Category Archives: LawFirms

Law Firms and Other Security Weak Links

Well, in the case of the Seattle Public School District’s data breach, the culprit seems to be their outside law firm:

“Late Tuesday night Seattle Public Schools learned that a law firm retained by the district to handle a complaint against the district inadvertently sent personally identifiable student information to an individual involved in the case. The district promptly removed the law firm from the case and is working to ensure that all improperly released records are retrieved or destroyed.”

This goes to show, once again, that even the best security policies and procedures can be quickly undone by a third party who has possession of your data not adhering to the same policies. You may know where your data is at any given moment, but do you know how it’s being handled? Might be time to make sure the outside entities you deal with, including law firms, are aware of the security requirements related to your data, and the consequences of not living up to those requirements.

Tags: ,

ILTA According to Twitter

I was not able to attend this years ILTA conference, but thanks to the power of Twitter, I was able to follow along in my own, small, way. No, it’s not the same as being there, but seeing some of the information being presented, and the ideas flowing around social media definitely gave me some things to think about.

Natalie Alesi was kind enough to tweet out hashtag reports and transcripts throughout the conference, so if you want to see what was being talked about, I’d take a look at these while they are available!

Day 1 – https://www.hashtracking.com/reports/ilta2013/ilta14/Day1ILTA

Day 2 – https://www.hashtracking.com/reports/ilta2013/ilta14/Day2

Day 3 – https://www.hashtracking.com/reports/ilta2013/ilta14/Day3

Day 4 – https://www.hashtracking.com/reports/ilta2013/ilta14/Day4

Tags:

Ralph Losey Says Firms Should Get Out of Lit Support Business

Over the weekend Ralph posted a video on his blog, and had some rather strong opinions about what his firm is doing, and what firms should be doing in general.

I no longer have to supervise a litigation support department. Instead I manage a relationship with a vendor. It is much more pleasant, believe me. When not working on projects and serving clients, I focus my internal e-discovery firm management time on the training and education of my firm’s lawyers and paralegals. IMO this is the way it should be. Law firms should stick to their core competency, practicing law and teaching law, and should not try to run little vendor corps in their midst.

Now I don’t work in a law firm, and haven’t for a couple of years now, so I’m not the best person to comment on what Ralph has to say here. The one thing I will say, is this. Ralph’s experience with his firm and the lawyers therein, should not be taken as representative of what other firms would experience. After all, simply by having Ralph as the partner in charge of eDiscovery, they alter the reality of their situation in a way that no other firm could.

So for those of you who do work in firms or work for vendors who work directly with firms. what do you have to say about this? Should law firms focus on their core competency and get away from having in house litigation support? What about other areas, IT, Marketing, HR, etc.? Should those all be outsourced too?

Tags: ,

Going to Techshow, Check Out LexThink.1

Lexthink.1 will be occurring the evening before the ABA Techshow. on March 26th, 2014 at the Hilton Chicago. If you’re going to be attending Techshow on the 27th-29th, make an effort to get to this and spend a little time thinking about the future of law practice. The idea of Lexthink is similar to the

If you’re interested in doing a presentation, you’ve got less than a week to submit your talk.

The event is designed similarly to the Ignite events, slightly tweaked. You have 6 minutes, and 20 slides, to do your presentation, and it must be on the topic of overcoming the significant challenges the legal profession is currently facing. Speakers will be chosen by public voting after the submissions have been made.

It should be an interesting show, full of lots of food for thought. Even though I won’t be at Techshow, I plan to follow the discussion on Social Media during the entire show, but especially on the evening of the 26th. If you wind up there and plan to tweet, or write about it, leave a comment so those of us unlucky enough to be elsewhere that week can follow along!

No tags for this post.

Discount on Boxcryptor Until the End of the Year

If you’ve never heard of Boxcryptor, it’s software that automatically encrypts the data you are storing with cloud providers, like GDrive or Dropbox. It’s free for personal use, which allows you to encrypt the data for one cloud provider, but it is also available for sale for personal “Pro” versions and commercial use.

