Security and other challenges - IT in the legal industry

Firms of lawyers make massive use of technology - anyone still under the quill-pen illusion should prepare to be disillusioned.

Firms of lawyers make massive use of technology - anyone still under the quill-pen illusion should prepare to be disillusioned.

Few modern transactions take place without access to electronic communications - be that simple e-mail or more secure methods of communication. Transactions often cross geographic and time-zone boundaries increasing the need not only for an electronic communication method but also for a comprehensive audit trail and security model behind these communications.

Imagine the negative press that would dog a law firm that inadvertently leaked the take-over intentions of one of their major clients. Not only would the firm lose that client, but quite probably the firm's reputation would be damaged irretrievably.

IT teams face a continuous challenge - how to keep the service always available and how to ensure that the security model is not breached. This requires locked-down policies and considerable control of the user workplace - but more than that. The union between the practitioner and the technical professional has to be absolute. The trust must pass in both directions. The technology team must be sure the lawyers are working within the security model and the lawyers must understand why they should do so.

Lawyers supporting complex international transactions work anywhere - airport lounges, hotel rooms, clients offices in different parts of the world. The technology has to work, and work first time. This puts huge pressure on handheld devices, secure virtual private tunnels, and controlled community access sites - client or deal extranets.

Do the legal firms take risks with this technology? No. Most firms maintain control of their communications and mobile working strategies. Co-sourcing arrangements and outsourcing of gross infrastructure aside, the strategy behind the communications is always kept inside the firm. This is as important as the knowledge each individual lawyer uses to practice their skills - it is the crown jewel of the secure communications strategy.

Much is done to make the travelling lawyer's life easy - handheld devices, unified communications, smart phones and secure access to know-how and document repositories are all a part of the normal kitbag. Care in use of these services, careful configuration of the offering, and technical understanding by the users all contribute to making the secure communications environment work for law firms. It is a symbiotic union: technology sitting behind and underpinning the way the modern transaction works.

Within BLP, the technology team evaluates with the guidance of third parties, the best-of-breed technologies. Teams are involved at the very early stages to appreciate the products within the security arena, and gain vital exposure to the ever-changing security market place. Employees are best placed to understand the threats to the business and the remediation required. Having well-informed, knowledgeable staff on tap ensures the efficient and effective service offering to lawyers and in turn to clients. Lawyers demand more of their information online.

The outside view may well be that banks and other financial institutions need high levels of security - but so do legal firms. Just thinking for a few moments answers that - not just the possibility of leaking corporate strategy or price sensitive information - but also the possibility of revealing something simple such as an office plan for the client in a sensitive industry could result in damage.

Security has a high focus in law firms. It continues to be managed internally - even when the external manifestation may involve committed third parties. Law firms need to manage and maintain data, as data is the business.

Janet Day - IT Director, Berwin, Leighton, Paisner LLP

Read more on IT risk management