♫ Digital, criminals you’ll make meals in cyber-crime
Let’s all plan ahead, 2 times, I keep the chimes to a great mind… ♫
Lyrics and music by GZA, Inspectah Deck, Killah Priest.
LawPro, the Lawyers’ Professional Indemnity Company (LAWPRO) has announced that they will be providing a $250,000 submit coverage for eligible cybercrime losses in the 2014 policy year.
LawPro is a wholly Canadian owned insurance company that provides professional liability insurance to lawyers in Ontario and TitlePLUS title insurance coast-to-coast. LAWPRO is headquartered in Toronto, Ontario, Canada.
The cybercrime coverage appears to have been prompted by cyber attacks in 2012. According to LawPro’s newsletter:
In late 2012, LAWPRO learned of a high-value cyber attack on an Ontario firm. The attack was highly sophisticated and complex, and was designed to permit the fraudster to gain direct access to a firm’s trust account using online banking privileges. For details about this attack and how to avoid being the victim of a similar fraud, see our December 21, 2012, post on the AvoidAClaim blog:
avoidaclaim.com/2012/ontario-law-firm-victim-of-large-frauddue- to-infection-by-trojan-banker-virus/. This is in addition to instances reported in the media involving cyber attacks against several law firms to access confidential client information.
According to LawPro:
At LAW PRO, we believe that preventing breaches in confidentiality and financial losses due to these cyber attacks is a responsibility we all share. Law firms and individual staff members and lawyers who work in them must educate themselves about cyber risks and take all reasonable steps to ensure that data and funds are securely protected. Insurance against resulting losses should be viewed as a worst-case remedy, and not a replacement for preventive and protective steps.
The particulars of the coverage are to be found in the 2014 policy. LawPro states:
Lawyers should also understand that the sublimit provided, like all areas of the policy, applies to losses arising from lawyers providing professional services as lawyers. Losses that a firm might experience that go beyond this type of insurance coverage include reputational loss, physical damage or business interruption.
While this coverage is innovative in Canada, it does not alleviate the necessity for law firms to be vigilant and take every precaution to avoid being taken in by digital criminals.
♫ Password, please use the password
It opens the door to my heart…♫
Password, recorded by Kitty Wells.
The writer spoke yesterday at the Privacy and Access 20/20: A New Vision for Information Rights‘ workshop on Legal Ethics dealing with issues of privacy, security and technology for lawyers and their clients. The writer spoke along with Dr. Benjamin Goold, Associate Professor of Law and Associate Dean Academic Affairs, University of British Columbia and Tamara Hunter, Associate Counsel and Head of the Davis LLP Privacy Law Compliance Group.
This workshop was part of the pre-conference sessions and was a two-hour practice management and ethics seminar from a privacy law perspective. We addressed such issues as the use of technologies such as cloud computing by lawyers, and information security considerations including encryption, adequate passwords and mobile devices.
We dealt with a whole range of matters including the Law Society of British Columbia’s Cloud Computing Checklist and other other issues such as maintaining strong passwords.
I thought I would post on how lawyers can maintain strong passwords and not cause themselves grief in trying to remember complex series of upper, lowercase and symbols to craft strong passwords.
First, how do you create strong passwords? I use the Perfect Password generator on Steve Gibson’s website www.grc.com. Steve states that “Every time this page is displayed, our server generates a unique set of custom, high quality, cryptographic-strength password strings which are safe for you to use.” You can read the techy details of how the passwords are generated and why Steve states that they are safe on his password web page. Suffice it to say that Steve has a long history of protecting client information and system security.
OK so you have a 63 character random password that is highly secure. How can you possibly remember this? For one, *don’t* put it into an Excel spreadsheet or Word document on your computer. Malware will scan for these and then you will have lost all your passwords if your computer is compromised.
Much better to use a proper password manager such as LastPass. It works on practically every platform:
It is easy to use and has received praise from C|Net, PCMagazine, LifeHacker and many others. Best of all you only need to remember one password – the one to open LastPass. You can then enter your long secure passwords into web forms with just one click.
There is a free version or a premium version for $12/year.
With so many lawyers entering data on the cloud (not to mention using banking and e-commerce sites and such) it is comforting to know that you are secure by using complex passwords and protecting them in a proper way.
So to ensure maximum privacy and security, please use strong passwords and a good password manager – and use them to open all sorts of electronic doors…
Cross-posted to slawtips.ca
On Friday Oct 4, 2013 a unique event will occur in Canada’s legal community. For the first time there will be a Canadian Legal Technology conference that will be accessible right across the country, courtesy of the ability to webcast all tracks and sessions concurrently (except for the noon keynote that will be recorded and put up for viewing later due to technical restraints).
The Pacific Legal Technology Conference is accessible from 8:45 Pacific to 5:30 Pacific – in person or on the web. This conference has grown and grown due to one important factor: its foundation is the result of an on-line survey of all past attendees. That on-line survey, designed by the planning board, contains all the possible topics that they can think of – then it is the survey respondents’ turn to tell us what topics are most important to them. This conference is not just about legal technology – it incorporates technology right down to its core. Its focus is that of the practising lawyer who is battling with all types of problems – and who is looking for concrete and practical solutions to help her practice better, faster and not the least of all, cheaper (such as the session “Tech applied to Dull Ordinary Things that MUST get Done”).
The theme this year is “Lawyers, Leadership and Technology” and focuses on leadership and change management. These are themes that are coming to bear on the practice of law as we move forward, underscored by the increasing rate of change in technology with which all of us have to cope. The session: “Implementation: The Hardest Technology to Change is the Human Brain” deals with the challenge of incorporating change into our environments.
Dan Pinnington in his post on Slaw on the conference stated that: “I think this is the best legal technology conference in the country.” As a past American Bar Association TECHSHOW Chair he should know. Dan also said:
I am disappointed that I can’t attend or speak this year because of conflict. As a past attendee and speaker, I can say you will get the same high quality content, speakers and materials that you would get at ABA Techshow.
While we will miss Dan this year, there will be experts from right across North America – from Florida to Alaska and of course, across Canada. Simon Chester (a past ABA TECHSHOW chair), Richard Ferguson (an ABA TECHSHOW speaker), Debbie Foster (an ABA Techshow Chair), Joe Kashi (an ABA TECHSHOW speaker), David Paul QC (long standing CBA author and presenter) and others round out the rich roster of speakers.
Sessions include a heavy emphasis of ethics: “Backups, Security, Privacy and Ethics in a Mobile World” and “Ethically Growing your Practice with Social Media”. The conference qualifies for 6.25 PD credits in Ontario and 6 in Saskatchewan and BC.
Litigators have their own track that includes “What Technology should you Take to Court or a Mediation (iPads to Electronic Courtrooms)” The closing session “All the Gadgets, Sites and More we can Squeeze into 60 minutes” focuses on providing as many useful tips as the speakers can fit into an hour.
The next Pacific Legal Technology Conference won’t be until 2015. Just imagine how much the legal technology landscape will have changed by then! I can hardly wait!
(cross posted to SlawTips)