For example you could use it on a Google Drive account and it works pretty well. The Windows version of the software encrypted the data stored there, and the iOS version decrypts it and allows you to view the files. That’s about what I’d expect. I haven’t yet done more with it, or purchased the Pro version to see how it works with more, but if you have, let me know what you think of it.

They are offering a 20% discount to folks who are interested in making the purchase until Dec. 31, 2013 as part of reaching out to those of us who work in the legal industry, where we sure could use some encryption on data our users might just be storing in the cloud for easy access, despite what the IT policies might say.  Just use the code boxcryptorlaw20

Tags: ,

My Latest on eDiscovery Insight – Working with DAT Files

It’s up over on the AccessData blog. It’s part of a “Tips from the Trainers” series, and is all about working with Concordance DAT files in Summation 5.0 now that we can load those files directly without the need to convert them.

Hope you find it useful!

Tags: , , ,

ILTA Recorded Sessions

Back when I used to attend ILTA as a member, I always struggled to figure out what sessions to go to an what one’s I would miss. It was often a tough choice. Now, as someone working for a vendor, there are typically only one or two sessions I even manage to find the time to get to

That’s why I’m making a note here for myself, and others, to take a quick look at the recorded sessions page. It’s not the same as being there for the session as it happens, but when you can’t be there getting the information is better than nothing!

Tags:

Must be Pretty Popular

How in demand must ediscovery skills be that you can have one website dedicated to Litigation Support careers conducting a talent drive, while another hroup is launching another site dedicated to ediscovery careers?

I’d say there must be some serious demand out there, wouldn’t you?

Now, since I’m not really in the market, I haven’t been involved much in either of the sites, but if you have been looking at them, from either the employee or employer side, what do you think about it?

Tags: ,

Successful Legal IT Careers

Jared Coseglia, who knows a thing or two about Legal IT careers as a recruiter, has written an great article for the latest issue of ILTA’s Peer to Peer magazine, entitled Starting and Sustaining a Career As A Legal IT Professional

In it Jared doles out some advice on many things, and I highly recommend you check out the whole thing, but if you’re rushed for time this holiday season, go ahead and bookmark it to read later, and check out the Top 7 Takeaways:

  1. Technology evolves rapidly, and so must you.
  2. Specialization increases value.
  3. Always reinvest in yourself.
  4. Relationships are what make pathways to success available.
  5. Credibility, accuracy and diplomacy are key qualities for team players.
  6. Relocation is an option.
  7. Career visibility can increase career mobility.

Full disclosure – I’ve known Jared for a few years now and consider him and the folks who work with him not just a top-notch recruiting firm, but also as friends. We first met at the ILTA conference when he attended a panel session I was part of and he came up and introduced himself. His company then recruited me to relocate to South Carolina to work for a firm, before I eventually was recruited away from there by my current boss, who I had also met and known for a few years before going to work for her. Given that story, you can see how much I agree with Jared when he talks about the importance of relationships, investing the time and energy to keep learning, and being visible. I wouldn’t be where I am today without those things.

Tags: , ,

IT People Fix Things

We can’t help it. It’s in our nature to fix things that are broken. That’s what attracted us to working with technology in the first place. More than likely we started out troubleshooting, seeing how things worked and understanding what was wrong so that we could fix it, or maybe even improve upon it. That’s how we roll.

So when I saw an article entitled When IT Tries to do Too Much, my immediate reaction was that IT is generally trying to fix things, so if the IT folks in your organization are doing too much, it’s very likely because someone else isn’t doing what they should. That idea crystallized for me today, when I saw another article, Communication is not an IT Issue. In it, Wayne Turmel explains:

But the key thing to remember is that what your IT folks are responsible for is providing and maintaining the tools. Their job is to make sure the right ones and zeros get where they are supposed to go in a fast and secure matter. Data transfer is their bailiwick. But true communication is more than data transfer, and that’s where we come in.

So, IT provides email services. How we write, file, save and ultimately use those emails is not their issue. It’s not the fault of your local geeks to make sure that nobody abuses the CC function. That’s your job as the leader.

