Articles filed under Risk management

locked-keyboardjpg

Although written for barristers, the recommendations below would broadly apply to any lawyer practising without the support of an IT team.

As a practising barrister, your working life is probably busy, hectic and mentally exhausting, and the thought of having to consider the security of your IT equipment is more than likely not one that bears too heavily on you. “My PC, laptop, smart phone, tablet, and networks etc all come with ‘built in’ security so that’s enough” I hear you say. Well, sorry to burst your bubble, but it’s not enough unless you can afford to pay out thousands of pounds in financial penalties to the Information Commissioner or by way of compensation in the event of there being any significant loss or compromise to your client personal information.

The simple fact is that while the basic cloud proposition is the same, not all cloud providers are created equal. And given that IT is mission-critical to most law firms, it is essential that firms undertake comprehensive due diligence on potential cloud partners to establish their credentials.

Some key risks arise from cloud computing. Principally, they revolve around the management, confidentiality and security of data. The storage of vast amounts of outsourced data in server farms across the world presents the potential for data leakage, contamination and interference.

A wide range of legal compliance and other issues surround Web 2.0 services, for which a failure of observance might lead to serious consequences. Legal vulnerability potentially arises through deliberate or accidental abuse of information that is posted or mutually exchanged. This article covers the legal, security and operational issues that might arise.