Section News

& emerging technology and issues regarding technology

Category: Legal Technology Archives

Federal Trade Commission’s Suggestions to Secure Data

In the most release of Circuits, Pierre Grosdidier and Cassidy Daniels share a thorough article on the Federal Trade Commissions guidelines. Their research and reference to supporting materials sheds light on the FTC guidelines. Just a small sampling of suggestions the FTC’s guidelines offer:

  •  Do not collect unneeded information.
  •  Restrict access to data.
  •  Require secure passwords. “Qwerty” and “121212” are no better than having no password at all.
  • Suspend or disable users after a certain number of unsuccessful login attempts.
  • Store and transmit sensitive information securely. Train personnel and use accepted encryption methods—no need to reinvent the wheel.
  • Segment networks and monitor who is trying to get in and out.
  • Secure remote network access.

Read the article by Pierre and Cassidy in its entirety here.

Lawyers, are you keeping up with your security updates?

Businessman standing and working wth touch screen

By: Ronald Chichester | http://www.texascomputerlaw.com

Lawyers, are you keeping up with your security updates?

As we’re all too keenly aware, software programs can contain flaws that make the lawyer’s (or client’s) data vulnerable to compromise.  For example, the makers one of the more common software applications that attorneys use for encrypting client data — 7-zip — have recently found some vulnerabilities in their encryption code.  The bugs got fixed last week (on May 10 to be exact).  But have you updated your version of 7-zip since then?  For that matter, have you updated all the software on your machines?

Yes, the Linux guys have it easy.  Their package managers update not only the operating system, but all open source software installed on their machines.  Unfortunately, those of us who use Windows or OS X have to update manually.  We know that’s a chore, but an important duty nonetheless.  The software guys endeavor to plug security holes as quickly as possible.  Sometimes they fix the problem within hours, but often within a day or two.  It would be poor recompense for their efforts if you failed to update your software when needed.

I know that some of you who have read this are saying to yourself: “Hey, I’ve got better things to do than to chase down updates.”  Well, maintaining client confidences is part of YOUR job.  Fortunately, there are some things that you can do to make the job easier.  The Federal Government sponsors a website from which you can glance for problems with your important applications (like Adobe Acrobat, Windows, etc.).  Take a look at:

http://www.kb.cert.org/vuls/byupdate?open&start=1&count=20

Those of you with news aggregators can take advantage of their RSS feed:  http://www.kb.cert.org/vulfeed

The nice thing about that database is that it tracks more than just the software on your PC.  It also alerts you to problems with your other equipment, like routers and printers.  It’s there for your protection, and it’s free.  Use it.

Databases in Discovery (Craig Ball, Circuits – January 2016)

I loathe the practice of law from forms, but bow to its power. Lawyers love forms; so, to get lawyers to use more efficient and precise prose in their discovery requests, we can’t just harangue them to do it; we’ve “got to put the hay down where the goats can get it.” To that end, here is some language to consider when seeking information about databases and when serving notice of the deposition of corporate designees (e.g. , per Rule 30(b)(6) in Federal civil practice or Rule 199(b)(1) of the Texas Rules of Civil Procedure):

For each database or system that holds potentially responsive information, we seek the following information to prepare to question the designated person(s) who, with reasonable particularity, can testify on your behalf about information known to or reasonably available to you concerning:

The standard reporting capabilities of the database or system, including the nature, purpose, structure, appearance, format and electronic searchability of the information conveyed within each standard report (or template) that can be generated by the database or system or by any overlay reporting application;

1. The standard reporting capabilities of the database or system, including the nature, purpose, structure, appearance, format and electronic searchability of the information conveyed within each standard report (or template) that can be generated by the database or system or by any overlay reporting application; Read More

Built by Placement Edge Web Design