It’s with that context that I go back to Chuck Hollis’ examples of IT doing too much:

Someone in the business calls up IT with a mid-sized request: interesting, but not earth-shaking.  If they get the runaround, I can easily predict the next phone call they’ll make. 

And IT people wonder why everyone is starting to use external services to get their work done :)

Bottom line: if IT attempts to ration consumption, smart people will inevitably find other ways to get the job done.  IT is an expense.  Finance is usually the people who watch the expense line. 

Sure, IT creates the capability to protect and monitor, implements established policies, and raises a notification when those policies aren’t being followed, or there’s a new risk to consider.

But I think there’s a clear line between those important roles, and IT thinking of themselves of judge, jury and executioner.

...

#5 — IT Thinks Its Job Is To Make IT Decisions For Business People

Errr, often it’s a business decision being made that involves IT, and not a classic “IT decision”.  IT provides services to the business, remember?

Often, these kinds of situations arise simply because someone else isn’t doing what they are supposed to. Many managers and HR people would rather not be the “bad-guy” and don’t deal with policy violations, many finance people would rather not deal with telling people no, and many leaders simply don’t make business decisions when there is technology is involved. So these things get tossed down to the IT department, who try and fix things.

Let’s take these one at a time.

  • Policy Violations: Most often, it’s IT people who are in a position to notice when someone is doing something they shouldn’t be, whether it’s accessing websites they shouldn’t, sending the company’s private data in email, storing private documents in consumer cloud services, etc. They flag it to the attention of HR, or a manager. That person doesn’t truly understand the risk and does one of two things, throws it back at the IT person to investigate and decide on the appropriate fix (typically blocking the sites in question, or adding levels of security to prevent access to company information), or they do nothing at all. Occasionally, they will simply use a “flag” from IT as proof enough, and carry out punishment without further investigation, thus making IT the judge, jury and executioner by default. I’ve been in this situation before, it did not end with an understanding that the person shouldn’t have been doing what they did and that it was a management decision to act, it ended with the entire organization having the impression that the IT staff was out to “catch” them, leaving management with no choice but to act. Yes, somehow we were forcing management’s hand.
  • Financial decisions: Again, in theory, yes the decision to spend money is a finance decision, not an IT one. However, if your IT Department has it’s own budget, and is being held responsible for sticking within that budget, then you have put them in a position to make decisions based on their budget. If all technology purchases come from that piece of the budget pie, you’ve ceded the financial decisions to IT.
  • Business Decisions:: How many business “leaders” simply assign a budgetary number to IT, and let their CIO decide where to spend it? Pay attention law firm folks, this absolutely happens in your environment, quite often. Is there a business reason to upgrade to Windows 7 this year, is there a business reason to upgrade the Exchange Server, or move to a SAN? Is there a business reason to implement cloud based storage, or internal IM tools? Is there a business person deciding whether to do those things, or is the IT department doing it, and you simply shrug when someone complains about the constant change being forced on them by IT? There are, to be truthful, plenty of business reasons to do all of these things, but if you’re doing them just because IT told you they needed to be done, again, you’ve ceded responsibility to IT when it comes to deciding how to utilize and deploy your technology resources.

IT in your organization may be doing too much. In fact, it probably is, but before you go running off to blame IT for getting in the way and not understanding that they are a business service, take a look in the mirror and recognize that you might just share the blame. When management cedes the responsibility of making their own tough choices, IT has little choice but to step into these roles. We don’t do it happily. (Well, most of us don’t.) We’d much rather talk to you about how to provide what you need, but when you stick us all down in the basement, behind a locked door, and hand us responsibility for “keeping the lights on”, without going over our budget, well, you’ll get this. Problems like this don’t exist in a vacuum. If management doesn’t step up and make decisions, they still get made. They just get made by the IT people who have to implement them, instead of the business people who are expected to get business done with the tools given to them. Truly, it would be better to make them together, but then you might have to talk to an IT person occasionally, or understand a thing or two about technology. You’re right, it’s probably better to just keep doing what you’re doing. ;-)

 

 

Tags: , ,