January 25, 2006
Law Firm Security Risk from Within
One of my colleagues, who is always trying to keep me up-to-date on the hot issues of the day, sent me a copy of Lorelei Laird’s article in LawFirmInc titled “Protect Your Network from the Enemy Within”.
The title gives away the scary plot. Ms. Laird reminds us that the biggest threats to the law firm’s network are the law firm’s employees and partners. One survey indicates that 70% of all security breach incidents result from the actions of insiders. All the bad motives are at work, including greed and vengeance.
The article was reprinted in Law.com’s LegalTechnology and is well worth passing along to your IT person with instructions to review and consider some of the security tools referenced in the article.
Even before investing in additional technology to address the issue, you need to make sure two of the most basic security features are in place:
- Inquiring financial oversight
- Sound termination procedures
Law firms are too frequently the target of embezzlement. Weak financial oversight is fertile soil for defalcation. Monthly, the managing partner should review detailed (not summarized) financial statements compared to prior periods and to budget, if there is one. Unusual activity should be questioned and related supporting documents related to the answers examined. The managing partner should review bank activities and question unusual cash activity. Inquiring financial review is a basic internal control step, and no purchased security tools can replace owner/management review of the organization’s financial statements and activity.
Second, answer these questions: “How do you know that the prudent steps are taken to protect the firm when an employee is terminated or leaves the firm?” Has anyone taken the time to document the steps that should be taken regarding access to the firm’s systems when an employee leaves? Is there a sign-off sheet to determine that all steps are taken? If an employee or partner leaves under a negotiated arrangement where limited access to the firm’s network is accommodated for a specific period of time, do you obtain an agreement from that individual that gives the firm the right to monitor activity and to discontinue access if you determine that such activity represents a threat to the firm? Do you have the tools in place that allow you to limit that access to just the access agreed upon?
The steps related to a departing attorney or employee should be clearly spelled out. Responsibility for overseeing the implementation of those steps in a timely fashion must be clearly assigned with responsible reporting and oversight in place. This is too important to be handled in a casual fashion—it is not personal; it is strictly business.
Related posts
Filed under Risk managment by Tom Collins