The International Legal Technology Association’s 2022 survey is a broad treasure trove of data reported from 541 law firms.
There are 11 major topics including Infrastructure, Document Management, Practice Management, and Business Continuity.
My focus is on four of the twenty-seven questions surveyed in the Security section.
- Password Management
Password managers are one of the most highly recommended solutions for security. They help with: using complex passwords, deterring repeat usage of passwords, and providing secure storage for passwords. There is a learning curve to using a password manager, but once I got up to speed, I wondered how I would live without it. We have so many passwords to juggle these days. I am surprised that 50% of respondents are not providing a password manager.
2. Multi-factor Authentication
Perhaps the single most recommended security mitigation is multi-factor authentication (MFA). Here we see Duo Security (a Cisco company) is the leader at 45%. There are three Microsoft solutions listed which total 27%.
In legal tech, it’s notable when a third-party solution is more widely adopted than a Microsoft solution as most law firms operate on the Microsoft stack.
3. What do You Secure with MFA?
The largest response is VPN/Remote Access (not exactly the same thing to me). Then Office 365. It’s very good to see high adoption of MFA for these widely used applications.
4. Which Phishing, Vishing, Social Engineering, or Security Awareness Program?
KnowBe4 is the stand-out at 62%. Others used are Mimecast, Traveling Coaches, Proofpoint, managed service providers, and solutions developed in-house. Only 7% reported “None.” As phishing and social engineering are the cause of about 90% of exploits, law firms are wise to have these programs in place.
You may access the full data-rich report or the executive report from ILTA. Here is the download page.