David Meyer, VP of product at OneLogin: A desk liberation that has led to a security nightmare
February 2016 by David Meyer, VP of product at OneLogin
During the Autumn Statement back in November Chancellor George Osborne placed significant importance upon the investment in the use of technology within the justice system, including the digitalisation of courtrooms and the moving of paper-based systems online. Whilst the plans for digitalising the justice system has been in the pipeline for several years, we are now beginning to see these come into force and are witnessing the knock on effect for law firms.
In recent years, the digital landscape has had a revolutionary impact not only in terms of the way employees can now work, but also where they can work. Lawyers have been increasingly liberated from their desks and are accessing documents not only from their office desktop, but also their laptops, phones and tablets. The office is now, in essence, wherever they are.
A report released earlier this year, which looked at technology trends in the legal industry, has backed up this trend and highlighted how legal firms are increasingly using web-based software in their law practices, with 72 per cent saying that online document storage was now available in their law offices. The main driving factors were convenience and affordability, with 78 per cent citing easy access to data from anywhere as one of the greatest benefits of using web-based software in their law firms and 67 per cent adding that a key benefit was 24/7 availability to access their documents remotely.
The movement of legal processes onto the web has been a real step-change for a traditionally paper-based industry. The move online, however, has led to the increased importance of data security. Security software and assessments was ranked as one of the top ten technology purchases this year and fifth among planned purchases for next in a recent survey undertaken by the International Legal Technology Association (ILTA).
Indeed, security management was named as the biggest challenge facing legal IT departments, replacing email management for the first time in eight years. Related to this was the need for information governance and risk management/compliance. Whilst this is of concern to all, improving data security has thus far been considered more of a priority among large law firms than medium-sized or small law firms, however the research suggests that times are changing.
One of the key trends affecting modern day law firms is that of bring your own device (BYOD). However, over a quarter (28 per cent) of respondents said their firms do not currently have a policy, viewed by many as a key security measure.
The dramatic cultural shift in digitalisation has shaken the core of the legal sector and has directly transformed the culture within each individual law firm, through the increased viewing and sharing of documents online. However, whilst this may mean a new found freedom for lawyers who find themselves no longer captive within their offices, it has led to a need for the industry to implement strong multiple authentication factors and user provisioning, which will allow them to keep the benefits but eliminate the risk.
It is imperative that each and every individual law firm, regardless of size, ensure priority is placed on protecting sensitive data that is being accessed remotely on a daily basis. Not only will this help them remain compliant with changing regulations, by preventing unauthorised users from accessing sensitive data with passwords alone, but it will help to avoid any potential damage to brand reputation caused by sensitive data being accidentally shared with the wrong people or a misunderstanding of processes.