6 Tips for the Security of Legal Information in Teleworking

According to the OpenText Corporate Legal Survey report, one of the main concerns for 94% of professionals in the legal sector is the protection and security of legal information. Along the same lines, the PwC Mexico CEO Survey report reveals that protecting information against cyber threats is an absolute priority for 63% of business executives.

Tips for Legal Cybersecurity


To better understand why business IT security is so important in Latin America, let's look at the following data provided by some cybersecurity firms : 


  • In Latin America, an average of 45 computer attacks per second is registered, with Brazil and Mexico being among the 11 countries that suffer the most attacks internationally ( Latin American Cybersecurity Summit - Kaspersky ).
  • In 2018, 40% of Latin American organizations were victims of at least one malware infection, and 2 out of 3 Latin American companies suffered some type of security incident, the most affected countries being Colombia, Peru, and Mexico ( ESET Security Report 2019 - ESET ).
  • In 2018, Chile ranked 10th among the countries that received the most ransomware attacks worldwide ( Internet Security Threat Report - Symantec ).

This context of attacks and threats to business databases is further accentuated in the current crisis of the COVID-19 pandemic that we are experiencing. The state of social quarantine that many Latin countries have implemented has forced law firms to adopt a telecommuting model in order to continue operating. This means that now partners and lawyers will start managing all legal information from their homes, an environment that is much more vulnerable than the business one.


The good news is that most security breaches can be fully prevented if lawyers adopt a culture of good practice when it comes to protecting information. In fact, according to the cybersecurity panel of the World Legal Summit event in Mexico, the main reasons why a company is vulnerable at the IT level are the following:

  • Internal personnel do not have a culture of self-protection and do not understand the risks of not knowing how to use technology correctly.
  • It is often thought that "our" company will not be attacked. Therefore, the damage that a security breach can cause is not measured.
  • There is a false belief that implementing computer security tools is enough to protect the company. This makes the staff very careless in their online habits and behaviors.

In this sense, far from having to invest large amounts of money in protection technologies, the most important thing is for lawyers to get used to good teleworking practices during the quarantine.


Otherwise, it is the lawyers themselves who will produce security breaches that cybercriminals can take advantage of to gain access to:


  • Confidential information of clients and the firm.
  • Communications containing client-attorney secrets.
  • Documents and files related to all legal processes.
  • Highly sensitive legal files.
  • Accounting and fiscal records of the firm.
  • Messages sent and received via email, SMS, or chats.
  • Calls and video calls made by tools like Zoom, Skype, or WhatsApp.

Against this background, the computer security firm Avast offers a series of tips to improve the transition from a face-to-face work model to one of remote work, as a preliminary step to the implementation of some security standards to work from home.


Among Avast's recommendations we highlight the following:


  • We must all accept in advance that the internet is a very unsafe place. However, it is also necessary to use it to manage important corporate assets remotely, so our security measures must be extreme.
  • The speed of the home internet is much slower than that of the corporate internet. Therefore, the home bandwidth must be adjusted so that it can comfortably support activities such as video conferencing or sending and downloading large files.
  • The cloud tools that the entire team will use must be standardized. Different people cannot be allowed to use different tools for the same purpose. In this sense, we recommend you read our article [Coronavirus] - Top 10 tools for teleworking lawyers.

Once the transition to the teleworking model is made, it is necessary to start immediately to implement good practices for the protection of day-to-day information. However, before delving into the 6 tips for legal cybersecurity, it is important that you first know what the 3 principles of computer security are.


The 3 Principles of Computer Security

  • Confidentiality Principle: the information should only be accessed by authorized persons or systems, maintaining confidentiality from unauthorized agents.
  • Principle of Availability: the information must be kept available to authorized persons or systems whenever they wish to make use of it.
  • Principle of Integrity: the information should not be altered by unauthorized persons or systems; it must be kept whole, that is, exact, authentic, and complete.


6 Tips to Protect Legal Information While Telecommuting During the Quarantine

Many organizations have published international reference guidelines on how to protect business databases. Such is the case with Avast (from the Czech Republic) and Kaspersky (from Russia), two of the world's leading cybersecurity firms.

Here are these best practices.

  • Keep programs, operating systems, and apps up to date.
  • It constantly runs the various antivirus scans. Install total security software for multi-tier protection
  • Avoid using the same devices that other members of your family use.
  • Learn how to identify malicious emails and messages.
  • Manage sensitive information only through the right channels.
  • Use specialized programs from the legal tech sector (preferably).


Comments