CIO Magazine recently ran an insightful article about PCI compliance. The article emphasizes that PCI “compliance” is a credit card industry minimum set of standards to protect data and to minimize data breaches. However, as the numerous data breaches…
In October 2014, the Pennsylvania CLE Board Website added a new category for lawyer CLE programs called Ethics–Technology (new ETH10). Attorney Shannon Brown requested the additional category in light of the Pennsylvania Supreme Court’s changes to the Pennsylvania Rules of Professional Conduct effective November…
Attorney Shannon Brown passed the new, performance-based, CompTIA Security+™ certification exam on September 16, 2014. CompTIA Security+™ certification provides an industry-recognized method to objectively demonstrate technical skills in computer security, data security, or cybersecurity. The new cybersecurity certification is believed to be a first for an attorney in Pennsylvania. The…
Most Pennsylvania law firms either misunderstand cybersecurity [computer and network security] or significantly underestimate the threat of data breaches at law firms. Successful “hacks” can result in the loss of client confidential data or even losses of escrow funds. Considering the November 2013 updates to the…
Companies ill-prepared for data breaches and failing to take reasonable steps to secure data and computer systems face increasing and serious risks to the business. Specifically, companies, officers, and boards must start taking data and computer-systems security seriously or risk shareholder lawsuits. Shareholder Lawsuits for Data Breaches In two…
The FBI recently warned that law firms are specific targets of computer criminals (cybercriminals) seeking unauthorized access to data. Pending changes to the Rules of Professional Conduct re-state the lawyer’s duty to reasonably secure computers to protect client confidentiality. Thus, cybersecurity emerges as a law practice issue.
Attorney Brown recently completed two online, non-credit courses—Information Security and Risk Management in Context offered by the University of Washington and Neural Networks for Machine Learning offered by the University of Toronto.
In October, Attorney Brown returns to class by taking three, technology-related, non-credit courses:
Introduction to Machine Learning,
Introduction to Databases, and
Introduction to Artificial Intelligence.
With the recent massive flooding, a hurricane, and an earthquake in Pennsylvania, lawyers may be re-evaluating data backup plans (you DO have a current, data backup plan). This article provides basic information for creating backups for solo or small law firms.
Cloud computing may raise ethical questions. It also requires technical competence. Are you ready?
Published as: Shannon Brown, Navigating the Fog of Cloud Computing, The Pennsylvania Lawyer 18–22 (Sept./Oct. 2011).
For the past few weeks, Attorney Brown took a brief hiatus from blogging and website articles to prepare for a forthcoming Legal Ethics & Technology CLE. Attorney Brown is scheduled to deliver the CLE at the Lancaster Bar Association on September 9, 2011. The CLE will address (as time permits) emerging issues for lawyers related to technology
Several months ago, I embarked on what I thought would be the easy task of finding a simple, usable, and effective computer data backup solution for my solo attorney law practice. I was wrong; I seriously underestimated the [needless] complexity of this task (even with my technology background). While backup solutions abound, I struggled to find a solution that met basic criteria. I provide this article to hopefully help other Pennsylvania lawyers evaluating backup options.
For attorneys, special considerations may be appropriate before implementing a STaaS solution especially if storing client data in the cloud. What might an attorney consider before using a Storage-as-a-Service (STaaS) such as DropBox, SpiderOak, IronMountain, JungleDisk, or MozyPro? Salient factors may include 1) encryption, 2) functionality, and 3) long-term accessibility. This article addresses encryption.
As attorneys consider using cloud computing for file backup, the time required to restore files after a disaster may [unpleasantly] surprise a law firm. Backups in cloud storage may take days to download depending on the speed of the internet connection and the amount of data. Anticipating the potential download times, and creating a plan, may help a law firm to avoid unexpected problems should a disaster occur. (And confirms that off-site cloud storage should be combined with local backups to minimize down-time and law firm disruption in the event of a catastrophic data loss.)