As prime targets for cybercrime, as highlighted in the Law Society Gazette recently, law firms must do all they can to protect their information and it starts with the careful selection of a trusted IT partner. Every law firm needs a supplier they know for sure is doing everything they can to keep their data safe.
Lack of Information Security is probably the biggest threat to any business in today’s global markets, especially so for law firms because of the nature of the information they hold on behalf of clients. The world is changing. The BBC reported in January 2017 that crime has changed. They quoted John Flatley, of the Office of National Statistics, he said: “When the crime survey started 35 years ago fraud was not considered a significant threat and the internet had yet to be invented. Today’s figures demonstrate how crime has changed, with fraud now the most commonly experienced offence. In the past, burglary and theft of vehicles were the high-volume crimes driving trends but their numbers have fallen substantially.”
The root of cyberfraud in the 21st century is information/data security. The ramifications of cybercrime can be devastating to both large and small firms and it seems legal Practices are viewed as prime targets because of the diverse information they hold about themselves and their clients including sensitive information such as: financial and payment details of clients, highly confidential mergers and acquisition data, even their own corporate email account login data which fraudsters are hacking and finding ways to pose as trusted colleagues and wreaking havoc.
Selecting an ISO 27001 certified supplier for your legal practice management system is highly recommended as are ISO 27001 certified data centres for law firms choosing to host their data in the cloud. It shows your supplier is meeting the requirements of internationally recognised standards and is committed to continual improvement with control measures in place to ensure regulatory and legislative compliance is met.
This has always been important for law firms, but became even more important when GDPR (General Data Protection Regulation) came into force on 25 May 2018.