www.iltanet.org
46
Peer to Peer
Gotcha!
Offense Is the
Best Defense
Against Security
Vulnerabilities
A
ttorney John Doe receives an attachment
via e-mail and opens it on his computer.
the attachment is blank, so he closes it and
continues to work. he visits websites, the firm
intranet and goes about his business. John
doesn't know it, but his computer, as well as the firm's intranet,
have been compromised. The attachment had a keystroke
monitoring software program embedded. Keystroke monitoring
can be run remotely or by an attached device that resembles
a USB drive. If you think this is unlikely, consider that this type
of activity has already been used against celebrities and in
corporate espionage attempts. This is just one type of security
vulnerability that the legal industry must be vigilant against. Let's
take a look at others as well as some necessary steps toward
becoming more secure.
Dark Clouds
"Cloud computing" is the latest buzz phrase. We're now looking
at more companies providing software as a service (SaaS),
storage on demand and remote server capacity. As a result,
some firm and corporate data may reside outside a firm's
network and outside of the direct control of IT administrators.
While you will vet vendors as much as possible, there will always
be challenges; and frankly, there may not be a way to ensure
100 percent enforcement of your firm policies on a system that
you do not have complete control over. For a look at some
insightful questions that should be raised with vendors, visit this
by Donna Payne
