1 / 34

Disaster Preparedness: Getting Your House In Order AND Preparing Your Attorneys

Learn how to prepare your law firm for disasters, including crafting a business continuity plan, adequate insurance coverage, and computer security practices. Assess your vulnerabilities and establish policies and training to enhance your firm's security posture.

douglaswood
Download Presentation

Disaster Preparedness: Getting Your House In Order AND Preparing Your Attorneys

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Disaster Preparedness: Getting Your House In Order AND Preparing Your Attorneys Panelists: David Nguyen Catherine Sanders Reach David Bienvenu

  2. Today’s Agenda • Preparing For Disaster • Getting Back Up and Running After a Disaster • Helping Lawyers (LRIS panelists) and the Public After a Disaster

  3. Failing to Plan = Planning to Fail

  4. States and U.S. Territories Requiring Disaster Legal Services July 24, 2006 – June 2, 2011

  5. Planning For Disaster • Crafting a business continuity plan • What is your mission? • Gather information • Vendors, insurance, real estate/landlord • Staff, panelists, clients • Document processes, people • Risk management • What are vulnerabilities that can be mitigated

  6. Mitigate Risks • Adequate insurance • Computer backups • Computer security

  7. Adequate Insurance Coverage • Property insurance • Contents insurance, including extra riders • Commercial general liability • Third-party bodily injury or property damage • Business interruption insurance; • Crimes coverage; and • Disability, life, or other appropriate personal coverage.

  8. Property: Identify, Protect And Insure • Create a detailed inventory of ALL office contents • Consider pictures or video • Get proper insurance coverage • Make your office safer • Have plan for an alternative office

  9. Review and Evaluate the Adequacy of Your Coverage • Review policy limits, stipulations, exclusion clauses • Are consequential losses are covered? (likely are not) • Consider the following coverage options • Replacement value • Valuable papers coverage, including cost to recreate files

  10. Adequacy of Your Coverage (cont.) • Loss of income • All risks, including flood and earthquake • Cleaning/restoration costs • Payment of interim rent • Sprinkler/water damage and • Personal items (review if your homeowner's coverage covers these items).

  11. Computer Backups

  12. What To Backup • Servers • Laptops • Desktops • Smartphones • SaaS

  13. Backup Best Practices • Do full backups • Do backups daily • Review the backup log • Make sure open files are being backed up • Regularly do test restores • Identify offsite storage location • Backup also co-location?

  14. Backup Best Practices • Keep all software license numbers and installation discs • Use Belarc Advisor to take snapshot of harddrives • Create a disc image • Native in Win7, MacOS X 10.4 and up • Acronis TrueImage, Norton Ghost, ShadowProtect

  15. Backup Media Options • CD-RW: low capacity, fair speed, med cost, not automatic • DVD: med capacity and cost, not automatic, many formats!!! • Tape: high capacity, slow speed, fair cost, automatic • Portable hard drive: high capacity, fast, low cost, automatic

  16. Backup Best Practices • Rotate and keep generations of media • Replace tapes regularly • Create written instructions for restoring

  17. Online Backup • Home versus Business versions • Examples: Carbonite home or business • Good option for files • Storage gets expensive • Only backup active files? • Make sure backups are working properly

  18. The “Cloud” and Software as a Service

  19. Assessing SaaS • Who can access data? • Is there co-location and where? • Business continuity plan • Is data encrypted (strong) in transit and at rest • What is the privacy policy, TOS • Corporate maturity (freemium?)

  20. Assessing SaaS • Are there offline options • Service level agreement • Export/Data migration

  21. Computer Security

  22. Threats from Without • Hackers, script kiddies • Viruses, worms, Trojan horses • Storage of data offsite – ASP’s • Harden the system to reduce vulnerabilities – no wireless networks!! • Firewalls, A/V software • Good passwords, Δ’d frequently

  23. Threats from Within • FBI/CSI reported 70% of all attacks on a network occur via the Internet, but • 75% of all dollar losses come from internal intrusions • Gartner Research estimates that 90% of all security breaches will originate inside companies • We have the most to fear from those already inside the moat….

  24. Policies and Training • Develop a security attitude • Understand that restrictions and rules are for the safety of the firm and the firm’s clients • Stress security practices the same way you would with a child – “Stranger, Danger!” • Your firm is your castle – lock the doors, bar the windows, and dig a moat

  25. Policies and Training • What security policies should be in place? • Computer acceptable use policy • Email use policy • Internet use policy • Social media use policy • Other useful, related policies • Employee privacy policy • Email/document retention policy

  26. Policies and Training • Make policies available • Shared network drive • Intranet • Enforcement • Review and signed at least annually • Training sessions to reinforce understanding • Make FAQ available • Repercussions for non-compliance?

  27. Assess Your Vulnerabilities • Some vulnerabilities can be minimized or eliminated • Vulnerabilities worksheet at www.practicepro.ca/disasterrecovery

  28. Recovering from Disaster • Human life and safety come first • Review disaster recovery file and implement your plan • Report to authorities • Rescue critical records/valuable property • Mobilize emergency response person/team • Make maximum withdrawal from ATM • Move to the recovery process

  29. Lessons Learned: Recovering from Disaster • Location • Displaced from: • Office • City • How has it affected other services? • Are you ready to relocate/work remotely?

  30. Lessons Learned: Recovering from Disaster • Communication • Getting the word our to staff, panelists, clients • Phone list • Alternates • Text/SMS • Web forums (Quick Topic) • Social media (Twitter, FB) • Website/blog

  31. Lessons Learned: Recovering from Disaster • Restoration • Prioritization • What is your mission? • Follow the business continuity plan

  32. Legal Help After a Disaster • Helping Lawyers (LRIS panelists) • ABA resources • State bar resources • Small Business Administration • Helping the Public • ABA YLD DLS

  33. Thanks!

More Related