Data breaches don’t just affect banks and retailers, legal organizations are being hacked too. While legal organizations aren’t required to disclose cybercrimes, it is estimated that 80 of the 100 biggest law firms have experienced some sort of data breach since 2011. And legal firms remain an attractive target.
Citigroup’s Cyber Intelligence Unit warns that legal organizations are at high risk for data breaches because they deal with highly valuable matters such as mergers and acquisitions and patent applications. In addition, digital security at many law firms, despite improvements, generally remains below the standards for other industries.
The role of the legal security professional is expanding in scope and complexity, out of sheer necessity. Security threats emanate from many directions—both internal and external. And while security issues range from malware to various forms of external hacking, it’s interesting to note that ‘staff’ are considered the most likely source of a security breach. Staff leaving the firm, for example, may attempt to print or download client information, matter files, or other valuable records.
Faced with this scenario, over one third of organizations have no way to detect or prevent an internal leak before it occurs or to pinpoint those responsible. And for 60% of these organizations, a security leak of this nature would have high impact; for 13% it would be disastrous. The consequences of a data breach can be severe—from reputational damage and lost business, to hefty fines that can reach into the millions.
Given today’s technology landscape, legal firms must take action to protect themselves. This means not only monitoring for internal breaches, but also addressing external security vulnerabilities introduced by the growing use of consumer technologies. Cloud, mobile, and social technologies increase the complexity of data security and expand the volumes and varieties of content that need to be managed and secured.
Unfortunately, while legal organizations want to protect all their information from every possible risk, this does not mesh well with the nature of today’s business operations. Information flows in and out of firms at a rapid pace, often engaging multiple processes and applications along the way. Communications are highly interactive and stem from a variety of sources. Here in lies the dilemma. The challenge in today’s business environment is to balance the benefits of freely flowing information with the potential risk of theft—to provide a security framework that offers high levels of protection without stifling the needs of individuals or the agility of processes.
Solutions like OpenText eDOCS help legal and other highly regulated organizations strike this balance. Security measures are at the foundation of each product module, so users can rest assured their mission-critical information is managed and secure, yet easily accessible. eDOCS also offers specific security modules for more targeted activities. Guardian for eDOCS monitors the document repository usage, reports on excessive end user activities, and prevents information security leaks from inside the organization. Wireless DMS for eDOCS enables legal professionals to access their document repository confidently, while on the go, in ways that are both flexible and highly secure.