The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/984836
16 PEER TO PEER: THE QUARTERLY MAGAZINE OF ILTA | SPRING 2018 Ensure the Highest Standards of Data Protection Any data within your walls – whether your own or your clients' – should be protected to with highest standards. One lapse in security or protocol and your reputation, your firm, and your future are on the line. We recommend three steps to support data privacy in 2018. Start a project to move the firm's technology operations to the cloud. Cloud providers offer high levels of security, limiting access to only authorized individuals while providing protections like HIPAA compliance, encryption, multi-factor authentication and more. Next, dra, update and enact technology policies and procedures. These documents outline the expectations for data privacy and the steps required to enforce them. The firm should live the security culture. Finally, update your old aging soware systems to the latest versions. Running a 10-year old version of a practice management system opens your firm up to unnecessary risk for both storing and transmiing data. Joe Kelly Legal Workspace www.legal-workspace.com Tips and Advice from ILTA's Partner Community ASK THE BUSINESS PARTNER What are your top three priorities around tools or processes to implement in 2018 regarding your organization's data privacy policies? Focus on the "Why", "What", and "Where" First, provide guidance and training on privacy and data protection principles and best practices. All the tools in the world won't be of any use if the staff doesn't understand why and how to use them. Engaging stakeholders in ongoing productive discussions around best practices can lead toward more pragmatic results. Next, address the "what". Ensure that content is categorized appropriately for your organization. You can only apply controls to content if you know what it is. Avoid the pitfall of overcategorization. The more complicated the process is, the more room for potential errors. Finally, look at the "where" component. Only once you've categorized the data correctly can you ensure that it is being stored correctly. Document the appropriate repositories and limit the number of repositories available. John Zahradnick InOutsource www.InOutsource.com Refining and Enhancing Technical Controls Building data privacy technical controls that work in concert with one another across all end-user devices will be a key focus in 2018. Least privileged access is not a new concept but refining and enhancing technical controls will help protect company data from accidental and intentional disclosure in a mobile workforce. Improving and enforcing data classification tags on all content produced or received will enable intelligent systems to protect sensitive data at rest, in transit, and from unauthorized users. Enhanced email and application controls to flag, strip, or quarantine protected company data before transmission/use to prevent data leakage even from authorized users. Extending user/system internet security beyond traditional company boundaries to verify and block malicious websites and content before they can interact with company data especially on mobile computing resources. Effectively enforcing all data, regardless of location, to passes through additional security layers to minimize infection and exfiltration of data. Stanleigh Rabin Keno Kozie hps://www.kenokozie.com