Still Working From Home? Don’t Neglect Security and Privacy

Posted on 05/26/2020 by beverlym

Working remotely increases the probability of problems created by malware and ransomware, and the damage caused by them can be extreme. Take these 9 basic steps to protect yourself.

Backup your computer
Update and patch operating systems and apps
Manage accounts with security in mind. Avoid logging in as an Admin unless necessary.
Install anti-malware software
Establish a VPN (virtual private network) to connect to your office computer
Encrypt drives
Use conferencing software intelligently
Update network firmware
Use complex passwords

Read the full post here, which includes specific recommendations.

Learn More

Oregon lawyers can also take advantage of the following resources:

Backing Up Your Computer

Cybersecurity and data breach – follow the embedded link, then select this category

General advice on working remotely

Online data storage providers

Zoom video security

The April issue of the Oregon State Bar Bulletin is also an excellent resource.

Looking Back at 2019

Posted on 12/30/2019 by beverlym

Looking back at 2019 we covered a lot of ground. From posts on your career and well-being to eCourt, court procedures, finances, security, technology, and more. Here’s the recap:

Career

eCourt and Court Procedures

Finances

Security

Technology

Well-Being

Workflow and Office Systems

Odds & Ends

Happy (almost) New Year’s Eve and Happy New Year!

Ethics of Disaster Recovery and Data Breaches

Posted on 12/02/2019 by beverlym

Coming December 10 at 1:00 pm Eastern, 10:00 am Pacific – a lawyer’s ethical duties in responding to disasters and data breaches. Featuring ABA Formal Opinion 483: Lawyers’ Obligations After an Electronic Data Breach or Cyberattack and Formal Opinion 482: Ethical Obligations Related to Disasters (2018).

This session will offer real-life examples on how to recover from a disaster or a data breach — ethically.

Disasters and data breaches bring with them conflicting priorities to resolve. Duties of disclosure compete with those of confidentiality for your attention. The responsibility to provide legal services for which your clients have contracted may be adversely affected by disaster. Model Rules 1.4 and 1.6 provide the standards and the recent ABA opinions flesh out your ethical duties in the event of a disaster (natural or man-made) or a data breach (which is of course a very specific form of a disaster!).

Join our panel of experts as they guide you through these opinions with practical examples of how best to ensure you and your clients are protected in the face of this new world and all it has to throw at you.

This is a free CLE for ABA members. Register here.

Cybercrime: An Ongoing Threat to Law Firms

Posted on 09/23/2019 by beverlym

In the most recent issue of Law Practice Today Sheri Davidoff describes how hackers exploit weak security measures to steal from you and your clients. The most common targets: your email, logins, and files.

Email hacks

Once a hacker gains access to your email, he or she may download your entire mailbox, set up a rule to forward your messages to their account, or use email content to begin victimizing clients.

Preventive steps

Use proper passwords

Pass phrases (sentences) are the best. Otherwise, choose passwords at least 14 characters in length which contain symbols and numbers. It is critical to create unique pass phrases or words for each login to limit the scope of a security breach. Do not share them. Do not write them on sticky notes posted to your monitor. A password manager can make the job easier.

Turn on two-factor authentication

This sounds fancy, and if you’re not familiar with it, intimidating. It is neither. Login as usual, have your smartphone or cell phone handy, and enter the code texted to you to complete your login. It’s that easy.

Biometrics

You can use your face or your fingerprint to login if your device or software supports it. A quick Google search generates pages of “pros and cons” posts, which I will avoid repeating here.

Limit substantive content in email

Consider limiting what you say by email when the information is sensitive. Pick up the phone or send the client a message prompting them to login to your secure client portal instead. As Davidoff points out in her post, “Hackers commonly search your correspondence for ongoing conversations of interest—such as a real estate purchase or other upcoming financial transaction. Then, they actively monitor these conversations to maximize their ability to intercept a payment.”

Malware and ransomware abound

The most likely way to get infected with malware or ransomware is to click on a suspicious attachment or link. Use common sense before you click and if in doubt: don’t! Even if the message appears to come from a trusted source. Pick up the phone or compose a new message and ask the sender if he/she sent the email. (Don’t ask by forwarding the suspicious message – you are only spreading the threat.)

The US Department of Homeland Security has valuable tips on combating malware and ransomware. Also, take a few minutes and peruse the resources available at the ABA Law Practice Division (search: “malware”) or checkout the Professional Liability Fund CLE, Data Security/Data Breach: What Every Lawyer Needs to Know to Protect Client Information.

Phishing Scam Hits OJD Users

Posted on 07/19/2019 by beverlym

Here are the details.

Oregon Law Practice Management

Practice Management Tips for Oregon Lawyers

Tag Archives: malware