Lawyers have lots of sensitive—for many different reasons—information about our clients. And while we talk a lot about computer security, many law firms have offline security issues to address, too. While digital files can be encrypted, backed up, and password-protected, your hard copies are probably sitting in a file cabinet—or piled up around your desk—with little or nothing to limit access.
That’s no good. Take a break from thinking about computer security and spend some time on offline security.
First, identify everyone who has access to your files. For many people, this includes cleaning staff, building maintenance, and family members. It could include other coffee shop patrons, and even strangers off the street, if you have a storefront office.
Next, identify what you are doing to control access by those who are not authorized. Do you lock your office door at night, so that you can leave files lying around? When you work from a coffee shop, how do you shield your work from curious eyes? Does your file cabinet have a lock? That you use? Who has the key?
Okay, now decide what more could you can do to protect the documents you have. You might just need to start locking up your files every night, but there may be some documents you cannot protect, or some people you cannot protect your documents from. For these, you must resort to policies and agreements.
Employees should be trained on file security. If they are permitted to take files home, discuss appropriate precautions—like locking the files in the trunk when they stop for happy hour, or keeping them in a home office, not on the dining room table. For anything else, consider requiring confidentiality agreements from cleaning and building maintenance staff who can access your files.
Don’t forget about offline file security in the midst of all the talk about computer security.