Information security is one of the hottest issues facing companies today. But much of the attention has been focused on malicious or outside-in threats posed to information, while little has been done about inadvertent confidential information leakage.
Almost all (around 95%) of information leaks are carried out unintentionally by employees via e-mail, e-mail attachments and by using, and sometimes losing, portable devices such as USB memory sticks, laptops or BlackBerrys.
Possibly more worrying is how few people realise the dangers. In a recent survey by Workshare, fewer than half of respondents said they were concerned about valuable information being leaked, intentionally or inadvertently, despite highly publicised incidents in the press. Disgruntled employees and corporate espionage are not common, yet all employees distribute sensitive information every hour of the day with no real protection mechanism in place to protect inadvertent information leakage.
Law firms work on complex projects with highly sensitive information that, if put in the wrong hands, could be the difference between winning and losing a case. Indeed, most documents look 'clean' on the surface, but can contain hidden information such as Microsoft Word's 'track changes' or comments that can be easily viewed. PDFs are not immune either.
'Cleansing' documents such as Word files or PDFs of any confidential information, whether hidden or in the text itself, will enable law firms to enforce policies that mitigate risk when it comes to securing their most valuable assets, such as intellectual property and client confidentiality. Furthermore, personal indemnity is the second largest expenditure of any law firm - strong risk mitigation strategies can reduce costs.
So if information leaks can be reduced through the deployment of solutions that can 'clean' documents, why do 57% of businesses in our survey not have a method of automatic enforcement of information security?
Law firms that have not deployed solutions automatically to control and protect information should do so, but also, given the impact on compliance and financial performance, they should advise their clients to do so as well.
This is not just an issue for law firms but for the business community as a whole. The sooner organisations realise the threat they face every day from sensitive information breaches and look to stop it, the better.
Andrew Pearson is Workshare's executive vice-president for Europe, the Middle East and Africa
More from News
-
NewsTribunal member’s pay claim dismissed over ‘worker’ status
Employment tribunal finds specialist tribunal member did not work under a contract but held office.
-
NewsOutgoing bar watchdog savages Legal Services Board
Bar Standards Board chair says regulatory structure established by Legal Services Act 2007 is ‘failing’.
-
NewsLawyer's 'zeal' for litigation not enough to strike out contempt proceedings
Pogust Goodhead chief executive Tom Goodhead said on a podcast he wanted to be a mining giant’s ‘absolute worst nightmare’.
Partnership
Charity Explorer provides a reputable reference tool for solicitors, will-writers and their clients who want to leave a legacy or charitable gift.
Visit Charity Explorer
Whether you are looking for legal expert witnesses, legal training/CPD providers, international law firms, administration of estates, legal software suppliers, barristers chambers or any other general legal service, the Legal Services Directory will provide a suitable option.
Visit Legal Services Directory
No comments yet