ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Regulations around Legal/Law industry

    IT Discussion
    11
    22
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NerdyDad
      last edited by

      Looking at picking up some extra work. One client is a small town law firm. They're big on security and privacy but not very knowledgeable in regards to cyber security. Is there any regulations in the US or Texas for the legal/law industry?

      1 Reply Last reply Reply Quote 0
      • S
        scottalanmiller
        last edited by

        Lol. Every law firm says they are big on security. Almost none take it seriously at all. It's an industry famous for being insecure.

        M 1 Reply Last reply Reply Quote 2
        • M
          Mike Davis @scottalanmiller
          last edited by

          In my experience I have to agree with Scott. It's the only office where everyone can read everyone else's email and the file server is a free for all.

          I would ask them what regulatory requirements they have.

          1 Reply Last reply Reply Quote 2
          • B
            brianlittlejohn
            last edited by

            I have to agree the one law firm where I looked at taking them on as a client had all there computers on the public wifi provided by the building...

            1 Reply Last reply Reply Quote 1
            • W
              wirestyle22
              last edited by wirestyle22

              I can one up you guys. I considered doing contract work for a lawyer. When I visited his office it was shared with another company. Not only the network but he also hosted all of his files on the other companies server. Not kidding.

              1 Reply Last reply Reply Quote 2
              • N
                NerdyDad
                last edited by

                She's dead set on not using wifi, but yet shares an AOL email account with her secretary and an intern and that's how they share documents back and forth. They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                Right now, I'm just starting out small. She's first asked for Adobe Pro DC, permanent licenses and I provided her prices for that. Then she's asked for a new printer, and I have provided her information for that. I might start off by persuading her to a file server, something like a small NAS. Just a place for her to share files with internally, and work my way from there.

                I just wanted to make sure that she was in compliance, if there were any regulations. Since it appears that there aren't, then its an open field for me. Thanks.

                W S 2 Replies Last reply Reply Quote 1
                • W
                  wirestyle22 @NerdyDad
                  last edited by

                  @NerdyDad said in Regulations around Legal/Law industry:

                  They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                  How many users?

                  N 1 Reply Last reply Reply Quote 0
                  • N
                    NerdyDad @wirestyle22
                    last edited by

                    @wirestyle22 said in Regulations around Legal/Law industry:

                    @NerdyDad said in Regulations around Legal/Law industry:

                    They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                    How many users?

                    3

                    W 1 Reply Last reply Reply Quote 0
                    • W
                      wirestyle22 @NerdyDad
                      last edited by

                      @NerdyDad said in Regulations around Legal/Law industry:

                      @wirestyle22 said in Regulations around Legal/Law industry:

                      @NerdyDad said in Regulations around Legal/Law industry:

                      They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                      How many users?

                      3

                      You don't need AD for 3 users but of course password protection is a must

                      N 1 Reply Last reply Reply Quote 1
                      • N
                        NerdyDad @wirestyle22
                        last edited by

                        @wirestyle22 said in Regulations around Legal/Law industry:

                        @NerdyDad said in Regulations around Legal/Law industry:

                        @wirestyle22 said in Regulations around Legal/Law industry:

                        @NerdyDad said in Regulations around Legal/Law industry:

                        They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                        How many users?

                        3

                        You don't need AD for 3 users but of course password protection is a must

                        Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".

                        W 1 Reply Last reply Reply Quote 1
                        • J
                          JaredBusch
                          last edited by

                          Law firms are stupidly insecure.

                          1 Reply Last reply Reply Quote 2
                          • W
                            wirestyle22 @NerdyDad
                            last edited by

                            @NerdyDad said in Regulations around Legal/Law industry:

                            @wirestyle22 said in Regulations around Legal/Law industry:

                            @NerdyDad said in Regulations around Legal/Law industry:

                            @wirestyle22 said in Regulations around Legal/Law industry:

                            @NerdyDad said in Regulations around Legal/Law industry:

                            They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                            How many users?

                            3

                            You don't need AD for 3 users but of course password protection is a must

                            Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".

                            I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.

                            coliverC 1 Reply Last reply Reply Quote 0
                            • coliverC
                              coliver @wirestyle22
                              last edited by

                              @wirestyle22 said in Regulations around Legal/Law industry:

                              @NerdyDad said in Regulations around Legal/Law industry:

                              @wirestyle22 said in Regulations around Legal/Law industry:

                              @NerdyDad said in Regulations around Legal/Law industry:

                              @wirestyle22 said in Regulations around Legal/Law industry:

                              @NerdyDad said in Regulations around Legal/Law industry:

                              They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                              How many users?

                              3

                              You don't need AD for 3 users but of course password protection is a must

                              Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".

                              I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.

                              Why? Install Lastpass or Keepass.

                              W 1 Reply Last reply Reply Quote 2
                              • W
                                wirestyle22 @coliver
                                last edited by

                                @coliver said in Regulations around Legal/Law industry:

                                @wirestyle22 said in Regulations around Legal/Law industry:

                                @NerdyDad said in Regulations around Legal/Law industry:

                                @wirestyle22 said in Regulations around Legal/Law industry:

                                @NerdyDad said in Regulations around Legal/Law industry:

                                @wirestyle22 said in Regulations around Legal/Law industry:

                                @NerdyDad said in Regulations around Legal/Law industry:

                                They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                                How many users?

                                3

                                You don't need AD for 3 users but of course password protection is a must

                                Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".

