did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781590316634

Information Security for Lawyers and Law Firms

by
  • ISBN13:

    9781590316634

  • ISBN10:

    1590316630

  • Format: Paperback
  • Copyright: 2007-04-01
  • Publisher: Natl Book Network
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $79.95
We're Sorry.
No Options Available at This Time.

Summary

Cybercrime, cyber security, and privacy are three legs of a stool and they work interdependently. The ABA's Privacy & Computer Crime Committee has written the International Guide to Combating Cybercrime, International Guide to Cyber Security and International Guide to Privacy with public/private participation from academia, industry, non-profits, attorneys, government officials, and technical experts. These books discuss the practical and global issues associated with privacy, security, and cybercrime. Topics include an exploration of global trends in privacy, jurisdictional differences that thwart investigations and prosecutions, special challenges for developing countries and multinational corporations who are outsourcing, the protection of critical infrastructure, and technical considerations. This comprehensive series will link the various themes together and demonstrate how to create an enterprise security program. Book jacket.

Table of Contents

About the Editors/Authorsp. xiii
Introductionp. 1
Information Security Guidelines for Lawyers and Law Firmsp. 5
Terms and Definitionsp. 9
Information Securityp. 9
Confidentialityp. 10
Authentication and Authorizationp. 11
Integrityp. 11
Availabilityp. 12
Information Security: The Basicsp. 13
Change the @#$%#* "Defaults"!p. 15
Update Your Softwarep. 16
Install and Use Reputable Antivirus Softwarep. 16
Create, Audit, and Enforce Compliance with Security Policiesp. 17
Don't Save Passwords Locallyp. 17
Use the Full Security Capabilities of Your Softwarep. 18
Let No One Else Use Your Computerp. 19
Select Strong Passwordsp. 20
Know Where Your Data Isp. 22
Information Security Legal Principles: The Basicsp. 25
Confidentiality of Client Information Sent by Internet E-mailp. 25
The Duty of Confidentialityp. 25
The Various Consequences of a Breachp. 27
Encryption Technology in Historical Perspectivep. 31
Security Hawks and Dovesp. 32
ABA Formal Opinion No. 99-413p. 33
Where We Go from Herep. 34
Information Security and Legal Practice: Risk Assessmentp. 35
The Nature of Riskp. 35
Risk Assessmentp. 36
Suggested Best Practices for the Process of Law Firm InfoSec Risk Assessmentp. 36
Outputs of the Risk Assessment Processp. 43
Joint Risk Assessment and Risk Responsep. 44
Quantitative and Qualitative Risk Assessmentp. 45
The Nature of the Law Practice: Its Effect on Risk Assessment and Risk Responsep. 48
Physical Securityp. 51
What Is Physical Security?p. 52
Why Is the Physical Security of Your System Important?p. 53
Perimeter Security Considerationsp. 55
Access Controlp. 69
History of Access Controlp. 70
The Taxonomy of Access Controlp. 73
Choices in Identificationp. 75
Choices in Authenticationp. 84
Choices in Authorizationp. 89
Recommendationsp. 90
Conclusionp. 94
Routers and Firewalls: Keeping the Bad Stuff Out and the Good Stuff Inp. 95
Back to Schoolp. 95
Router Equipmentp. 96
Nah, Nah, Nah,...NATp. 97
Any Port in the Stormp. 98
Tiny, Small, Medium, Large, BFRp. 99
Firewallsp. 100
Resourcesp. 103
Security When You Travel and Remote Access to Datap. 105
Remote Accessp. 109
Securing Wireless Networks the Easy Wayp. 113
Plan the LANp. 116
Go the Distancep. 119
Plug and Playp. 120
Beam Me Up, Scottiep. 120
Tighten the Securityp. 121
To Route or Not to Route, That Is the Questionp. 123
White Hat Hacking (Done by the Good Guys!)p. 123
E-mail and Internet Usage Policiesp. 127
The Challengesp. 128
Drafting Policiesp. 133
Implementationp. 136
Monitoring and Policy Enforcement Toolsp. 136
Conclusionp. 140
E-mail Managementp. 143
Protecting Your Inboxp. 144
Choosing the Right E-mail Clientp. 145
E-mail Addresses: Three's the Charmp. 147
Avoiding Spamp. 149
Viruses, Worms, Trojans, and Other Malwarep. 162
Other E-mail Management Considerationsp. 163
Securing Your Documents: Encryption, Digital Signatures, and PDFp. 171
Electronic Document Security Basicsp. 172
Implementing Electronic Document Security Using Adobe PDF Filesp. 175
Document Security in the Legal Settingp. 176
Adobe Acrobat PDF Security (How To)p. 182
PDF Security Resourcesp. 189
Voice Communicationsp. 191
