Role Models: To Better Ensure Data Security, Check Your User Permissions

Every law firm owner is aware that outside actors can breach data and cause a host of problems.  Hackers are the bogeymen in this situation.  And so, much concern is spent over password management, encryption and email scams, including ransomware and phishing.

To have a truly effective data security program, law firms also need to consider the access that internal staff enjoys.  An under-covered segment of most data protection laws is that those laws also require that internal users only have access to the data that they need to have access to to perform their jobs.

So, ask yourself: Does your paralegal need access to your financial data?  Must your bookkeeper have full access to your case files?  For screening purposes, should certain lawyers be barred from viewing certain case files?

That’s just a smattering of potential queries you could make, but the overarching idea is that you should look at each person in your organization and ask what information each of those persons needs access to.

Then, to ensure that your wishes are met, you’ll need to do some detective work and look at the roles and permissions options in your various software tools.  Those options are getting more and more granular beyond simply opting everyone in as an administrator and hoping for the best.

If you can align your data security requirements with your technology, you’re in business.  (And, will likely stay in business.)

. . .

If you want to talk about the junction point between data security and technology applications, contact us today!

The Wyoming State Bar offers free law practice management consulting services through Red Cave Law Firm Consulting.

To request a consult, visit the Wyoming State Bar’s law practice management page, and start running your law firm like a business.

Share on Social Media