SlideShare une entreprise Scribd logo

Confidentiality in a Digital World

Télécharger en tant que PPTX, PDF
David Whelan
David Whelan

This presentation was given to lawyers preparing to start practice in Ontario, Canada, as part of an introductory course. It is meant to provide an introduction to some considerations relevant to lawyers who store confidential client information electronically. It was given on December 16th in Toronto.

1  sur  33
Confidentiality in a Digital World David Whelan, Manager, Legal InformationThe Law Society of Upper Canada
Be aware
Risk Exists Without Technology
Risk Exists Without Technology
Risk Exists Without Technology
Risk Exists Without Technology “ I'm in a Starbucks & bunch of lawyers are talking about a client's email trail problem: clearly see their own speech trail as no problem ” - from Twitter April 29, 2010
Location, Location, Location
Laptops and Mobile Devices 2009 ABA Legal Technology Survey Report
Checklist
Risk Assessment Checklist  Unintended Portability
Assume Everything is Portable Lock office doors Place server(s) in locked room Physically secure all devices Desktops Laptops Handhelds On 7/7/07, <NAME PROTECTED> <EMAIL PROTECTED> wrote: SUBJECT: Stolen Server One of my clients is a law firm… on the 4th of July, someone broke into their office and stole the server as well as all of their computers. Luckily they had a good backup plan, so they didn't lose any data from the server.
Avoid Security Through Obscurity
Avoid Security Through Obscurity US $39, getaheadcase.com
We May Be the Weakest Link ~12,000 laptops LOST each week at U.S. airports Only 1/3d Recovered Airport Insecurity: The Case of Missing & Lost Laptops, Ponemon Institute, 2008
Risk Assessment Checklist  Unintended Portability  Defend Against Attacks  Review defaults  Passwords  Harden your defenses
Review Defaults Network hardware Internet Passwords What’s Shared What’s Broadcasting Passwords Passwords Add Security Change Name
Passwords Lots and lots of passwords E-commerce and banking Web sites E-mail accounts in your firm and on the Web To access your phone, your laptop, Windows Make them complex Make them unique Test them Write them down
Passwords Most popular password? 123456 Try for eight characters or more Use a site like Passwordmeter.com to get tips Ideal password is random – good luck with that Start with something you can recall Weak 15%: commonlaw Better 70%: C0mm0nl&w Best 92%: C03m0nL&w
Passwords Know where your passwords are Gawker Media hacked December 12, 2010 200,000 passwords cracked immediately 1,958 used password 681 used qwerty Other popular: 123456, 12345678, abc123 Exploit A Exploit B Exploit C Password A Gawker.com Passwords B/C Twitter.com Campfire.com Passwords D/E/… Other staff Other non-staff
Harden Your Defenses Network hardware Internet Software Anti-virus Anti-malware Browser security Firewall Hardware Firewall Intrusion Detection
Risk Assessment Checklist  Unintended Portability  Defend Against Attacks  Review defaults  Passwords  Harden your defenses  Reduce Your Risk  Encrypt your data  Don’t carry any data you don’t have to  Protect the data you leave behind
Encryption Reduces Impact of Loss “ Client’s notebook PC & removable hard drive were stolen . . . . Hard drive was unencrypted and contained 10+ yrs of personal and business financial data . . . . ” E-mail to Solosez discussion list, November 2009
Encrypt Your Data Partial Disk Full Disk May require you to start the encryption tool Encrypts everything you place in the encrypted volume Can be closed without turning off computer Can be treated as file Starts with computer Encrypts everything whether it needs it or not No user interaction
You Can Take It With You: Don’t! The need for portable media is nearly gone If you have Internet access, use cloud-based file access tools Synchronization ( Dropbox, Sugarsync ) Synchronize files between your computer, their servers, and your other devices Delete a file, and it is deleted from their servers Tonido Creates an encrypted tunnel to your files
Encrypt from End to End https:// http:// Username ********* https://
3 Reasons to Leave Data Behind Storage devices are getting smaller and easy to lose Someone who finds your lost device can almost always recover deleted data from it A laptop traveling in standby or hibernation mode retains your decryption keys in memory
Protect Your Data Back up your data Use a secure online backup like Mozy, Carbonite Use a portable drive that you can physically secure Use preventative measures on handhelds Remote locating apps Remote destruction apps
Risk Assessment Checklist  Unintended Portability  Defend Against Attacks  Review defaults  Passwords  Harden your defenses  Reduce Your Risk  Encrypt your data  Don’t carry any data you don’t have to  Protect the data you leave behind  Manage Your Mobility
“Sharing, Sharing, Sharing”* * Beaver Scouts motto
Manage Your Mobility Disable Bluetooth and wireless antennas when you’re not using them Disable Windows File Sharing Use an encrypted connection AND connect to encrypted resources Baaaaaa….. Firesheep
Risk Assessment Checklist  Unintended Portability  Defend Against Attacks  Review defaults  Passwords  Harden your defenses  Reduce Your Risk  Encrypt your data  Don’t carry any data you don’t have to  Protect the data you leave behind  Manage Your Mobility
Conclusion Maintain control of your data Requires prior planning to prevent loss Requires creating practices to minimize possibility of loss Embrace technology thoughtfully You can be efficient and careful Be aware of where you are and be mindful of what you are doing and sharing
Thank You! David Whelan Manager, Legal InformationThe Law Society of Upper Canada dwhelan@lsuc.on.ca Twitter: @davidpwhelan

