Regulations around Legal/Law industry
-
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.
How many users?
3
You don't need AD for 3 users but of course password protection is a must
Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".
-
Law firms are stupidly insecure.
-
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.
How many users?
3
You don't need AD for 3 users but of course password protection is a must
Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".
I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.
-
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.
How many users?
3
You don't need AD for 3 users but of course password protection is a must
Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".
I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.
Why? Install Lastpass or Keepass.
-
@coliver said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.
How many users?
3
You don't need AD for 3 users but of course password protection is a must
Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".
I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.
Why? Install Lastpass or Keepass.
I don't access everything from a single computer unfortunately
-
@wirestyle22 said in Regulations around Legal/Law industry:
@coliver said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.
How many users?
3
You don't need AD for 3 users but of course password protection is a must
Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".
I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.
Why? Install Lastpass or Keepass.
I don't access everything from a single computer unfortunately
I... What does that have to do with it? Lastpass is web based. Keepass can be encrypted on a USB stick with some strong encryption as to prevent people from accessing it if it were to get lost.
-
@wirestyle22 said in Regulations around Legal/Law industry:
@coliver said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.
How many users?
3
You don't need AD for 3 users but of course password protection is a must
Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".
I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.
Why? Install Lastpass or Keepass.
I don't access everything from a single computer unfortunately
I use Lastpass still, and I hope between 3 computers and my phone every day. The auto sync is very hard to give up.
-
@coliver said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@coliver said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
@wirestyle22 said in Regulations around Legal/Law industry:
@NerdyDad said in Regulations around Legal/Law industry:
They're all still on Windows 7 and none of their computers are password protected, let alone have a central AD/LDAP system in place.
How many users?
3
You don't need AD for 3 users but of course password protection is a must
Totally agree. AD/LDAP would be way overkill for this. Tried to convince her to setup a password and she said that it slows her down. Really? If 2 minutes to enter a password slows you down, then you have bigger problems, such as time management and the ability to say "no".
I have zero empathy for people needing to remember a password or two. I have to remember 100+. Gooby pls.
Why? Install Lastpass or Keepass.
I don't access everything from a single computer unfortunately
I... What does that have to do with it? Lastpass is web based. Keepass can be encrypted on a USB stick with some strong encryption as to prevent people from accessing it if it were to get lost.
Oh that's cool. I guess I made an incorrect assumption
-
I work at a larger law firm. We have about 130 attorneys, plus around 70 support staff, secretaries, etc. Most of the time the regulations we have to deal with come about from our clients. If we have a doctor as a client, and we do. Then we are entangled into HIPPA. If we have financial clients and we do, we then are tied up in their regulations. What everyone said about law firms being insecure is true. It has been a long fought fight for us to drag the firm towards better security practices. In cases we are dealing with, most contain sensitive private information, SSNs and the such so we try to be very secure with them. We have encryption on all of our machines. The data between our computers and document management system is encrypted. We have taken a lot of steps to secure our data. I am sure we have holes, I believe everyone does but we actually pay for a security audit every year. Some of our bigger clients require it. We always complain about the mom and pop law firms. They are very difficult to deal with.
-
@NerdyDad said in Regulations around Legal/Law industry:
I just wanted to make sure that she was in compliance, if there were any regulations. Since it appears that there aren't, then its an open field for me. Thanks.
There are not regulations, but what she is doing is called "negligence" and a breach could land her in hot water. Any firm handling someone else's data that has a total disregard for the safety of their clients could wind up in court for simply being negligent in the duties assumed in protecting other people.
-
Although there is no regulation. Please look at the below:
Look at comment 8
-
@Eltolargo said in Regulations around Legal/Law industry:
Although there is no regulation. Pleass look at the below:
Look at comment 8
Yup, no excuses just because they are lawyers, doesn't excuse them from the same need to keep up as IT practitioners.
-
Legal is really all about "common sense" and following good practices. Think of it as having to defend your decisions logically, rather than following a specific guideline or rulebook.
