Have liberated workers become a security nightmare for law firms?

The digital revolution has freed data from the office to multiple devices, bringing with it issues of secure acess, compliance and reputational integrity, which even smaller law firms must now address explains David Meyer.

David Meyer, VP of product, OneLogin
David Meyer, VP of product, OneLogin

The digital revolution has impacted business of all sizes, across a wide range of industries, not only in terms of the way we now work, but most notably where we work.

Within the Government's Autumn Statement, which was released back in November 2015, Chancellor George Osborne placed emphasis upon investing in the use of technology within the justice system, including the digitisation of courtrooms and the moving of paper-based systems online.

Whilst the plans for digitising the justice system has been in the pipeline for several years, we are now beginning to see these come into force [1] and are witnessing the knock on effect for law firms.  Lawyers have been increasingly liberated from their desks and are accessing documents not only from their office desktop, but also their laptops, phones and tablets. The office is now, in essence, wherever they are.

A report [2] released earlier this year, which looked at technology trends in the legal industry, has backed up this trend and highlighted how legal firms are increasingly using web-based software in their law practices, with 72 percent saying that online document storage was now available in their law offices. The main driving factors were convenience and affordability, with 78 percent citing easy access to data from anywhere as one of the greatest benefits of using web-based software in their law firms and 67 percent adding that a key benefit was 24/7 availability to access their documents remotely.

The movement of legal processes onto the web has been a real step-change for a traditionally paper-based industry. The move online, however, has led to the increased importance of data security. Security software and assessments was ranked as one of the top ten technology purchases this year and fifth among planned purchases for next in a recent survey undertaken by the International Legal Technology Association (ILTA) [3].

Indeed, security management was named as the biggest challenge facing legal IT departments, replacing email management for the first time in eight years. Related to this was the need for information governance and risk management/compliance. Whilst this is of concern to all, improving data security has thus far been considered more of a priority among large law firms than medium-sized or small law firms, however the research suggests that times are changing.

One of the key trends affecting modern day law firms is that of bring your own device (BYOD). However, over a quarter (28 percent) of respondents said their firms do not currently have a policy, viewed by many as a key security measure.

The dramatic cultural shift in digitisation has shaken the core of the legal sector and has directly transformed the culture within each individual law firm, through the increased viewing and sharing of documents online. However, whilst this may mean a new found freedom for lawyers who find themselves no longer captive within their offices, it has led to a need for the industry to implement strong multiple authentication factors and user provisioning, which will allow them to keep the benefits but eliminate the risk.

It is imperative that each and every individual law firm, regardless of size, ensure priority is placed on protecting sensitive data that is being accessed remotely on a daily basis. Not only will this help them remain compliant with changing regulations, by preventing unauthorised users from accessing sensitive data with passwords alone, but it will help to avoid any potential damage to brand reputation caused by sensitive data being accidentally shared with the wrong people or a misunderstanding of processes.

Contributed by David Meyer, VP of product, OneLogin