Recommandé

Internet Security
Internet SecurityInternet Security
Internet Securitymjelson
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSCamille Hazellie
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Webdpd
 
Hacking
HackingHacking
HackingNishaPariyar
 
Computer Security
Computer SecurityComputer Security
Computer SecurityCristian Mihai
 
Computer safety
Computer safetyComputer safety
Computer safetyacarrizales531
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet SecurityGerard Lamusse
 
Computer security
Computer securityComputer security
Computer securityUniv of Salamanca
 

Recommandé

Internet Security
Internet SecurityInternet Security
Internet Securitymjelson
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSCamille Hazellie
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Webdpd
 
Hacking
HackingHacking
HackingNishaPariyar
 
Computer Security
Computer SecurityComputer Security
Computer SecurityCristian Mihai
 
Computer safety
Computer safetyComputer safety
Computer safetyacarrizales531
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet SecurityGerard Lamusse
 
Computer security
Computer securityComputer security
Computer securityUniv of Salamanca
 
Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protectionsajeena81
 
Cyber security
Cyber securityCyber security
Cyber securityArjun Chetry
 
An Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and LibrariesAn Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and LibrariesBlake Carver
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacycdunk12
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepalICT Frame Magazine Pvt. Ltd.
 
Edu352 week1discussion2technologysafetyoct2011crs
Edu352 week1discussion2technologysafetyoct2011crsEdu352 week1discussion2technologysafetyoct2011crs
Edu352 week1discussion2technologysafetyoct2011crssapphirecrs
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Securitymfaheemakhtar
 
New internet security
New internet securityNew internet security
New internet securityuniversity of mumbai
 
internet security
internet securityinternet security
internet securityCheryl Tanicala-Roldan
 
ASSIST - Fraud Presentation
ASSIST - Fraud PresentationASSIST - Fraud Presentation
ASSIST - Fraud PresentationASSIST ladies networking group
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4leahg118
 
Internet security
Internet securityInternet security
Internet securityrfukunaga
 
Malware
MalwareMalware
MalwareAvani Patel
 
How to make yourself hard to hack! slide share presentation
How to make yourself hard to hack! slide share presentationHow to make yourself hard to hack! slide share presentation
How to make yourself hard to hack! slide share presentationGriffin LaFleur
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Spyware
SpywareSpyware
SpywareAvani Patel
 
Netiquette
NetiquetteNetiquette
Netiquettesajeena81
 
Internet security
Internet securityInternet security
Internet securityat1211
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Computer virus
Computer virusComputer virus
Computer virussajeena81
 
Social media research for litigation
Social media research for litigationSocial media research for litigation
Social media research for litigationDavid Whelan
 
Tips for Better Professional Productivity
Tips for Better Professional ProductivityTips for Better Professional Productivity
Tips for Better Professional ProductivityDavid Whelan
 

