The following is an excerpt from Cloud Computing for Lawyers, Chapter 5: Privacy Laws and Security Considerations.
It is imperative to determine the cloud-computing provider’s relationship to the servers that will house your law firm’s data. Does the cloud- computing provider own the servers or do they lease the servers? Do they lease the actual servers or have they contracted with a company that pro- vides Infrastructure as a Service (IaaS).
This is a world you’ll never understand. And you always fear what you don’t understand. — Carmine Falcone, in Batman Begins
A: Yes, essentially. And fine under the ethics rules. Most of what you may have heard to the contrary comes from people who don’t understand the cloud — so they fear it.
At Above the Law, Joe Patrice calls law firms “the soft underbelly of American cyber security.” And he is right. If you consider the sensitive nature of the information on most lawyers’ computers, plus the proud Luddites making technology decisions at most law firms, this should come as no surprise.
I know plenty of lawyers who can barely set up their email, much less encrypt their hard drives. More than a few law firms continue to fall for lame 419 scams. I wouldn’t be surprised to find a few partners using their CD tray for a cup holder. Compromising the systems of lawyers like this is child’s play for hackers who can remotely. compromise a mobile phone with a single misplaced click.
The following is an excerpt from Cloud Computing for Lawyers, Chapter 6: Privacy Laws and Security Considerations.
The process of determining which products to use, which office functions to move to the cloud, and how to implement different software options into your practice is not necessarily an easy one. There are a number of factors in play when you make the decision to use cloud-computing services in your law practice and you must carefully consider your goals and options before you dive in. Your specific choices and your roadmap for implementation will vary depending on whether you are just hanging out a shingle or already have existing software programs (“legacy systems”) in place.
Want to know what your state thinks about cloud computing? Thanks to Nicole Black’s post in the LAB, here is the ABA’s handy reference chart so you can see what your state’s ethics board thinks about cloud computing.
Currently, by the way, lawyers in all 50 states may use the cloud. Ethics boards in 13 states seem to have specifically considered the issue, and all say it’s fine to use the cloud as long as you use “reasonable care” in selecting services — as with pretty much everything else on the business end of law practice.
I don’t really know why lawyers are so freaked out about the cloud. Everyone seems to assume there must be some big ethics issues with using cloud software, even if the security of any reputable cloud-based software is light-years ahead of the security most solo and small firms are capable of.
If you are relying on a file sync service like Dropbox or SugarSync as your cloud backup, cut it out. It isn’t backup, and you are putting your data at risk. File sync is not backup.
Fortunately, it only takes a few minutes to improve your backup strategy. Read this post, then take a few minutes to properly set up both cloud backup and local backup.
Social engineering is high-level con artistry; using smooth talking to compromise computers and networks, rather than hacking passwords or uncovering software exploits. It’s how Apple Tech Support let two kids get past all its security controls. And it is how, at Defcon, Wal-Mart’s network was exposed.
So while passwords and encryption are important, it is just as important not to give away information about your systems. The details of your computer, your software, and your network are nobody’s business but yours (and your IT person’s).
Update: Right on cue, from Lifehacker: How Can I Protect Against Social Engineering Hacks?
(photo: http://www.flickr.com/photos/dmosiondz/4243486398/)
Getting hacked is becoming more common because most of us are lazy with our passwords blaming it on information overload and the difficulty in remembering so many variations. However, our businesses, communication, and important documents have all mostly moved online where the threat of being hacked requires an aggressive protection strategy.
A few months ago, Apple introduced iMessage, a nifty iOS 5 feature that allows you to send unlimited messages via WiFi or 3G from your iPad, iPhone, and iPod touch to anyone else who has one of those devices. Not only does iMessage allow you to save on data plans, it also allows you to track delivery and receipt of messages, create and read messages on multiple devices, and “enjoy secure encryption for text messages.”
The original content within this website is © 2007–2013 Lawyerist Media, LLC.
![Nominate the Best Law Firm Websites (2013 Edition) [UPDATED]](http://lawyerist.com/lawyerist/wp-content/plugins/wordpress-popular-posts/timthumb.php?src=http://lawyerist.com/lawyerist/wp-content/uploads/2013/05/best-law-firm-websites-nominations-2013.jpg&h=90&w=90)
