Blogs

Be the first person to like this post.
Please enjoy this blog post authored by Dr. Georg Thomas, CCISO, CDPSE, CISM, CISSP, GRCP   Cyber-attacks are on the rise across the globe with 2021 identified as the highest average cost of data breaches over the past 17 years (IBM, 2021). Law firms are under increased pressure from clients, insurers, and regulators to name a few to ensure that adequate protections are in place to provide protection from cyber threats. It is no secret that law firms hold vast amounts of sensitive and valuable information and consequently, law firms are increasingly becoming targets (Shanker, 2021). Over the past few years, there has been an increased focus on implementing ...
1 comment
1 person like s this.
Please enjoy this blog post which was authored and posted on behalf of Randy Anderson, Loffler, CISSP and Manager of the Cybersecurity and IT Consulting teams, Loffler Companies. Introduction Establishing an Information Governance (IG) Committee is an important first step on a journey that will allow your firm to create and implement effective policies and procedures and select the appropriate technologies to manage and protect the confidentiality of the information that is gathered and stored about your clients. This article it written as a starting point for firms that may not yet have a formal committee and related policies in place. Committee Representation ...
0 comments
Be the first person to like this post.
Please enjoy this blog post authored by Megan Larkins, Information Security Consultant Manager, FRSecure .  Description: Managing an Information Governance (IG) committee can be difficult enough, but the process is elevated to another level if you’re tasked with assembling one from the ground up. Member selection, building support across practice groups, keeping the group focused on the impact on the firm’s business, and finding educational materials for the committee consumable by members who may have no background in IG are only a few of the challenges faced by IG leaders. While we can’t provide all the answers, this blog post will attempt to provide ...
0 comments
Be the first person to like this post.
Please enjoy this blog post authored by Kathleen Jimenez, Information Governance Manager, White & Case LLP. Please Note: This blog is part of the Taming Unstructured Data series which includes the introduction and additional blog which you will find below in the related content.  Who keeps moving the copy center folder?  That was the question which transformed the way our Information Governance team supports and is cleaning up our Shared Drives spread throughout our firm. Anyone who has tried to answer this question knows that the lack of robust activity logging on shared drives makes it almost impossible.  We long have said we wish there was ...
1 comment
2 people like this.
Please enjoy this blog post authored by Bryn Bowen, Principal, Greenheart Consulting Partners. Of all of the collaboration tools being used in the law firm world, Microsoft Teams is the most popular because it’s already available to end users as part of many firms’ Office 365 suite, and because it offers legal practitioners (and other knowledge workers) an intuitive user interface.  By virtue of its range of capabilities (file sharing, co-authoring, messaging, video and audio calling), and the number of different information repositories within the Team (OneDrive, SharePoint, Exchange), a Teams implementation defines the need for proper governance in order ...
1 comment
2 people like this.
It’s collaboration time! There’s a lot of buzz in legal tech about Microsoft Teams and its collaboration features. In recent years attorneys have been asking for more tools to enable collaboration, and the “new normal” remote workplace has reinforced the need for new, innovative tools for our attorneys.  As with all legal technology, there are many considerations to account for when working with client data. In this first post of a multi-part series, we’re going to talk about the basics of what Teams is, and what it isn’t.  Other posts in the series will do deeper dives into considerations around provisioning Teams and integrating with your DMS. Since Teams ...
1 comment
3 people like this.
Electronic and Digital Signatures Reference Guide – A guide for the rest of us! For many years now, governments and organizations around the world have had the ability to “e-sign” documents. Due to the cost, complexity, and myriad of regulations, many organizations have just simply stayed away and maintained the proven practice of “wet” ink signatures. As the situation with the global pandemic changed, so did attitudes and regulations surrounding electronic signatures. More and more organizations needed the ability to sign documents electronically to keep revenue streams flowing. The need for electronic signatures went quickly from “nice to have” to “must ...
0 comments
Be the first person to like this post.
New security challenges Mobility, the cloud, and the modern workplace have fused to create unprecedented opportunities for law firms to connect with clients and optimize productivity. With these opportunities, however, comes an increasing focus on the need to protect law firm users and sensitive data, as risks such as breaches and data leakage are now substantially greater. We’ve all heard about highly publicized security breaches in the corporate world—according to security intelligence vendor Risk Based Security, over 6,500 publicly disclosed breaches exposed more than 5 billion records in 2018 alone . With a large quantity of sensitive information ...
