I wrote a couple of days ago about the professional obligation of lawyers to have enough technical knowledge to manage their clients’ electronic data.
Although much of that article (and the article from Epiq which underlay it) was about the management of data in an eDiscovery context, there was emphasis also on looking after client data of all kinds, not just for litigation and other disputes.
“Client data” in this context includes correspondence with and about clients and their matters. Although the popular impression of cybersecurity incidents involves people dressed as burglars sitting in dark basements and hacking into corporate servers, many more incidents involve simpler circumstances – lost USB drives and unsecured laptops, for example.
Carlos Sanchez from FRONTEO has given us a succinct summary of the main points which all of us (not just lawyers) should consider when handling electronic data. His 11 tips for securing data in the virtual workplace includes matters of policy, record-keeping, the use of security software on everything from servers to laptops and, more generally, the keeping of records and updating of protective software.
The article is a good place to start when considering whether your present security arrangements are adequate.