Contenu connexe

Tendances

Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protectionsajeena81
 
An Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and LibrariesAn Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and LibrariesBlake Carver
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacycdunk12
 
Edu352 week1discussion2technologysafetyoct2011crs
Edu352 week1discussion2technologysafetyoct2011crsEdu352 week1discussion2technologysafetyoct2011crs
Edu352 week1discussion2technologysafetyoct2011crssapphirecrs
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Securitymfaheemakhtar
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4leahg118
 
Internet security
Internet securityInternet security
Internet securityrfukunaga
 
How to make yourself hard to hack! slide share presentation
How to make yourself hard to hack! slide share presentationHow to make yourself hard to hack! slide share presentation
How to make yourself hard to hack! slide share presentationGriffin LaFleur
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Internet security
Internet securityInternet security
Internet securityat1211
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Computer virus
Computer virusComputer virus
Computer virussajeena81
 

Tendances (20)

Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protection
 
Cyber security
Cyber securityCyber security
Cyber security
 
An Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and LibrariesAn Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and Libraries
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacy
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Edu352 week1discussion2technologysafetyoct2011crs
Edu352 week1discussion2technologysafetyoct2011crsEdu352 week1discussion2technologysafetyoct2011crs
Edu352 week1discussion2technologysafetyoct2011crs
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Security
 
New internet security
New internet securityNew internet security
New internet security
 
internet security
internet securityinternet security
internet security
 
ASSIST - Fraud Presentation
ASSIST - Fraud PresentationASSIST - Fraud Presentation
ASSIST - Fraud Presentation
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
 
Internet security
Internet securityInternet security
Internet security
 
Malware
MalwareMalware
Malware
 
How to make yourself hard to hack! slide share presentation
How to make yourself hard to hack! slide share presentationHow to make yourself hard to hack! slide share presentation
How to make yourself hard to hack! slide share presentation
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)
 
Spyware
SpywareSpyware
Spyware
 
Netiquette
NetiquetteNetiquette
Netiquette
 
Internet security
Internet securityInternet security
Internet security
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Computer virus
Computer virusComputer virus
Computer virus
 

En vedette

Social media research for litigation
Social media research for litigationSocial media research for litigation
Social media research for litigationDavid Whelan
 
Tips for Better Professional Productivity
Tips for Better Professional ProductivityTips for Better Professional Productivity
Tips for Better Professional ProductivityDavid Whelan
 
Confidentiality in a Wired World
Confidentiality in a Wired WorldConfidentiality in a Wired World
Confidentiality in a Wired WorldDavid Whelan
 
Ontario Courthouse Librarians Association: 45 Sites in 45 MInutes
Ontario Courthouse Librarians Association: 45 Sites in 45 MInutesOntario Courthouse Librarians Association: 45 Sites in 45 MInutes
Ontario Courthouse Librarians Association: 45 Sites in 45 MInutesDavid Whelan
 

En vedette (6)

Social media research for litigation
Social media research for litigationSocial media research for litigation
Social media research for litigation
 
Tips for Better Professional Productivity
Tips for Better Professional ProductivityTips for Better Professional Productivity
Tips for Better Professional Productivity
 
Code deontologique
Code deontologiqueCode deontologique
Code deontologique
 
Virtual Migration
Virtual MigrationVirtual Migration
Virtual Migration
 
Confidentiality in a Wired World
Confidentiality in a Wired WorldConfidentiality in a Wired World
Confidentiality in a Wired World
 
Ontario Courthouse Librarians Association: 45 Sites in 45 MInutes
Ontario Courthouse Librarians Association: 45 Sites in 45 MInutesOntario Courthouse Librarians Association: 45 Sites in 45 MInutes
Ontario Courthouse Librarians Association: 45 Sites in 45 MInutes
 

Similaire à Confidentiality in a Digital World

Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygieneEricK Gasana
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyJonathan Bacon
 
Protect Yourself From Internet Pests
Protect Yourself From Internet PestsProtect Yourself From Internet Pests
Protect Yourself From Internet Pestspeterhitch
 
Home and Business Computer Security 2014
Home and Business Computer Security 2014Home and Business Computer Security 2014
Home and Business Computer Security 2014B2BPlanner Ltd.
 