When Is a Phone Just a Phone?p. 191
So What Does All This Have to Do with "Information Security?p. 192
Of Course, If It Isn't the Technology, Then It Might Just Be the Callersp. 195
Viruses, Worms, Trojansp. 197
What They Arep. 198
How They Are Createdp. 199
How They Spreadp. 201
What They Dop. 204
Some Examplesp. 205
Defensesp. 207
Recoveryp. 210
Information Sourcesp. 212
Spywarep. 215
Spywarep. 216
Cookiesp. 224
Metadatap. 231
The Threatp. 233
Options for Protectionp. 234
Incident Response Plansp. 239
Phases of an IRPp. 240
Preparationp. 241
Detectionp. 249
Containmentp. 252
Eradicationp. 254
Recovery and Closurep. 260
Follow-upp. 261
Avoiding Disaster in Your Disaster Recovery Planning and Proceduresp. 263
Nothing Succeeds Like Preparationp. 264
Considering Scenarios: The "Mathematics" of Disaster Recovery Planningp. 265
Putting Together the Plan Documentp. 268
Technology Options for Disaster Recoveryp. 269
The Expanding Notion of "System"p. 273
External Technology Optionsp. 273
Redundancy and Developing a Portfolio of Optionsp. 274
People + Practice = Greater Likelihood of Successp. 277
Putting Together Your Teamp. 279
Practice Makes Things Betterp. 280
Conclusionp. 282
Disaster Recovery and Business Continuity Planningp. 283
Top Legal Concerns in Disaster Recovery Contractsp. 284
Cyberinsurance: Singing in the Rainp. 287
Employee Issues: Training, Termination, Social Engineering, Safe Computing, and Disgruntled Employeesp. 293
Social Engineeringp. 293
Safe Computing: Train, Train, Trainp. 297
The Disgruntled Employeep. 300
Real-Life Nightmaresp. 302
Statisticsp. 303
The Dark Side of Securityp. 304
How to Achieve Security and Sleep at Nightp. 305
Third-Party Service Providersp. 309
What Is an IT Service Provider?p. 310
Can You Use a Third-Party Service Provider?p. 311
Insist on a Contract-A Real Contractp. 314
Confidentiality, Not a Contract, Is Requiredp. 315
When It Comes to Lawyers' Use of IT, Don't Allow Free Agentsp. 318
When to Notify the Clientp. 318
Don't Forget Your Obligations to Your Employeesp. 319
Law Firm Document Retention Policiesp. 321
The False Parable of Arthur Andersenp. 321
Document Retention Policies: Background and Statisticsp. 322
Sarbanes-Oxley Act of 2002p. 325
Who Else Do You Have to Worry About?p. 326
What Are Businesses Doing Wrong?p. 327
Crafting a Document Retention Policyp. 327
Spoliationp. 330
Computer Forensics: Data May Not Go Awayp. 333
The Benefits of DRPsp. 333
What Happens to Your DRP in the Event of Litigation, Actual or Probable?p. 334
Yogi Berra Has the Final Word on DRPsp. 336
Sample Document Retention Policyp. 337
Computer Forensicsp. 341
In the Beginning...p. 341
Why Should You Care?p. 342
Are Your Computers "in Play"?p. 343
The Preservation Processp. 344
It's Over Therep. 346
I Want It All!p. 347
It Costs Too Much!p. 348
How Do They Do That?p. 349
Are We There Yet?p. 352
File Artifactsp. 352
What Can You Get for Me?p. 354
What Can't You Get for Me?p. 358
Will It Ever End?p. 360
A Legal Lifeline: Protecting Your Data in Electronic Discoveryp. 361
The Problemp. 362
Take a Proactive Stance: The Electronic Evidence Protocolp. 362
Designation of Forensic Expert for Acquisitionp. 363
Confidentiality Agreementp. 363
Acquisition Schedulep. 364
Scope of Acquisitionp. 365
Previews of the Evidencep. 366
Forensic Acquisitionp. 367
Scope of Analysisp. 368
Screening for Privilegep. 370
The Special Problems of Law Firmsp. 370
Costsp. 371
Final Thoughtsp. 372
Equipment and Information Disposalp. 373
The Problemp. 374
Solutionsp. 376
Conclusionp. 381
Additional Information Security Resources: Where to Go Online for More Informationp. 383
DNS Stuffp. 384
SC Magazinep. 386
Network Computingp. 387
BugTraqp. 388
Secuniap. 389
Symantecp. 389
McAfeep. 391
Kasperskyp. 391
The Security Portal for Information System Security Professionals (Infosyssec)p. 392
Sophosp. 393
Castlecopsp. 394
Conclusionp. 394
The Future of Information Securityp. 397
Outsourced Security Managementp. 399
Identity Managementp. 400
Regulatory Effortsp. 400
Changing Nature of the Threatsp. 401
Private Internet versus Public Internetp. 402
Adjusting Efforts to Human Behaviorsp. 402
Smart Documents and Just Enough Rightsp. 402
Disaster Recoveryp. 403
Security Auditsp. 403
Security and Core Businessp. 403
Conclusionp. 404
Indexp. 405
Table of Contents provided by Ingram. All Rights Reserved.

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program