and it lets cross-country or otherwise disparate teams collaborate efficiently at mid-size and large law firms. Because cloud computing places data–particularly client data–on remote servers outside of the lawyer’s direct control, it is also cause for some concern regarding client confidentiality and the applicable rules of professional conduct. Each lawyer considering using cloud-based tools will need to weigh those concerns and make sure they’re confident they’re taking reasonable steps to protect their clients. Further reading: Lawyers and the Cloud: 3 Myths Debunked
Google is ready to give New Year gift to the Internet users, who are concerned about their privacy and security. The Chromium Project’s security team has marked all HTTP web pages as insecure and is planning to explicitly and actively inform users that HTTP connections provide no data security protections. There are also projects like Let’s Encrypt, launched by the non-profit foundation EFF (Electronic Frontier Foundation) in collaboration with big and reputed companies including Mozilla, Cisco, and Akamai to offer free HTTPS/SSL certificates for those running servers on the Internet at the beginning of 2015. <READ MORE>
Now that Black Friday and Cyber Monday are behind us, the best deal we see this holiday season comes from the International Legal Technology Association (ILTA) with their annual report, ILTA’s 2014 Technology Survey. This granddaddy of legal technology deployment & usage benchmarks has it all … 454 law firms (33% of the ILTA membership representing more than 106,000 attorneys and 217,000 total users) responding to almost 200 questions about what technologies they are using to run their firms; expert commentary by ILTA staff and member firms to support the findings and useful technology trending and ‘un’ trending info based on ‘compare and contrast’ exercises with previous survey editions. And, oh yeah, if that hasn’t sold you already, the entire 300 page PDF ‘opus’ is free of charge … a more than gracious ILTA legal technology community service gesture.
While we have not had the chance to dive in to the freshly published (released to ILTA members today!) findings, we did receive some survey themes from ILTA’s executive director and tech survey ‘MC’ Randi Mayes worth sharing here:
Security: ILTA has seen a strong trend in security over the last few years, and it continues in 2014. Initiatives like security audits and web filtering have become the norm (now at 73% and 81% of responding firms, respectively,) and hard drive encryption (now above 50%) are becoming much more common. As the survey executive summary notes, to a large degree, firms’ security agendas are being pressed by clients and regulators, and the recent government privacy and security sanctions of blue chip financial services and telecommunications companies will only accelerate security as priority #1. <READ MORE>
The data breaches of 2014 have yet to fade into memory, and we already have 2015 looming. Experian’s 2015 Data Breach Industry Forecast gives us much to anticipate, and I’ve asked security experts to weigh in with their thoughts for the coming year as well.
Experian highlights a number of key factors that will drive or contribute to data breaches in 2015. A few of them aren’t surprising: Organizations are focusing too much on external attacks when insiders are a significantly bigger threat, and attackers are likely to go after cloud-based services and data. A few new factors, however, merit your attention.
First, there is a looming deadline of October, 2015 for retailers to upgrade to point-of-sale systems capable of processing chip-and-PIN credit cards. As banks and credit card issuers adopt more secure chip-and-PIN cards, and more consumers have them in hand, it will be significantly more difficult to clone cards or perpetrate credit card fraud. That’s why Experian expects cybercriminals to increase the volume of attacks early in 2015, to compromise as much as possible while they still can.
The third thing that stands out in the Experian report is an increased focus on healthcare breaches. Electronic medical records, and the explosion of health or fitness-related wearable devices make sensitive personal health information more vulnerable than ever to being compromised or exposed. <READ MORE>