Orrick recently paid $8M to resolve a data breach lawsuit. More and more law firms are reporting breaches—yet many still share confidential information via unsecured email. Other firms use secure sharing software, but say it creates extra work. Here’s what you need to know, and why LexShare might be the solution for your firm.
Emailing confidential information is risky
Law firms go to great lengths to protect clients’ confidential information. Protecting clients’ privacy is more than an ethical duty; it’s the wellspring of trust in the attorney-client relationship. Sending confidential information via standard email creates special risks:
- Unencrypted emails can be read by others while they are in transit.
- Emails may be stored insecurely at your end or the recipient’s end. If there’s a data breach, confidential information in the emails could be exposed.
- Email accounts can be hijacked by bad actors who send or read emails.
- Email addresses can be faked (“spoofed”). Spoofers can use social engineering and/or fake links to trick you into revealing confidential information (“phishing”).
- You can accidentally send an email to the wrong person.
The fallout from an email attack or human error can be significant. In addition to defending ethical complaints against individual attorneys, firms can face costly lawsuits and class actions. The outcome of a case or deal could change if confidential information is released. Reputational damage to the firm and the individuals involved can also occur.
File-sharing platforms are secure… but not always easy to use
In light of the risks email creates, firms often use secure file-sharing software to send and receive confidential information. Files are usually shared via a portal or an email add-on.
A portal is a private, password-protected website that allows clients to securely share files and/or get secure messages. Email-based sharing solutions often include encryption and recipient verification, and sometimes add extra steps to sending an email.
Each approach comes with pros and cons.
Portals offer excellent security, but they can be a challenge to administer. Some firms report new administrative burdens, like getting frequent phone calls from clients who’ve forgotten their passwords. Clients may also need support using the portal.
Email add-ons are sometimes easier to administer than portals because they operate more like regular email. That said, they can slow down law firm workflows if they aren’t well-integrated into the existing email system. And if there are too many extra steps, people won’t use the tool.
Finally, secure file-sharing platforms themselves are hacker targets. Software committees and decision makers have an ethical obligation to carefully assess potential vendors to make sure appropriate safeguards are in place.
LexShare combines serious security with the ease of email
If your firm is sharing confidential information via unsecured email, you’re certainly not alone—but it’s time for a change. LexShare’s email plug-ins offer a user experience that’s very similar to attaching a file. But your clients’ confidential information is protected by bank-grade security and robust recipient verification.
If you already have secure sharing software, but find it cumbersome to use, LexShare might be a game-changer for your firm. LexShare’s email plug-ins make sending securely as easy as email. You can get powerful protection, like customizable Q&A-style recipient verification, without ever leaving your inbox. You can also choose a secure, firm-branded portal that most clients can use without assistance, so there’s less impact on your workload.
Ready to hear more? Learn about LexShare.