When Worlds Collide: Ethics and Technology for Lawyers
When Worlds Collide: Ethics and Technology for LawyersWhen Worlds Collide: Ethics and Technology for Lawyers
When Worlds Collide: Ethics and Technology for Lawyersrtrautz
 
3e - Computer Crime
3e - Computer Crime3e - Computer Crime
3e - Computer CrimeMISY
 
3e - Security And Privacy
3e - Security And Privacy3e - Security And Privacy
3e - Security And PrivacyMISY
 
Secure Use of IT
Secure Use of ITSecure Use of IT
Secure Use of ITMichael Lew
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet SecurityAshley Zimmerman
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet SecurityJFashant
 
It security,malware,phishing,information theft
It security,malware,phishing,information theftIt security,malware,phishing,information theft
It security,malware,phishing,information theftDeepak John
 
Protecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World SafetyProtecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World SafetyAEGILITY
 
Hack attack: Computer safety 101 for water utilities - v.06
Hack attack: Computer safety 101 for water utilities - v.06Hack attack: Computer safety 101 for water utilities - v.06
Hack attack: Computer safety 101 for water utilities - v.06Brian Gongol
 
Securing, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-HSecuring, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-Hjmoore55
 

Similaire à Confidentiality in a Digital World (20)

Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygiene
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and Privacy
 
Protect Yourself From Internet Pests
Protect Yourself From Internet PestsProtect Yourself From Internet Pests
Protect Yourself From Internet Pests
 
information security and backup system
information security and backup systeminformation security and backup system
information security and backup system
 
Home and Business Computer Security 2014
Home and Business Computer Security 2014Home and Business Computer Security 2014
Home and Business Computer Security 2014
 
When Worlds Collide: Ethics and Technology for Lawyers
When Worlds Collide: Ethics and Technology for LawyersWhen Worlds Collide: Ethics and Technology for Lawyers
When Worlds Collide: Ethics and Technology for Lawyers
 
3e - Computer Crime
3e - Computer Crime3e - Computer Crime
3e - Computer Crime
 
3e - Security And Privacy
3e - Security And Privacy3e - Security And Privacy
3e - Security And Privacy
 
Secure Use of IT
Secure Use of ITSecure Use of IT
Secure Use of IT
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
It security,malware,phishing,information theft
It security,malware,phishing,information theftIt security,malware,phishing,information theft
It security,malware,phishing,information theft
 
Protecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World SafetyProtecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World Safety
 
Hack attack: Computer safety 101 for water utilities - v.06
Hack attack: Computer safety 101 for water utilities - v.06Hack attack: Computer safety 101 for water utilities - v.06
Hack attack: Computer safety 101 for water utilities - v.06
 
Securing, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-HSecuring, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-H
 
ICT Security.pdf
ICT Security.pdfICT Security.pdf
ICT Security.pdf
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 

