Good work from the Department of Interior Inspector General. Their conclusions apply just as well to law firms. The length of a password is more important than complexity. It’s better to have a phrase like JonesAndSallyLoveBaskingInSunshine than #si30_584JKL.
Implementing this advice is a no-brainer, since a well chosen phrase is easier to remember than
The always-reliable Sharon Nelson and John Simek have lots of good & timely ideas in their article It’s a Good Time for a Cybersecurity Checkup.
Password management programs do not merely make users safer. They make you more productive by reducing frustration and time lost through ad hoc password storage and organization techniques. Pretty nice parley, right? It’s sad that only 20% of people use one.
I’ve been using an app that gets high reviews, 1Password, for a
Too many good ideas & fresh thinking in this article by Sharon Nelson, John Simek and Michael C. Maschke to comment on them all here, but I’ll highlight one. This “social engineering” technique has been around for at least 30 years or so:
[A] current ploy is simply to pretend that they are someone
Certificates of Deposit with a 38% APY. Yeah, right.
Crypto nuttiness is going to end, probably soon. And with a bang, not a whimper. I encountered the sign pictured above touting a 38% APY on a walk in my neighborhood. It reminded me why collapse is inevitable. The flashing red lights are economic, historical and
John Simek of Senseient Enterprises has a good summary of CSO has some good tips on dealing with the ransomware threat.
New York has become the first state to mandate IT security training for lawyers. Let’s hope this starts a trend. An IT security breach can be a basis for lawyer discipline–or destroy a law firm. H/T Bob Ambrogi.
Apple has released security updates for a serious security issue. Hackers are actively exploiting a newly discovered vulnerability in iOS/iPadOS 14 and macOS Big Sur. Each should be upgraded immediately to the latest version:
Lifehacker.com has background information
John Simek provided many good tips during his recent presentation at VSB Techshow (archived at Virginia State Bar CLE site, for those who did not catch live version) I was particularly pleased that he recommended Bruce Schneier as a top source of IT security advice. Schneier’s blog is a consistent sources of valuable insights
Unfortunately, Tom Mighell is no longer updating his pioneering legal tech blog, Inter-alia.net . He may be too busy with the excellent Kennedy-Mighell Report, but for whatever reason, his blogosphere voice is missed. However, the Inter-alia archives contain lots of useful materials, including last year’s thoughtful three part series , Getting and Using a