Securing Client Data in a Digital Age

WHY DOCUMENTS ARE AT RISK, AND WHAT YOU CAN DO ABOUT IT.

Law firms have many priorities to manage. Protection of client data should be at the top of the list. And even if it is, document flow and management are not usually among the highest security priorities. They should be, because private client information in any document that law teams handle is at risk of exposure, a disaster that could harm a firm’s reputation and cost millions of dollars to rectify.

New Threats Move Fast

Activist groups, disgruntled employees or clients, and cyber criminals have new means of accessing client information. They could be taking client documents from anywhere at any time: a desktop, a laptop, a mobile device, a table in a copier room, or during a file-sharing session.

 In the News 

Paradise Papers

n an event commonly referred to as The Paradise Papers, 13.4 million client documents were reported to have been leaked from:

  • Offshore legal services firm
  • High-profile corporate services provider
  • Corporate registries in 19 jurisdictions

Source: BBC, Paradise Papers: Everything You Need to Know About the Leak, Nov. 10, 2017

Panama Papers

In a separate event commonly referred to as The Panama Papers:

  • The largest records leak in history is said to have taken place
  • Allegedly, a Panamanian law firm was the source
  • Global investigations followed

Source: Law Times, Panama Papers and Solicitor-Client Privilege, Aug. 13, 2018


Lack of standardization, outdated equipment, and innocent mistakes can put law firms at risk of exposing client data when document creation, access, and flow aren't controlled and secured.

Law Firms: Top 10 Cybersecurity Threats IN 2018

Lack of Pervasive security Mindset

SECURITY ISSUES WITH THIRD-PARTY PROVIDERS AND CLOUD SYSTEMS

Ransomware

RoGUe employees

Hactivists

Nation-state espionage

ACCIDENTAL EXPOSURE BY WELL-INTENTIONED EMPLOYEES

Technology obsolescence

PASSWORD MANAGEMENT BEING WEAK OR NON-EXISTENT

REDUCED SECURITY STANDARDS FOR REMOTE WORKERS

Source: Logicforce, "Top 10 Law Firm Cyber Security Threats Right Now",

SIX TOP WAYS TO SECURE CLIENT DOCUMENTS

Every day firms handle tremendous amounts of sensitive documents containing private client information. Those documents are created, uploaded, downloaded, shared, copied, printed, and filed. This fast-moving connection of workflows must be secured, but also organized and controlled for productive operations.

Here are six ways to help secure your document ecosystem:

Ensure every incoming client document immediately enters the same document management system. Use an encryption method to protect documents when they are in digital storage or being transferred digitally.

Use an integrated hardware-software solution for document management so that users can share information without leaving the secure ecosystem.

Require user authentication at points in a workflow where documents will leave the secure ecosystem, for example when documents are transferred via mobile file sharing.

Having visibility to active document workflows can enable monitoring for abnormal activity or unauthorized access.

Security protocols should be intuitive and easy to follow to promote user adherence to firm policies, and can help reduce firm liabilities.

A proactive approach to security involves a balance of document availability, confidentiality, and integrity because a security plan should be aligned to business drivers and outcomes or it won’t be effective.

LACK OF PREVENTION IS COSTLY

$7.91 million

Average total cost of a data breach for U.S. organizations in 2018

Source: Ponemon Institute, 2018 Cost of Data Breach Study, July 2018

Take a Unified Approach

Securing and controlling document workflows doesn’t have to slow down day-to-day operations or impede client services. In fact, solutions like uniFLOW from Canon USA can help enable firms to contribute to a secure document ecosystem by providing a consolidated platform for collecting documents and managing document output.

The reality is that many points of potential exposure exist in the life of any active client document. Having visibility and control of document workflow can help law firms reduce risk while continuing to provide clients with stellar service.


Canon U.S.A. and Canon Solutions America do not provide legal counsel or regulatory compliance consultancy, including without limitation, Sarbanes-Oxley, HIPAA, GLBA, Check 21 or the USA Patriot Act. Each customer must have its own qualified counsel determine the advisability of a particular solution as it relates to regulatory and statutory compliance.

Canon products offer certain security features, yet many variables can impact the security of your devices and data. Canon does not warrant that use of its features will prevent security issues. Nothing herein should be construed as legal or regulatory advice concerning applicable laws; customers must have their own qualified counsel determine the feasibility of a solution as it relates to regulatory and statutory compliance. Some security features may impact functionality/performance; you may want to test these settings in your environment.

Neither Canon Inc., Canon U.S.A., Inc. or Canon Solutions America, Inc. represents or warrant any third-party product or feature referenced hereunder.

As of December 2018.

Canon is a registered trademark of Canon Inc. in the United States and elsewhere. Océ is a registered trademark of Océ-Technologies B.V. in the United States and elsewhere. All other referenced product names and marks are trademarks of their respective owners and are hereby acknowledged.
© 2018 Canon Solutions America, Inc. All rights reserved.