The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/1097368
40 T here's an arms race in legal technolo. Fueled by increasingly complex security audits and consumer technolo, clients and attorneys alike are making more demands of their law firms, which are, in turn, making demands of their document management system (DMS) vendors. To meet these demands, new entrants into the DMS market are specializing in data security and augmenting the established content management systems. A "need-to- know" security model, in which only those specifically assigned to a particular matter have access to its contents, has sprung into the lexicon of many CIOs and CISOs. But what if "need-to-know" isn't enough? How do you protect data even from those attorneys and staff who legitimately have access to the content? This is where Data Loss Prevention (DLP) comes in. Going Beyond Need-to-Know with DLP You can think of DLP as a solution that is designed to save the users from themselves. DLP ensures that actions performed on work product meet both client and jurisdictional rules and requirements. For instance, an attorney may have full administrative permissions to all matter content, but may not realize that specific content is not allowed to be emailed to a European domain. DLP would prevent that action. Actions that lead to data loss are, in the vast majority of cases, not performed maliciously. Rules enforced by DLP are meant to protect data from the naïve or hurried user. Corporate America is already familiar with DLP. Vendors such as Symantec and Digital Guardian have been offering DLP solutions to large enterprises for years. But DLP: Protecting You From Yourself B Y B R I A N P O D O L S K Y DLP is fairly new to legal technolo, since many of those enterprise DLP solutions failed to integrate into legal platforms, where client and matter assignments reign supreme. Major legal DMS vendors are now entering this paradigm. iManage Extends Security Policy Manager and Enhances Threat Manager iManage has made incredible strides in the security realm over the past two years. Security Policy Manager (SPM), part of the iManage Govern Suite, provides firm with a straightforward approach to achieve the "need-to-know" security model. With upcoming integration with RAVN technolo available in iManage Insight, knowledge managers can rest assured that content and expertise are managed properly even in a secure environment.