Every month, Utah Business Magazine partners with Holland & Hart and Big-D Construction to host roundtable events with industry insiders. This month we invited the top legal minds to discuss security, technology, and work-life balance. Here are a few highlights from the event:
ANGELINA TSU, ZIONS BANCORPORATION: WHAT IS YOUR FIRM DOING TO ENSURE THAT YOUR CLIENT INFORMATION IS MAINTAINED IN A SECURE AND SAFE MANNER?
Dickson Burton, TraskBritt P.C.: We all invest a lot in the software protections and--but, really, we're as weak as our weakest employee. The security holes that we all have start and end with the employees. And that's where people get in is through email. There's a lot of training that has to take place. And, of course, we've hired outside consultants to help with this and to try to see where our vulnerabilities are in our network, but also to help train our employees to recognize those deceptive e-mails that come in. And they're getting more and more sophisticated as they target any of our companies, any of our businesses.
I mean, we had one scenario where our CFO received an e-mail, ostensibly from the president of our firm, asking for a wire transfer. And, thankfully, we have the two-signature required, dual factor authentication required for things like that. But she was ready to do the wire transfer. And it was for a significant sum. And she was just fooled by a very sophisticated spoof e-mail that seemed to come from the president of our firm. And we all get emails with attachments, with links, and things like that. But some of them are quite remarkably sophisticated. And we need to be careful and look for what the signs are. The bottom line is, we need to train even our lowest level employees, whichever employees have access to your network.
DO YOU HAVE A PLAN IN PLACE IN THE EVENT OF A DATA BREACH AT YOUR LAW FIRM? AND WHAT DOES THAT PLAN ENTAIL?
Graden Jackson, Strong and Hanni: We do have a plan. It's something that we do keep within our management circle. But because we have two offices, we're able to be sure that if there were a breach or something at one office, that client data could be retrieved at another office. And I think all of us have cloud-based systems these days that have some protection there.
We only allow folks at our firm to use firm computers when accessing our network. I know there was a push years ago to allow kind of everybody to have multiple devices to be able to access firm data. We've contracted that so that you can only use a firm device to log onto our network. That gives us greater protection. We can encrypt all the hard drives so if a laptop gets left in a cab or a hotel room or something, nobody can break into that laptop and access our system. And we have gone through other measures, training, that has been brought up before.
THE RULE OF LAW IS THE CORNERSTONE OF DEMOCRACY. WHY IS THE RULE OF LAW SO IMPORTANT TO A DEMOCRATIC SOCIETY? AND WHAT CAN WE, AS LAWYERS, DO TO PROTECT IT?
Richard Burbidge, Burbidge | Mitchell: There is a saying that if you have integrity, nothing else matters. And if you don't have integrity, nothing else matters. And that applies to your governmental system, especially in distributive justice. And the thing to understand is its culture. We have a culture of democracy. It's being attacked, but we have a culture of democracy and respect for the rule of law. The rule of law is simply the rules by which a minority can legitimately become the majority without any bloodshed, without any chaos. And that is critical for...