Disaster Planning: Turn Off Email Address Autocomplete

February LPMT Tech Tip

Headline after headline after headline reveal attorneys suffering disaster because of mis-sending email. While slowing down and paying more attention can help, turning off some of the convenience features built into email applications can’t hurt. In MS Outlook (2010 & 2013) go to File – Options – Mail – Send Messages and uncheck “Use Auto-Complete List to Suggest Names when Typing in the To, CC, and BCC Lines”.

autocomplete

 

 

 

 

Then click on “Empty Auto Complete List”.

autocomplete button

 

 

 

 

If that seems a bit too nuclear you can selectively remove old or easy to abuse AutoComplete email addresses that appear in email by clicking on the X next to the name that appears. This will clear it from your auto-complete list.removefromlist

 

 

 

 

 

If you use keyboard shortcuts like <Cntrl + Enter> to send an email you can turn it off. Why? Because this method  is so quick that it can be dangerous! You can turn off that shortcut by unchecking the option box, which appears in the same options menu as turning off AutoComplete. Now you won’t be able to create a disaster in the blink of an eye.

cntroenter

 

 

 

 

For Gmail you must delete individual contacts for them not to show up in AutoComplete, though you can go to Settings and choose to add contacts youself instead of the default “When I send a message to a new person, add them to Other Contacts so that I can auto-complete to them next time”.

gmailcontacts

 

There are other remedies for common mistakes like the “Reply All” monitor from Sperry for MS Outlook or Google’s “Undo” option in Labs (which can also be done in MS Outlook and is actually just putting a short delay on the “send” time). However, the main way to having embarrassing, costly or worse things happen from misuse of email is just to slow down on the send button.

 

How to Securely Use Dropbox in a Legal Environment

To view this post, you must be an active CBA member.

Email Encryption For Everyone

The recent confirmation that the US government, through the NSA’s PRISM surveillance, collects massive amounts of electronic data is really only the tip of the iceburg when viewed in light of all of the potential exposure email has to unauthorized access. From hackers to governments to law enforcement to targeted espionage to identity thieves, there are many who may want to access and view your email and its attachments.

Depending on the type of client you represent and the work you do unencrypted email exchange may not provide enough protection for confidential communication. The ABA’s formal opinion from 1999 on email encryption (99-413) generally allows for use of email to communicate with clients, but also provides the caveat that “when the lawyer reasonably believes that confidential client information being transmitted is so highly sensitive that extraordinary measures to protect the transmission are warranted, the lawyer should consult the client as to whether another mode of transmission is, such as special messenger delivery, is warranted..”

Much has changed since 1999. Commentary in the opinion states: “[t]he Committee believes that e-mail communications, including those sent unencrypted over the Internet, pose no greater risk of interception or disclosure than other modes of communication commonly relied upon as having a reasonable expectation of privacy. The level of legal protection accorded e-mail transmissions, like that accorded other modes of electronic communication, also supports the reasonableness of an expectation of privacy for unencrypted e-mail transmissions. ” Read in light of the known, legal interception of email transmission by the government and the increased use of webmail services that offer free service in exchange for access to the text of the email is it still reasonable to rely on an expectation of privacy and legal protection of email transmissions?

There are a variety of ways to encrypt email communications. For large firms working with corporate clients, firms representing governments, lawyers representing political prisoners and other circumstances may require an end to end encryption solution such as PGP to be set up and used by both parties. Once in place the process is relatively seamless. Lifehacker provides a great guide on end to end encryption for email clients and webmail..

However, lawyers who work with consumer clients including estate planning, family law, bankruptcy, criminal, real estate, civil rights etc. may not have a long term relationship with their clients or have the level of sensitivity in the communication that warrants a long term encryption key exchange. For those situations attorneys can still encrypt email on a short term or case by case basis by using some of the “on demand” email encryption options available. These tools are often free for limited use and while they do not provide the level of protection afforded by traditional email encryption they do provide some peace of mind. The article Easy Encryption for Email is Not an Oxymoron provides information on three such services that employ different models for protection. To see these easy encryption options in action check out the How To… video from the Chicago Bar Association’s LPMT.

Managing LinkedIn Endorsements and Optimizing Your Profile

During Membership Appreciation Week here at the Chicago Bar Association I put on a program on how to optimize your LinkedIn profile. One question that came up was about the new endorsements of your skills and expertise listings. If you are interested in managing that area of your profile take a look at this short video. If you would like to see the entire program it is now online, free for Chicago Bar Association Members.

You may also want to take a look at a recent article from Attorney at Work titled “Should Lawyers Connect with Competitors?” and note the links to other pertinent articles on lawyers’ use of LinkedIn at the end of the article.

Layering Security: Two Factor Authentication

“In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.”

