The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/271291
PEER TO PEER: THE QUARTERLY MAGA ZINE OF ILTA 60 ISO 27001 CERTIFICATION: PROOF OF "SECURITY" PURCHASE ILTA's 2013 Technology Survey revealed that only two percent of firms surveyed rely on ISO 27001 certification as a security measure. Yet this internationally recognized information security standard is gaining traction with the largest firms and their legal service providers. Global firms such as Allen & Overy and White & Case have touted their ISO 27001 certification, both to satisfy clients' requirements and to assure clients that security checks and balances are in place. Adherence to ISO 27001 ensures secure document-handling, especially as more firms move to virtual and cloud computing environments. Over the last three years, more law firms have accepted the value of the ISO 27001 standard. This value has in turn motivated them to use a certified ISO 27001 system to serve their clients better. The benefits resulting from the adoption of this standard have included the following: • Documented and tested disaster recovery and business continuity procedures • Compliance with regulatory rules and legislation in every applicable jurisdiction • Risk measurement, including asset identification, valuation and criteria for risk assessment and acceptance • Demonstrated continued improvement in the management and effectiveness of security processes • 24/7 availability of information systems Here is an example scenario that further highlights the benefits of ISO 27001 certification. When a service provider needs remote access to a firm's network and the firm's third-party access security requirements are so high a contractor has trouble creating a usable remote access/ control method, the ISO 27001 concept of a Business Associate (BA) agreement can come into play. In simple terms, a BA states the third party will follow the same security rules and regulations as the firm. With an agreement like that in place, a firm can be confident their subcontractor is held to the FEATURES FEATURES Enhancing User Support and Client Service with ISO 27001 Certification and ITIL At the ILTA educational conference in August 2013, I served on a panel with Sandra Dye of Lathrop & Gage and Sharyn Powell of Pillsbury Winthrop Shaw Pittman. We discussed how legal professionals, especially the legal service desk, can take advantage of new technologies to provide excellent customer support. We explored how changes in client interactions and work behaviors have led to changes in how user support must serve the users in a firm — not only with new technologies, but with new processes, methodologies and a modern IT operations framework. Legal IT professionals embrace advances in video and messaging chat, interactive voice response technology, cutting-edge ACD systems and more self-help options that are based on comprehensive and easy-to- navigate knowledge bases. However, we will do a major disservice to user support within our firms and for our internal and external clients if we do not focus on a less exciting but critical framework for security standards and IT services. ISO 27001, an internationally accepted information security risk management standard, and ITIL (the Information Technology Infrastructure Library), a generally accepted set of best practices for managing IT operations and services, can transform your service desk and put you in an ideal position to serve the user community in a rapidly evolving and fast-paced firm.