Confidentiality in a Digital World

  • 1. Confidentiality in a Digital World David Whelan, Manager, Legal InformationThe Law Society of Upper Canada
  • 3. Risk Exists Without Technology
  • 4. Risk Exists Without Technology
  • 5. Risk Exists Without Technology
  • 6. Risk Exists Without Technology “ I'm in a Starbucks & bunch of lawyers are talking about a client's email trail problem: clearly see their own speech trail as no problem ” - from Twitter April 29, 2010
  • 8. Laptops and Mobile Devices 2009 ABA Legal Technology Survey Report
  • 10. Risk Assessment Checklist  Unintended Portability
  • 11. Assume Everything is Portable Lock office doors Place server(s) in locked room Physically secure all devices Desktops Laptops Handhelds On 7/7/07, <NAME PROTECTED> <EMAIL PROTECTED> wrote: SUBJECT: Stolen Server One of my clients is a law firm… on the 4th of July, someone broke into their office and stole the server as well as all of their computers. Luckily they had a good backup plan, so they didn't lose any data from the server.
  • 13. Avoid Security Through Obscurity US $39, getaheadcase.com
  • 14. We May Be the Weakest Link ~12,000 laptops LOST each week at U.S. airports Only 1/3d Recovered Airport Insecurity: The Case of Missing & Lost Laptops, Ponemon Institute, 2008
  • 15. Risk Assessment Checklist  Unintended Portability  Defend Against Attacks  Review defaults  Passwords  Harden your defenses
  • 16. Review Defaults Network hardware Internet Passwords What’s Shared What’s Broadcasting Passwords Passwords Add Security Change Name
  • 17. Passwords Lots and lots of passwords E-commerce and banking Web sites E-mail accounts in your firm and on the Web To access your phone, your laptop, Windows Make them complex Make them unique Test them Write them down
  • 18. Passwords Most popular password? 123456 Try for eight characters or more Use a site like Passwordmeter.com to get tips Ideal password is random – good luck with that Start with something you can recall Weak 15%: commonlaw Better 70%: C0mm0nl&w Best 92%: C03m0nL&w
  • 19. Passwords Know where your passwords are Gawker Media hacked December 12, 2010 200,000 passwords cracked immediately 1,958 used password 681 used qwerty Other popular: 123456, 12345678, abc123 Exploit A Exploit B Exploit C Password A Gawker.com Passwords B/C Twitter.com Campfire.com Passwords D/E/… Other staff Other non-staff
  • 20. Harden Your Defenses Network hardware Internet Software Anti-virus Anti-malware Browser security Firewall Hardware Firewall Intrusion Detection
  • 21. Risk Assessment Checklist  Unintended Portability  Defend Against Attacks  Review defaults  Passwords  Harden your defenses  Reduce Your Risk  Encrypt your data  Don’t carry any data you don’t have to  Protect the data you leave behind
  • 22. Encryption Reduces Impact of Loss “ Client’s notebook PC & removable hard drive were stolen . . . . Hard drive was unencrypted and contained 10+ yrs of personal and business financial data . . . . ” E-mail to Solosez discussion list, November 2009
  • 23. Encrypt Your Data Partial Disk Full Disk May require you to start the encryption tool Encrypts everything you place in the encrypted volume Can be closed without turning off computer Can be treated as file Starts with computer Encrypts everything whether it needs it or not No user interaction
  • 24. You Can Take It With You: Don’t! The need for portable media is nearly gone If you have Internet access, use cloud-based file access tools Synchronization ( Dropbox, Sugarsync ) Synchronize files between your computer, their servers, and your other devices Delete a file, and it is deleted from their servers Tonido Creates an encrypted tunnel to your files
  • 25. Encrypt from End to End https:// http:// Username ********* https://
  • 26. 3 Reasons to Leave Data Behind Storage devices are getting smaller and easy to lose Someone who finds your lost device can almost always recover deleted data from it A laptop traveling in standby or hibernation mode retains your decryption keys in memory
  • 27. Protect Your Data Back up your data Use a secure online backup like Mozy, Carbonite Use a portable drive that you can physically secure Use preventative measures on handhelds Remote locating apps Remote destruction apps
  • 28. Risk Assessment Checklist  Unintended Portability  Defend Against Attacks  Review defaults  Passwords  Harden your defenses  Reduce Your Risk  Encrypt your data  Don’t carry any data you don’t have to  Protect the data you leave behind  Manage Your Mobility
  • 29. “Sharing, Sharing, Sharing”* * Beaver Scouts motto
  • 30. Manage Your Mobility Disable Bluetooth and wireless antennas when you’re not using them Disable Windows File Sharing Use an encrypted connection AND connect to encrypted resources Baaaaaa….. Firesheep
  • 31. Risk Assessment Checklist  Unintended Portability  Defend Against Attacks  Review defaults  Passwords  Harden your defenses  Reduce Your Risk  Encrypt your data  Don’t carry any data you don’t have to  Protect the data you leave behind  Manage Your Mobility
  • 32. Conclusion Maintain control of your data Requires prior planning to prevent loss Requires creating practices to minimize possibility of loss Embrace technology thoughtfully You can be efficient and careful Be aware of where you are and be mindful of what you are doing and sharing
  • 33. Thank You! David Whelan Manager, Legal InformationThe Law Society of Upper Canada dwhelan@lsuc.on.ca Twitter: @davidpwhelan