Posts

GrowPath Presents on Ethical Client Intake for Law Firms

GrowPath’s Eric Sanchez and Ginny Allen recently presented on “Ethical Client Intake: Procedures for Compliance” as part of the Webinars for Busy Lawyers hosted by the Massachusetts Law Office Management Program (LOMAP).

Topics covered included:

  • A lawyer’s duty of technological competence as outlined in Rule 1.1.
  • How to make checking for conflicts simple for intake staff.
  • How to identify potentially high-risk clients and cases.
  • Communications best practices with potential clients during the intake process.

GrowPath offers CLE programming to interested bar associations and other groups.  If you are interested a presentation on the Ethics of Client Intake, or another topic, email Ginny Allen at ginny@growpath.com.

GrowPath Receives Third Patent!

It’s official – we’ve received our third patent, and second cyber security patent.

And like with his first two patents, our chief product officer and resident inventor, Eric Sanchez commemorated the occasion with a new tattoo. (Check out the video below!)

Our latest patent simplifies the authentication process on mobile devices by using the phone owner’s personal photos as the second step in two factor authentication.

Read the Press Release: NC Company Simplifies Authentication While Enhancing Cyber Security

 

 

Check out these photos from the day >>>

GrowPath CPO Eric Sanchez in the chair for his latest patent number tattoo.

Rich LaBrosse with RTP Tattoo Lab hard at work!

Eric’s forearm with his latest addition – #10,097,538.

The Real Threat to Your Law Firm Data Security

Something to think about…

In 2016–2017, about two-thirds of law firms reported a breach in their cybersecurity, and that might be understated. As more and more firms digitize their client data in case management software (CMS), hackers and malware have now become the biggest threats to your legal practice. But before you rethink your entire security strategy, it’s vital to have an accurate understanding of the most significant law firm data security threats. In this post, you’ll learn how to start forming a smart, effective strategy for dealing with cybersecurity risks—and what your firm’s biggest vulnerability really is.

The Truth about Law Firm Data Security Threats

When you think of what a security hack looks like, many imagine a scene out of a Hollywood movie: an expert team of anarchist techies teaming up to tear apart your case management software’s source code. Others imagine hackers who look like stock photos of some hooded or ski-masked individual at a laptop. In short, they think of dramatic and flashy attacks on their software and network that no ordinary company could hope to withstand.

The truth about cybersecurity risk is more mundane, but no less scary. Of the two-thirds of law firms that suffered a cybersecurity breach in 2016–17, 95% did not follow their own security policies. In other words, what failed at 19 out of 20 breached firms was not the software or systems, but rather the human beings. Hacks are the work of bad actors, to be sure—but behind the majority of security breaches were ordinary people who made a mistake.

What do these data security mistakes look like? Perhaps they stepped away from their open work laptop. Maybe they clicked a phishing link in an email. They may even have accessed the internet on their smartphone using an unsecured wifi network. No matter how breaches happen, the way to combat them is clear: You must teach and adopt smart security practices for your law firm to prevent unauthorized access to your clients’ data.

Security Best Practices to Protect Your Law Firm’s Data

Before you implement the following security protocols for your firm, it’s vital you begin by educating your staff about how breaches happen. This helps your team know how to recognize threats before they gain access to your data. Above all, your staff should do everything they can to protect the passwords and devices they use to access your case management software. This means guarding passwords closely, not opening suspicious email messages, and only using authorized devices (including thumb drives) to access case management systems.

Knowledge about breaches is important, but it’s not enough by itself. Here are proven security practices your firm should adopt to protect your clients’ data:

Two Factor Authentication for All Logins

This method requires each employee to enter a randomized code along with their password whenever they log into your case management system. That way, even if a hacker acquires a password, they still won’t be able to get inside your system.

Define Strong BYOD Protocols

It’s completely understandable your staff wants to access your CMS and work email on their personal smartphones and tablets. However, be sure to define your Bring Your Own Device rules. For example, require each employee to password protect their phones and immediately notify your firm if the device is lost or stolen. An unlocked phone could easily have access to both your CMS and your two-factor authentication system.

reCaptcha or Captcha Challenge on Login Page

This method requires employees to type in a random string of text from an image or to click an “I’m not a robot” option whenever they log in. This can deter automated hacks from gaining access to your CMS.

Expiring Password Reset Tokens Work with Two Factor Authentication

When your staff forgets their password, they should be able to request a password reset link to be sent to their email. It’s important this link expires quickly (usually within 30–60 minutes) to avoid leaving password access open. Also, be sure no one can bypass your two-factor authentication by using these tokens to request a new password. Make sure any password change sends the user back to the regular login menu instead of taking them directly into the CMS.

SSNs Presented as Images Rather than Text

Countless legal cases use social security numbers to identify clients. When your firm needs to collect and share this information, be sure not to present SSNs using image files like jpg instead of as text. This makes it harder for a malicious program to scan your electronic messages for SSNs and steal client identities.

Immediately Close Access to Insiders Who Leave the Firm

Whenever someone leaves your firm’s employ for any reason, have your IT team ready to remove their access to your CMS as soon as they exit the office. Because many of the best CMS solutions are web-based, you don’t want to accidentally permit access to former employees or others who no longer represent your clients.

 

Get Serious about Case Management Software Security

 

The data security threats facing modern law firms are scary, but it’s important to not panic or mistake worrying for action. Instead, treat these breach headlines as calls to action that demand your firm’s attention and diligence. Have serious conversations with your employees about information security, and create a security strategy that will safeguard your clients’ information and protect your business.

