Peer to Peer Magazine

Fall 2014: Security Is Everyone's Business

The quarterly publication of the International Legal Technology Association

Issue link:

Contents of this Issue


Page 24 of 91

PEER TO PEER: THE QUARTERLY MAGA ZINE OF ILTA 26 SMART MOVES About the Author Ted Theodoropoulos is the President of Acrowire, an IT consulting firm specializing in technology solutions for legal services. After 10+ years in corporate positions with companies such as Microsoft and Bank of America, Ted pursued his passion and business of driving tangible business results through technology full time. Acrowire increases productivity and eliminates inefficiencies, ultimately accelerating firm growth through SharePoint development, software development, business process improvement, virtualization and cloud services. Contact Ted at Six Sigma is a statistically driven and disciplined framework that aims to improve processes, minimize errors/defects and reduce variations. An expert trained in the Six Sigma process governs both individual steps and the process as a whole by using a structured project plan that acts as a blueprint for implementing Six Sigma initiatives toward the goal of predictability. Six Sigma can be initiated both for new processes (i.e., design for Six Sigma) and for existing processes (i.e., improvement projects). SIX SIGMA AND RISK MANAGEMENT Protecting sensitive data is not only part of client expectations but mandated by ethics rules, creating the utmost accountability and pressure on law firms to implement preventive measures. According to the 2013 ILTA Technology Survey, security and risk management are among the top concerns for law firms, which handle sensitive client information, business strategies and intellectual property. This puts them at higher risk of inadvertently exposing sensitive data than companies in many other industries. Law enforcement has long worried that law firms are not doing enough to guard against intrusions by hackers. In fact, in 2011, the Federal Bureau of Investigation began organizing meetings with top law firms in major cities to highlight the issue of computer security and corporate espionage, according to "Law Firms Are Pressed on Security for Data," an article that appeared in The New York Times in March 2014. The Six Sigma methodology works directly to mitigate this risk. It provides a proven formula for achieving predictable outcomes as well as risk management tools to quantify and prioritize risks. IT departments that leverage the Six Sigma framework take a disciplined approach to managing change in their environments. Where risks are present, corresponding controls are implemented to ensure that processes are put in place to mitigate and offset those risks. In addition, the risks and controls are documented and vetted by key stakeholders, a feature which is foundational to any mature risk management program. Whether they come internally or externally, risks to information security are always present and ever-changing. It is often the seemingly obvious and mundane areas of the IT environment that create the most risk, such as inadequate password policies or users running out-of-date software. While these gaps seem glaring to any seasoned security professional, they still persist in the legal services industry. Negate Risk with Six Sigma The Project Management Institute defines risk as "an uncertain event or condition that, if it occurs, has a positive or negative effect on a project's objectives." Unpredictability in any direction — the hallmark of risk — is undesirable. Law firms often seek to bolster technology in order to lessen unpredictability, but it is not necessarily the technology that needs to be improved. It is time to dig deeper and use the power of Six Sigma to correct the root of the problem in your practice — the underlying processes that the technology supports.

Articles in this issue

Links on this page

Archives of this issue

view archives of Peer to Peer Magazine - Fall 2014: Security Is Everyone's Business