Thus starts the story of Mat Honan, a writer for Wired Magazine. Mat’s story should be a cautionary tale for all, especially lawyers whose duties to maintain the confidentiality of client data extend the need for added security beyond just personal inconvenience.  Mat admits that much of what happened could have been avoided by using two factor authentication on his Google account and other security measures.  So, why didn’t he do it? Because adding layers of security means adding a layer of complication, and sometimes inconvenience. However, to unravel from a firm security breach or hack would be even more inconvenient.

Google’s Gmail, Google Chrome, LastPass, Dropbox, WordPress and many other popular services have added an extra layer of security that a user must enable called “two factor authentication”.  The concept of this security is that a person cannot access another user’s account without something she knows and something she has. In the case of these popular services the solution is a strong password plus a secondary code that is sent via text to a smartphone or mobile device.  Both are required to access the account. For two factor access to laptops there are devices like USB tokens and smart cards that must be plugged in for the machine to boot up. Likewise you can buy external biometric security devices, such as a fingerprint reader, which is a substitution for what the user has to what the user is.

The SANS Institute OUCH! newsletter this month provides further information and links on two factor authentication for popular online services. When enabling two factor authentication make sure to read all the instructions carefully. Matt Cuts blogs for Google on how the two factor authentication works with Gmail, and dispels some myths about any perceived difficulties this may add to accessing your email.

Want to learn more about security best practices for your law firm? Sign up for the CBA CLE (1.5 IL PR Credit)  “Lighting the Corners: Security Best Practices”  in person or webcast on November 20 at 12 CT.

CBA’s Law Firm Start-up Boot Camp is one week away – register today!

Whether you are going solo, opening a small firm, or just need a refresher, the CBA’s new “Law Firm Start Up Boot Camp” is a day long event that will provide essential information on getting a successful law practice up and running.

The program will be held on Thursday, October 4, 2012, from 8:45 a.m. to 5:00 p.m. at the CBA Building, 321 S. Plymouth Ct., Chicago. The program has been approved for 4.25 IL Professional Responsibility Credit and 1.75 IL MCLE Credit.

Our panelists include some of the most experienced practice management advisors in the country: Jim Calloway, J.D., Director, Management Assistance Program at the Oklahoma Bar Association; Natalie Kelly, Director, Law Practice Management Program, State Bar of Georgia; Catherine Sanders Reach, Director, CBA Law Practice Management & Technology Division; and Reid Trautz, J.D., Director, Practice and Professionalism Center, American Immigration Lawyers Association.

The presentation will provide practical and proven guidance to lawyers in various settings to create effective, ethical and efficient solo and small firm practices. In this economy you have to give yourself the best chance for success. Invest in yourself. Invest a day to learn the best practices for your law practice. Invest in your future. Whether you are just starting out or looking to inject new ideas and energy into your existing firm, this is an event you won’t want to miss.

Topics include:

  • Becoming a Law Practice Entrepreneur
  • Budgeting and Financing
  • Building a Client Base
  • Using the Web/Social Media for Practice Development
  • Money Talks
  • All About Clients
  • Managing the Matter
  • Risk Management
  • The Life of the Lawyer

PLUS a networking lunch with the speakers, sponsored by CBA Administrators

Register to attend in person, or online (am and pm sessions are separate registrations) or call 312-554-2056

Upcoming LPMT Programs and Training

Don’t miss upcoming CLE programs and free training sessions:

Coming up in August:

  • How to… Take Control of Social Media with Hootsuite
  • How Lawyers Can Use Collaboration Tools

Coming up in September:

  • How to… Use MS OneNote for Project Management
  • How to… Automate Functions in MS Word
  • Smarter, Better, Faster: Document Assembly

Coming up in October:

  • How to…  Get the Most Out of LinkedIn
  • How to…  Manage Complex Tasks in Basecamp
  • How to…  Use MS Outlook Add-ons
  • Intersection of Ethics and Technology

PLUS Law Firm Startup Bootcamp on Oct. 4 – everything you need to know to start (or update) your law firm!

Register online at the Chicago Bar Association – CLE - CLE Seminars  and check the LPMT “Upcoming Programs” calendar for program descriptions, dates and times.

New How to… and CLE Archives Available

New archives available:

Did you know that if you registered for a CBA LPMT CLE program or training class you can go back and watch the recording any time?  Simply log in to the Chicago Bar Association website and look under “Webcasts” and then select “My Seminars” from the drop down menu.  If you missed a session, the links to the recordings will be available on the LPMT site listed in the Program Archives link under “Upcoming Programs”. Just register to watch.

Also, all Chicago Bar Association members have access to previous progam materials, as well as white papers and other information.  Click on the “Articles (CBA Members Only)”  tab in the site header.

Directory powered by Business Directory Plugin