| |
| |
Dedication | |
| |
| |
About the Authors | |
| |
| |
Acknowledgments | |
| |
| |
Introduction | |
| |
| |
Data Breach Nightmares and How to Prevent Them | |
| |
| |
Can Your Law Firm Be Breached? | |
| |
| |
Need More Convincing? | |
| |
| |
What's New in the Data Breach World? | |
| |
| |
The Bad Rap Law Firms Get on Information Security | |
| |
| |
A Recent Law Firm Data Breach | |
| |
| |
State Laws Protecting Personal Data | |
| |
| |
Spear Phishing-and a Data Breach Avoided | |
| |
| |
A Nasty Law Firm Data Breach | |
| |
| |
Okay, I'm Convinced: What's Next? | |
| |
| |
Secure Passwords: The Rules Have Changed | |
| |
| |
Lawyers and Passwords | |
| |
| |
A Conversation with a Law Firm Security Specialist | |
| |
| |
Lawyers' Duty to Safeguard Information | |
| |
| |
Ethical Duties Generally | |
| |
| |
Ethical Duties: Electronic Communications | |
| |
| |
Common Law Duties | |
| |
| |
Statutes and Regulations | |
| |
| |
Standards for Competent and Reasonable Measures | |
| |
| |
Conclusion | |
| |
| |
Selected Ethics Opinions: Technology, the Internet and Cloud Computing | |
| |
| |
Physical Security | |
| |
| |
Introduction | |
| |
| |
Where Is Your Server and Who Has Access to It? | |
| |
| |
Alarm Systems, UPS and Paper | |
| |
| |
Security Assessments | |
| |
| |
Laptops | |
| |
| |
Lost and Stolen Devices | |
| |
| |
Training | |
| |
| |
Guests | |
| |
| |
Incident Response Plans and Disaster Recovery Plans | |
| |
| |
Information Security Overview | |
| |
| |
Security Standards | |
| |
| |
Security Programs and Policies | |
| |
| |
Inventory and Risk Assessment | |
| |
| |
People | |
| |
| |
Policies and Procedures | |
| |
| |
Technology | |
| |
| |
Managed Security | |
| |
| |
Conclusion | |
| |
| |
Desktops and Laptops | |
| |
| |
Authentication | |
| |
| |
User Accounts | |
| |
| |
Secure Configuration | |
| |
| |
Security Software | |
| |
| |
Patching | |
| |
| |
Hardware Firewall | |
| |
| |
Encryption | |
| |
| |
Backup | |
| |
| |
Installing Programs | |
| |
| |
Safe Browsing | |
| |
| |
Attachments and Embedded Links | |
| |
| |
Laptops | |
| |
| |
E-Mail Security | |
| |
| |
Smartphones and Tablets for Lawyers: Managing and Securing Them | |
| |
| |
Some Statistics | |
| |
| |
Attorneys' Duty to Safeguard Client Information | |
| |
| |
Mobile Security Basics | |
| |
| |
Additional Information | |
| |
| |
Voice Communications | |
| |
| |
Traditional Telephone Systems | |
| |
| |
VoIP Systems | |
| |
| |
Voice Mail | |
| |
| |
Portable Devices | |
| |
| |
Networks: Wired and Wireless | |
| |
| |
Authentication and Access Control | |
| |
| |
Wired Networks | |
| |
| |
Wireless Networks | |
| |
| |
Firewalls/IDS/IPS Devices | |
| |
| |
Routers | |
| |
| |
Switches | |
| |
| |
Secure Configuration and Management | |
| |
| |
Other Considerations | |
| |
| |
Remote Access | |
| |
| |
Virtual Private Networking | |
| |
| |
Remote Control | |
| |
| |
Remote Node | |
| |
| |
Modems | |
| |
| |
Remote Authentication | |
| |
| |
Backup and Business Continuity | |
| |
| |
Backup Job Types | |
| |
| |
Backup Media | |
| |
| |
Backup Solutions | |
| |
| |
Business Continuity | |
| |
| |
Secure Disposal | |
| |
| |
The Issues | |
| |
| |
Solutions | |
| |
| |
Conclusion | |
| |
| |
Outsourcing and Cloud Computing | |
| |
| |
Outsourcing | |
| |
| |
Cloud Computing | |
| |
| |
The Practical Side of the Cloud | |
| |
| |
Conclusion | |
| |
| |
Information Sources: Professional Responsibility and Cloud Computing | |
| |
| |
Securing Documents | |
| |
| |
Word | |
| |
| |
Adobe Acrobat | |
| |
| |
Document Management | |
| |
| |
Compound Files | |
| |
| |
Metadata | |
| |
| |
Final Thoughts | |
| |
| |
Cyberinsurance | |
| |
| |
Introduction | |
| |
| |
How Much Does It Cost? | |
| |
| |
Coverage | |
| |
| |
The Future of Information Security | |
| |
| |
Laws and Regulations | |
| |
| |
BYOD | |
| |
| |
Passwords | |
| |
| |
Policies and Plans | |
| |
| |
Mobility | |
| |
| |
Cloud Computing | |
| |
| |
Social Media | |
| |
| |
Training | |
| |
| |
Final Words | |
| |
| |
Additional Resources | |
| |
| |
Short List of Favorite Information Sources | |
| |
| |
Further Resources | |
| |
| |
Security Feeds | |
| |
| |
Security Web Sites | |
| |
| |
OS Feeds | |
| |
| |
People Feeds | |
| |
| |
Cloud | |
| |
| |
Security News Feeds | |
| |
| |
General Feeds | |
| |
| |
Tools | |
| |
| |
Other Resources | |
| |
| |
Excerpts from ABA 2011 Legal Technology Survey Report | |
| |
| |
Internet Access | |
| |
| |
Security: Technology Policies | |
| |
| |
Security: Technology Policies | |
| |
| |
Security: Security Tools | |
| |
| |
Security: Security Breaches | |
| |
| |
Security: Security Breaches | |
| |
| |
Security: Viruses/Spyware/Malware | |
| |
| |
Security: Viruses/Spyware/Malware | |
| |
| |
Security: Disaster Recovery and Business Continuity | |
| |
| |
Security: Disaster Recovery and Business Continuity | |
| |
| |
Security: Backup | |
| |
| |
Massachusetts Regulations-Personal Information Protection | |
| |
| |
Massachusetts Regulations on Personal Information Protection | |
| |
| |
Sensei Enterprises, Inc. Process-Out Checklist | |
| |
| |
Selected ABA Model Rules of Professional Conduct | |
| |
| |
Rule 1.1: Competence | |
| |
| |
Rule 1.6: Confidentiality of Information | |
| |
| |
Pennsylvania Ethics Opinion-Cloud Computing | |
| |
| |
California Ethics Opinion-Confidentiality and Technology | |
| |
| |
FTC Safeguards Rule | |
| |
| |
Lockdown: Information Security Program Checklist | |
| |
| |
Massachusetts Small Business Guide | |
| |
| |
OMB Security Requirements for Federal Agencies | |
| |
| |
FTC Disposal Rule | |
| |
| |
Oregon Ethics Opinion-Metadata | |
| |
| |
SANS Institute Glossary of Security Terms | |
| |
| |
Updates | |
| |
| |
Index | |