If you’d like to learn more about how GrowPath approaches information security in our case management software, please contact us.

ERIC SANCHEZ

Eric Sanchez serves as Chief Product Officer of GrowPath.

Eric has a well-earned reputation for logistics, efficiency and technical savvy, born from his diverse background and from his over seventeen years as an executive in what has become the largest plaintiffs’ practice in North Carolina.

Benefits of Cloud-Based Case Management Software

Between the 2016 and 2017 editions of the American Bar Association’s Legal Technology Survey Report, the number of lawyers relying on cloud computing escalated by 40%. Seeing this dramatic change in only a year shows how cloud technology has become a proven platform for law firms of all sizes. However, if your firm still manages your case records and files completely onsite at your office, it’s natural to feel hesitation about cloud-based case management software.

 

That said, it’s worth noting your firm probably already relies on cloud-based software. If you use a CRM, view bank accounts online, do legal research, share drafts on Google docs, or rely on Dropbox for storage, then you already rely on the cloud for your firm’s business. But these technologies are only the beginning. The purpose of this post is to ease your worries about relying on cloud-based legal solutions by showing three ways cloud-based case management software can benefit your firm.

 

Cloud-Based Case Management Software Speeds Operations and Reduces Mistakes.

 

Every time your paralegals or lawyers need to access or send a document related to a matter, they first have to find it. If your onsite storage is organized into clear folders and drives, this process might take a minute or two (assuming your staff regularly updates each case file, which takes additional time). However, these minutes add up. Because each staff member interacts with hundreds of files every week, hours are lost finding and organizing your case files.

The best, well-designed cloud-based case management solutions solves this problem by storing all case files in a shared online location that can only be accessed by authorized users. This means every document related to a matter can be found with a simple search instead of clicking through multiple directories. What’s more, this cloud-based file system means everyone on your staff accesses the same version of a file—removing the risk of mistakes by sharing older drafts of key documents.

By managing your cases on cloud-based software, your firm’s lawyers and paralegals can access key case information faster and with more flexibility. Today’s attorneys need to be able to work and access case information anywhere. Instead of having to be at a computer in order to read case updates, cloud-based case management allows your staff to consume key information on any approved device, anywhere.

The result? Cloud-based case management gives you fast and flexible access to the latest versions of key case files. This not only saves the time spent searching for files, but also reduces the risk of losing a file thanks to the cloud’s built-in backup system.

 

Cloud-Based Case Management Software Is More Secure Than Onsite Storage Alone

 

Yes, you read that right. With the sophisticated encryption and security available in private cloud technology, your case data will be better protected in the cloud than if you only store it onsite at your firm.

Onsite storage of critical case files might seem more secure because you can contain the files on a single hard drive or file cabinet. However, if a burst pipe or adverse weather event destroys that hard drive, your case data is gone. Similarly, if your data is stored on a single computer, a cyberattack aimed at stealing or deleting your files can ruin your business—all it takes is one employee clicking the wrong email link. And if someone breaks into your law office, it’s much easier to find and remove physical storage than to hack into a private cloud.

Compare this to cloud-based case management software. In the cloud, all your data is not only backed up in multiple servers in multiple locations, but any access to that data will be governed by strong encryption and security features. The best case management solutions may even have their own patented security technology. Providers of cloud-based legal software take security especially seriously because they know law firms have rigorous confidentiality needs. You can also enable more secure practices for cloud technology (such as two-factor authentication) to prevent your employees from making mistakes with sensitive case information.

This doesn’t mean onsite storage is obsolete. It’s helpful to back up critical data on hard drives outside the cloud in case you need to restore a previous version (such as if you suffer a ransomware attack). However, this physical storage is not more secure than a private cloud, so it’s best to think of these hardware solutions as contingency plans rather than your go-to option.

 

Cloud-Based Case Management Software Is More Cost Effective

 

Cost-efficiency has always been one of the strengths of cloud technology, and cloud-based case management is no exception. Because cloud-based software requires no onsite resources besides the device you use to access the internet, you never need to worry about upgrading servers or paying for hardware storage in order to keep your equipment on the cutting edge. The only price you pay for the cloud software is a single subscription fee.

 

By relying on software providers to manage all the servers and software updates, your firm also never needs to worry about installing the latest versions of case management software. In short, cloud-based case management delivers a dual savings:

  1. Eliminating hardware spend on servers and storage, and
  2. Saving you the time spent on maintaining patches and software updates.

 

Find Out What Cloud-Based Case Management Software Can Do for Your Firm

 

Legal software in the cloud can deliver better security, better access to information, better redundancy, and better efficiency than onsite case management. However, it’s important to remember that flexibility is a key part of the cloud.

Your cloud-based case management should be customizable to fit the unique processes and preferences of your firm. There is no one-size-fits-all solution to any practice. What’s more, any cloud-based legal software provider should offer in-depth onboarding and customer service to make sure you’re getting the right cloud for your needs.

 

If you’d like to learn more about what cloud-based case management can do for your law firm, one of our experts will be glad to answer any questions you have.

ERIC SANCHEZ

Eric Sanchez serves as Chief Product Officer of GrowPath.

Eric has a well-earned reputation for logistics, efficiency and technical savvy, born from his diverse background and from his over seventeen years as an executive in what has become the largest plaintiffs’ practice in North Carolina.