So which is more secure- an unencrypted email attachment or a client portal? Well, that is sort of a trick question because most everything is more secure than an unencrypted email attachment. And normally one would use the phrase “secure client portal” because by definition, client portals should be secure.
In this recent Oklahoma Bar Journal column, Email Attachments vs Client Portals, I discussed the differences between providing clients documents by sending them as email attachments versus providing the documents through a client portal. Some readers may be surprised at how easy and affordable providing a client portal is today. Some readers may have already used similar portals for a HIPAA-protected medical information provided by a health care provider.
Spoiler Alert: I think client portals are the best practice and unencrypted email attachments should be reserved for those situations where you would send a post card if you were using the U.S. Mail.
Trust account management is an important subject for lawyers in private practice and our Digital Edge podcast Trust Accounting for Lawyers has some great information and tips from a knowledgeable authority. Sheila Blackford is an attorney and practice management advisor for the Oregon State Bar Professional Liability Fund. She is also the author of an upcoming book from the ABA Law Practice Division on this subject.
Sheila is fun and engaging and brings her common sense approach to this topic. Sharon Nelson and I have known her for many years and were so happy that our friend agreed to be our podcast guest. Trust accounting is simple if you have a good process in place and Sheila discusses both manual methods of balancing the trust account and technology-based solutions. Thanks, Sheila.
Oklahoma lawyers who would like to learn more about trust accounting and modern tools for trust accounting are are invited to the Oklahoma Bar Center on the afternoon of December 6 for a CLE program Trust Accounting Essentials. The program is from 1:30 pm to 4:10 pm and features OBA Ethics Counsel Joe Balkenbush and OBA Practice Management Advisor Darla Jackson.The program will (1) describe the rules for handling trust funds and property; (2) discuss relatively recent changes to the handling of fees and trust transactions; and (3) provide practical guidance on how to use both print and electronic tools to produce client and general ledgers and to perform proper three-way reconciliation of trust funds accounts.
Early bird registration deadline is Tuesday November 29, so enroll by then for savings. But feel free to register anytime. This program will not be webcast.
Last week I had the extreme pleasure to meet with a delegation of Azerbaijan lawyers to discuss law office technology. I learned a couple of things that may be of interest to you.
These lawyers were visiting the United States as a part of the Open World leadership program and were sponsored by Rotary Club 29 of Oklahoma City. I was happy talk to them about law office technology. They also heard from our OBA Executive Director, General Counsel and Ethics Counsel. Their bar association is organized differently than ours, as a part of the central government rather the states or state courts. So we had a good discussion. I had little prior knowledge about Azerbaijan did a bit of online research before the meeting. I must say that this was one of the warmest, nicest and friendliest group of people you would ever meet. Meeting them was a truly great experience! They have much work ahead as their country’s legal system continues its evolution. But I certainly plan on checking in on the news from their country from time to time.
But there were two interesting law office technology aspects to my talk with them. First of all, I decided to do a speech recognition demonstration for them using Nuance’s Dragon NaturallySpeaking. I use this tool almost every day and knew that moving from my office to our larger board room would likely have a negative impact on accuracy. In fact I have set up an extra profile in DNS just so it doesn’t change my speech file based on different acoustics. I began my dictation with “Today I am visiting with a group of lawyers from Azerbaijan.” 100% accurate transcription. Everyone of the group looked surprised. I paused the dictation and assured them this was the first time I have ever said their country’s name into DNS. I dictated some more and DNS performed almost flawlessly.
The other interesting thing was during my brief discussion of practice management software tools and paperless work flow. Our OBA Practice Management Advisor Darla Jackson interjected that one of the tools, Practice Panther, was available in the Azerbaijani language, both the Cryillic and the Latin versions. I was aware they had developed a Spanish language version, but there are many other languages now included, even though unlike the Spanish language version, the others are done through machine language translation only. I’m not sure that they made any purchasing decisions after that but they did ask me to repeat the product name.
Last week many Oklahoma Bar members received an email with a subject line of “Oklahoma Bar Association Complaint.” Of course it was a fake. Our General Counsel’s office does not send out these types of official notices by email. But cyber criminals hope that the surprise and horror at reading a complaint has been filed will override judgment and generate a quick click on a link or attachment. If you receive an unexpected email that makes you want to instantly click on something, ALWAYS pause and think.
Every year I place several phone calls or send emails (not replies) to lawyers asking “Did you really just send me that email?” I’m known as a technology expert and I am not embarrassed to make outreaches, so you shouldn’t be either. The bad guys sending out these emails managed to obtain a lot of lawyer email addresses, because our General Counsel’s office phone lines lit up as soon as the emails went out. We blasted out a warning email to every OBA member just in case.
But today I received an email about the status on an Amazon order I hadn’t placed. You can click on the thumbnail at right to view an image of it. There were several warning signs. Why would I get a notice from Amazon in the UK? The ZIP file as an attachment is another clear sign. And if you save your Amazon order number, you would be able to compare and see this order number didn’t match your order.
As the holiday shopping season kicks into full speed, a lot of people will be shopping online. You might want to send a warning to your staff and lawyers that these threats will be increasing so that they will be vigilant. Even if your IT department has perfect defenses to these threats, a reminder might keep one of your staff from having their home computer compromised.
If you would like some more tips on protecting yourself from these kind of threats, you should read Beware Ransomware: Data-Encrypting Software Continues to Extort by my friend Shelia M. Blackford, Practice Management Advisor with the Oregon State Bar Professional Liability Fund. Her tips on How to Spot a Dangerous Email and Prevention Practices are excellent, not just for ransomware, but for the whole range of email-delivered computer threats.