                                I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.

                                Why? Install Lastpass or Keepass.

                                I don't access everything from a single computer unfortunately

                                coliverC travisdh1T 2 Replies Last reply Reply Quote 0
                                • coliverC
                                  coliver @wirestyle22
                                  last edited by

                                  @wirestyle22 said in Regulations around Legal/Law industry:

                                  @coliver said in Regulations around Legal/Law industry:

                                  @wirestyle22 said in Regulations around Legal/Law industry:

                                  @NerdyDad said in Regulations around Legal/Law industry:

                                  @wirestyle22 said in Regulations around Legal/Law industry:

                                  @NerdyDad said in Regulations around Legal/Law industry:

                                  @wirestyle22 said in Regulations around Legal/Law industry:

                                  @NerdyDad said in Regulations around Legal/Law industry:

                                  They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                                  How many users?

                                  3

                                  You don't need AD for 3 users but of course password protection is a must

                                  Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".

                                  I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.

                                  Why? Install Lastpass or Keepass.

                                  I don't access everything from a single computer unfortunately

                                  I... What does that have to do with it? Lastpass is web based. Keepass can be encrypted on a USB stick with some strong encryption as to prevent people from accessing it if it were to get lost.

                                  W 1 Reply Last reply Reply Quote 1
                                  • travisdh1T
                                    travisdh1 @wirestyle22
                                    last edited by

                                    @wirestyle22 said in Regulations around Legal/Law industry:

                                    @coliver said in Regulations around Legal/Law industry:

                                    @wirestyle22 said in Regulations around Legal/Law industry:

                                    @NerdyDad said in Regulations around Legal/Law industry:

                                    @wirestyle22 said in Regulations around Legal/Law industry:

                                    @NerdyDad said in Regulations around Legal/Law industry:

                                    @wirestyle22 said in Regulations around Legal/Law industry:

                                    @NerdyDad said in Regulations around Legal/Law industry:

                                    They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                                    How many users?

                                    3

                                    You don't need AD for 3 users but of course password protection is a must

                                    Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".

                                    I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.

                                    Why? Install Lastpass or Keepass.

                                    I don't access everything from a single computer unfortunately

                                    I use Lastpass still, and I hope between 3 computers and my phone every day. The auto sync is very hard to give up.

                                    1 Reply Last reply Reply Quote 1
                                    • W
                                      wirestyle22 @coliver
                                      last edited by

                                      @coliver said in Regulations around Legal/Law industry:

                                      @wirestyle22 said in Regulations around Legal/Law industry:

                                      @coliver said in Regulations around Legal/Law industry:

                                      @wirestyle22 said in Regulations around Legal/Law industry:

                                      @NerdyDad said in Regulations around Legal/Law industry:

                                      @wirestyle22 said in Regulations around Legal/Law industry:

                                      @NerdyDad said in Regulations around Legal/Law industry:

                                      @wirestyle22 said in Regulations around Legal/Law industry:

                                      @NerdyDad said in Regulations around Legal/Law industry:

                                      They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.

                                      How many users?

                                      3

                                      You don't need AD for 3 users but of course password protection is a must

                                      Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".

                                      I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.

                                      Why? Install Lastpass or Keepass.

                                      I don't access everything from a single computer unfortunately

                                      I... What does that have to do with it? Lastpass is web based. Keepass can be encrypted on a USB stick with some strong encryption as to prevent people from accessing it if it were to get lost.

                                      Oh that's cool. I guess I made an incorrect assumption

                                      1 Reply Last reply Reply Quote 0
                                      • PenguinWranglerP
                                        PenguinWrangler
                                        last edited by

                                        I work at a larger law firm. We have about 130 attorneys, plus around 70 support staff, secretaries, etc. Most of the time the regulations we have to deal with come about from our clients. If we have a doctor as a client, and we do. Then we are entangled into HIPPA. If we have financial clients and we do, we then are tied up in their regulations. What everyone said about law firms being insecure is true. It has been a long fought fight for us to drag the firm towards better security practices. In cases we are dealing with, most contain sensitive private information, SSNs and the such so we try to be very secure with them. We have encryption on all of our machines. The data between our computers and document management system is encrypted. We have taken a lot of steps to secure our data. I am sure we have holes, I believe everyone does but we actually pay for a security audit every year. Some of our bigger clients require it. We always complain about the mom and pop law firms. They are very difficult to deal with.

                                        1 Reply Last reply Reply Quote 3
                                        • S
                                          scottalanmiller @NerdyDad
                                          last edited by

                                          @NerdyDad said in Regulations around Legal/Law industry:

                                          I just wanted to make sure that she was in compliance, if there were any regulations. Since it appears that there aren't, then its an open field for me. Thanks.

                                          There are not regulations, but what she is doing is called "negligence" and a breach could land her in hot water. Any firm handling someone else's data that has a total disregard for the safety of their clients could wind up in court for simply being negligent in the duties assumed in protecting other people.

                                          1 Reply Last reply Reply Quote 2
                                          • dbeatoD
                                            dbeato
                                            last edited by dbeato

                                            Although there is no regulation. Please look at the below:

                                            http://www.americanbar.org/groups/professional_responsibility/publications/model_rules_of_professional_conduct/rule_1_1_competence/comment_on_rule_1_1.html

                                            Look at comment 8

                                            S 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 1 / 2
                                            • First post
                                              Last post