Is PCI Compliance Enough?

CIO Magazine recently ran an insightful article about PCI compliance. The article emphasizes that PCI “compliance” is a credit card industry minimum set of standards to protect data and to minimize data breaches. However, as the numerous data breaches…

Read More

Pennsylvania CLE Board Adds Technology Ethics Category

In October 2014, the Pennsylvania CLE Board Website added a new category for lawyer CLE programs called Ethics–Technology (new ETH10). Attorney Shannon Brown requested the additional category in light of the Pennsylvania Supreme Court’s changes to the Pennsylvania Rules of Professional Conduct effective November…

Read More

Attorney Brown Receives Cybersecurity Technical Certification

Attorney Shannon Brown passed the new, performance-based, CompTIA Security+™ certification exam on September 16, 2014. CompTIA Security+™ certification provides an industry-recognized method to objectively demonstrate technical skills in computer security, data security, or cybersecurity. The new cybersecurity certification is believed to be a first for an attorney in Pennsylvania. The…

Read More

Cybersecurity Basics for Pennsylvania Law Firms

Most Pennsylvania law firms either misunderstand cybersecurity [computer and network security] or significantly underestimate the threat of data breaches at law firms. Successful “hacks” can result in the loss of client confidential data or even losses of escrow funds. Considering the November 2013 updates to the…

Read More

The Next Battleground for Data Breaches…Shareholder Lawsuits?

Companies ill-prepared for data breaches and failing to take reasonable steps to secure data and computer systems face increasing and serious risks to the business. Specifically, companies, officers, and boards must start taking data and computer-systems security seriously or risk shareholder lawsuits. Shareholder Lawsuits for Data Breaches In two…

Read More

An Introduction to Malware for Lawyers

The FBI recently warned that law firms are specific targets of computer criminals (cybercriminals) seeking unauthorized access to data. Pending changes to the Rules of Professional Conduct re-state the lawyer’s duty to reasonably secure computers to protect client confidentiality. Thus, cybersecurity emerges as a law practice issue.

Read More

Completes Information Security and Neural Networks Courses

Attorney Brown recently completed two online, non-credit courses—Information Security and Risk Management in Context offered by the University of Washington and Neural Networks for Machine Learning offered by the University of Toronto.

Read More

Attorney Brown Continuing Education

In October, Attorney Brown returns to class by taking three, technology-related, non-credit courses:

Introduction to Machine Learning,
Introduction to Databases, and
Introduction to Artificial Intelligence.

Read More

Data Backup Basics for Pennsylvania Lawyers

With the recent massive flooding, a hurricane, and an earthquake in Pennsylvania, lawyers may be re-evaluating data backup plans (you DO have a current, data backup plan). This article provides basic information for creating backups for solo or small law firms.

Read More

Navigating the Fog of Cloud Computing

Cloud computing may raise ethical questions. It also requires technical competence. Are you ready?
Published as: Shannon Brown, Navigating the Fog of Cloud Computing, The Pennsylvania Lawyer 18–22 (Sept./Oct. 2011).

Read More

Hiatus Explained—Technology & Ethics CLE Pending

For the past few weeks, Attorney Brown took a brief hiatus from blogging and website articles to prepare for a forthcoming Legal Ethics & Technology CLE. Attorney Brown is scheduled to deliver the CLE at the Lancaster Bar Association on September 9, 2011. The CLE will address (as time permits) emerging issues for lawyers related to technology

Read More

A Basic Computer Data Backup Option for Solo or Small-firm Attorneys: Areca Review

Several months ago, I embarked on what I thought would be the easy task of finding a simple, usable, and effective computer data backup solution for my solo attorney law practice. I was wrong; I seriously underestimated the [needless] complexity of this task (even with my technology background). While backup solutions abound, I struggled to find a solution that met basic criteria. I provide this article to hopefully help other Pennsylvania lawyers evaluating backup options.

Read More

Storing Files in the Cloud: Storage-as-a-Service for Lawyers—Encryption

For attorneys, special considerations may be appropriate before implementing a STaaS solution especially if storing client data in the cloud. What might an attorney consider before using a Storage-as-a-Service (STaaS) such as DropBox, SpiderOak, IronMountain, JungleDisk, or MozyPro? Salient factors may include 1) encryption, 2) functionality, and 3) long-term accessibility. This article addresses encryption.

Read More

Avoiding Being “Bit”ten: Bandwidth Issues With Cloud Computing Backups

As attorneys consider using cloud computing for file backup, the time required to restore files after a disaster may [unpleasantly] surprise a law firm. Backups in cloud storage may take days to download depending on the speed of the internet connection and the amount of data. Anticipating the potential download times, and creating a plan, may help a law firm to avoid unexpected problems should a disaster occur. (And confirms that off-site cloud storage should be combined with local backups to minimize down-time and law firm disruption in the event of a catastrophic data loss.)

Read More