Cover Page
Title Page
Copyright Page
Dedication
About the Authors
Acknowledgments
Introduction
Chapter One: Data Breach Nightmares and How to Prevent Them
Can Your Law Firm Be Breached?
Need More Convincing?
What’s New In the Data Breach World?
The Bad Rap Law Firms Get On Information Security
A Recent Law Firm Data Breach
State Laws Protecting Personal Data
Spear Phishing—and a Data Breach Avoided
A Nasty Law Firm Data Breach
Okay, I’m Convinced: What’s Next?
Secure Passwords: The Rules Have Changed
Lawyers and Passwords
A Conversation With a Law Firm Security Specialist
Chapter Two: Lawyers’ Duty to Safeguard Information
Ethical Duties Generally
Ethical Duties: Electronic Communications
Common Law Duties
Statutes and Regulations
Standards for Competent and Reasonable Measures
Conclusion
Selected Ethics Opinions: Technology, the Internet and Cloud Computing
Chapter Three: Physical Security
Introduction
Where Is Your Server and Who Has Access to It?
Alarm Systems, UPS and Paper
Security Assessments
Laptops
Lost and Stolen Devices
Training
Guests
Incident Response Plans and Disaster Recovery Plans
Chapter Four: Information Security Overview
Chapter Five: Desktops and Laptops
Chapter Six: E-Mail Security
Chapter Seven: Smartphones and Tablets for Lawyers: Managing and Securing Them
Chapter Eight: Voice Communications
Chapter Nine: Portable Devices
Chapter Ten: Networks: Wired and Wireless
Authentication and Access Control
Wired Networks
Wireless Networks
Firewalls/IDS/IPS Devices
Routers
Switches
Secure Configuration and Management
Other Considerations
Chapter Eleven: Remote Access
Chapter Twelve: Backup and Business Continuity
Backup Job Types
Backup Media
Backup Solutions
Business Continuity
Chapter Thirteen: Secure Disposal
The Issues
Solutions
Conclusion
Chapter Fourteen: Outsourcing and Cloud Computing
Chapter Fifteen: Securing Documents
Word
Adobe Acrobat
Document Management
Compound Files
Metadata
Final Thoughts
Chapter Sixteen: Cyberinsurance
Introduction
How Much Does It Cost?
Coverage
Chapter Seventeen: The Future of Information Security
Laws and Regulations
BYOD
Passwords
Policies and Plans
Mobility
Cloud Computing
Social Media
Training
Final Words
Chapter Eighteen: Additional Resources
Appendix A: Excerpts from ABA 2011 Legal Technology Survey Report
Internet Access
Security: Technology Policies
Security: Technology Policies
Security: Security Tools
Security: Security Breaches
Security: Security Breaches
Security: Viruses/Spyware/Malware
Security: Viruses/Spyware/Malware
Security: Disaster Recovery and Business Continuity
Security: Disaster Recovery and Business Continuity
Security: Backup
Appendix B: Massachusetts Regulations—Personal Information Protection
Appendix C: Sensei Enterprises, Inc. Process-Out Checklist
Appendix D: Selected ABA Model Rules of Professional Conduct
Appendix E: Pennsylvania Ethics Opinion—Cloud Computing
Appendix F: California Ethics Opinion—Confidentiality and Technology
Appendix G: FTC Safeguards Rule
Appendix H: Lockdown: Information Security Program Checklist
Appendix I: Massachusetts Small Business Guide
Appendix J: OMB Security Requirements for Federal Agencies
Appendix K: FTC Disposal Rule
Appendix L: Oregon Ethics Opinion—Metadata
Appendix M: SANS Institute Glossary of Security Terms
Appendix N: Updates