0 comments
Be the first person to like this post.
​ This piece – the final entry in this series – is a grab-bag of tips for dealing a variety of matter management issues raised by ILTA members. Reach in and pick one out (or two, or three) and hopefully you’ll find useful ideas that will help you address some issues that are common across our firms. During the life of the matter: how are you making sure all of the matter information is managed, that the right people have access to it, and users can find what they need? Avoid “private” storage of data wherever possible (local hard drives, private mapped drives, USB drives, email, any other location only accessible by the user/owner.) Limiting these ...
0 comments
2 people like this.
​ All good things come to an end. Okay, maybe not “general” client matters, which can stay open for decades, but you will certainly need to regularly deal with the final disposition of records as an Information Governance function. Alexander already did a great job of outlining the importance of closing a matter, which teams need to be involved, and the important role played by your records retention policy (for more on the records management side of the equation, check out the ARMA GARP IG Maturity Model .) More specifically from an Information Governance (IG) perspective, the following notes will highlight a few areas of focus to help ensure the successful ...
0 comments
1 person like s this.
Every few months someone comes to the Information Management Content team and asks why we're not doing programming on closed document management systems or "pessimistic" security, where access to client/matter documents is restricted to only those assigned to that matter. Firms who are used to an open DMS may need to rethink their collaboration and knowledge management strategies. ILTA members and our vendor sponsors have been generating content on that topic for several years, but it's not always easy to find, so we thought we'd collect it in one place.  We don't have any easy answers, but below are some links help you consider the questions in fresh ways. ...
0 comments
2 people like this.
ILTA's recent technology survey shows that firms are taking an increasingly granular approach to security. Believing that it is no longer sufficient to simply secure the network perimeter, these firms are locking down access to documents at the matter level. While this kind of effort is one step toward meeting the increased levels of security required by a firm’s clients, completing it can be a real challenge. We designed the list below to be a starting point for firms considering this project. If you have additional items you think should be added, please post them in the comments. Determine what is being secured: Are you securing to practice groups, ...
0 comments
Be the first person to like this post.
The Internal Revenue Service (IRS) released on Tuesday, May 26, 2015, news of a major data breach, estimated to have affected 100,000 U.S. households’ tax returns. The data was wrongfully obtained from an IRS application known as “Get Transcript,” which allows taxpayers to access their prior tax returns. This data includes Social Security numbers, dates of birth and street address of individuals who have filed tax returns. The hackers used the data to produce a fake 2014 tax return, and then requested that the IRS send a tax refund to a hard-to-trace debit card. Although only a small percentage of American households have been affected, the impact is significant. ...
0 comments
2 people like this.
Everything I ever wanted to know about eDiscovery Every now and then the stars align and you find yourself in the right place at the right time. All I did was raise my hand; the electronic one sometimes referred to as email, in response to a query looking for folks with the desire to volunteer time and effort to create something intended to be shared with others for the purpose of education and awareness. The Task Force , as we were called, was made up of participants of the Law Firm Information Governance Symposium (“LFIGS”). This was the beginning of a journey that would teach me everything about eDiscovery I ever wanted to know. The ...
0 comments
1 person like s this.
It’s 10:00. Tomorrow you have to return or destroy all copies of client-provided data for a big client. Do you know where your client-provided data is? Chances are, if you are like most firms, you may not, especially when it comes to client-provided Electronically Stored Information, or ESI. How can Information Governance (IG) help? ESI is largely made of many copies of client data, modified as it travels through the eDiscovery work flow. A typical work flow may start with a drive full of client data, which is then processed, sorted, searched, culled, analyzed, reviewed, and eventually produced, often on another drive, to an adverse party. ...
0 comments
1 person like s this.
It seems that the Records and Information Management profession faces an annual need to justify its very existence. Lucky for RIM practitioners, the profession will continue to grow and have "legs" for many years to come. Here are 5 things that YOU as a Records Professional can do to raise your program’s value within your organization: • Make your Records program about customer service first and foremost. Records Management is and always will be a support function so staff must be trained on proper etiquette and client facing interaction • Become knowledgeable of the myriad of Records and Information based standards that exist such as: ISO 15489-1 ...
1 comment
Be the first person to like this post.
With the amount of electronic information being stored on users hard drives, is there a standard practice being followed for retaining such electronic information post departure? If so, I'd be interested in hearing standards, practices, policies, etc. you are using to retain such information.
0 comments