This page contains a Flash digital edition of a book.
Incident Response Plan This plan generally refers to some sort


of security compromise, most often a data breach, though it can also cover attempt- ed breaches, security alarms, unauthorized access by employees, etc. The big kahuna is the data breach. More and more data breaches are occurring in law firms—and forty-six states plus the District of Colum- bia have data breach notification laws with a possible federal law looming on the ho- rizon.


Incident response plans help to make


sure you have an action checklist: 1. Verify what happened 2. Who is in charge of the investigation? 3. Solve the immediate problem (usually getting hackers out of your network) while preserving the evidence


4. Call in outside experts or use internal resources?


5. If a data breach has taken place, what steps does the law require you to take?


6. Harden your security so this particular incident can’t happen again


There is, as you can imagine, far more to consider.4


Disaster Recovery Plan


By now, most lawyers understand what a disaster recovery plan is. Your server has had a meltdown, your building is engulfed in flames or your office is underwater. Ca- tastrophes take many forms. We would stress that the number one problem in di- saster situations is communications. Make sure your plan identifies who is in charge of what and gives alternate ways to communi- cate with those who have specific job func- tions. Protecting lives is the first goal, but then


restoring business continuity is key. There are so many factors to consider that it bog- gles the mind. As we learned when our building had a fire and we had no access to our office for a week, no disaster recov- ery plan survives first contact with the en- emy. Once the disaster is over, you will no doubt find that you need to revisit and re- vise your plan. Ready to roll up your sleeves and get started? There is a treasure trove of re- sources available from the American Bar Association.5


Mobile Security Policies


Lawyer mobility has expanded so much in the last ten years that most of us can now work from anywhere and have access to our office documents as long as we have an In- ternet connection. But all this connectivity means we have serious security concerns as


www.vtbar.org THE VERMONT BAR JOURNAL • SUMMER 2012 37


we connect with laptops, tablets and smart- phones.


It is critical that our remote connections


are secure and that we transport and store confidential data in a secure manner. Would it take an epic novel to tell you how? Yes. So it is very helpful that the SANS Institute has a suite of mobile security policy templates.6


Equipment Disposal Policy


It can’t leave “home” with data on it. So you can’t junk your computers or donate them to charity without doing a secure wipe of the data. We recommend a free prod- uct called Darik’s Boot and Nuke (DBAN).7 Once again, there are terrific resources from the ABA.8


Litigation Hold Plan If you don’t have one, you’re asking for


trouble. If you know you have been sued or are the subject of a regulatory action, or that either one is likely to occur, you are un- der a litigation hold and must proceed ex- peditiously to preserve the relevant elec- tronically stored information (ESI). This will require a team of folks—legal, man- agement, IT, etc.—to gather quickly and take the necessary steps. You’ll need to in- terview key players and the IT folks to lo- cate the relevant data, decide if you have backup media that must be preserved and whether you need to cease automated jan- itorial functions on your network. Period- ic litigation hold notices must be sent out. And that’s just the beginning.9 Though column space doesn’t allow us to


delve extensively into the components of all of these policies, we have tried to pro- vide a snapshot of the most common poli- cies and plans and give you a link to further resources. These policies and plans are an integral part of risk management and en- suring business continuity, two things near and dear to the heart of all lawyers.


© 2012 Sensei Enterprises, Inc. ____________________ Sharon D. Nelson, Esq., and John W.


Simek are the President and Vice President of Sensei Enterprises, Inc., a legal technol- ogy, information security, and computer fo- rensics firm based in Fairfax, VA. 703-359- 0700 (phone) www.senseient.com.


____________________ 1


law/ blt/ndpolicy1.html. 2


social-media-policy.pdf. 3


If you’ve no idea where to start, here’s one model policy: http://apps.americanbar.org/bus-


To keep from reinventing the wheel, you can find a sample social media policy at http://the- byrneblog.files.wordpress.com/2010/03/sample-


americanbar.org/lpm/lpt/articles/ftr07046.html. 4


policies/incident-response-plan.html. 5


law_firms.html. 6


8


You can find a sample DRP at http://apps. A good starting point may be found at http://


www.comptechdoc.org/independent/security/


http://www.americanbar.org/groups/commit- tees/disaster/resources/resources_for_lawyers_


sources/policies/mobile.php. 7


Available at http://www.sans.org/security-re- Available at http://www.dban.org.


http://www.americanbar.org/groups/depart- ments_offices/legal_technology_resources/re-


sources/charts_fyis/ computerdisposal.html. 9


Further fodder for thought may be found at http://tamut.edu/recordreten/Sample%20Litiga- tion%20Hold% 20Procedures.pdf.


Essential Law Firm Technology Policies and Plans


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48