In February 2010, an IT manager at Ogilvy Renault was nabbed by the Autorité des marchés financiers for insider trading. Dominic Côté was peeking at the confidential information of the firm’s clients and investing in the stock market just prior to a major announcement. Côté was fined $1.26 million; Ogilvy Renault was completely absolved of blame.
This anecdote shows that there can be many reasons to hack into a lawyer’s information. Whether your client is a famous personality, a publicly listed company or a government agency, it is best to protect the client’s documents, especially when they are being sent over the Internet.
“In the legal world, there are still frequent cases of zero security,” says Dominic Jaar, an associate partner at KPMG Canada. Many lawyers send unencrypted emails and attachments.” They are relatively easy to intercept.
Another pitfall to avoid is public WiFi, such as at Starbucks. “In that case, you need to use a solution like LogMeIn or GoToMyPc to have secure access,” explains David Whelan. You can also use an HTTPS connection: “It can be slower, but it’s worth it,” points out Benoit Descary.
As for cell phones, the iPhone’s security protocol is generally considered easier to circumvent than the BlackBerry’s.
Not only your Internet connection, but your computer hardware must also be well secured. This goes from a short idle time on your computer (about three minutes) with a password being required to continue the session, to full encryption of the hard disk. “If your laptop is stolen, the data needs to be protected,” explains Jaar.
He continued with a list of tips to make things hard for hackers. If you use a wireless network, the router’s name needs to be changed, the WPA security code needs to be activated and the signal needs to be hidden. And in the case of a BlackBerry, it’s best to change the model name that shows on the network. In both cases the reason is simple: “A lot of people don’t change the default name and password, which makes it easy for a hacker to access your data,” says Jaar.
Although he finds sharing tools generally secure, he still remembers an old tried and true method for information that is just too sensitive to take any chances with: “Sometimes, it’s better to meet in person.”
Patrick Bellerose is a Montreal journalist.
This article was published in French in the March 2011 edition of National Magazine.