Dennis Kennedy

Technology Law and Legal Technology. Dennis Kennedy is one of the few technology lawyers who is also an expert on the underlying technologies. Dennis an award-winning leader in the application of technology and the Internet to the practice of law. gives you access to a wide variety of Dennis Kennedy's resources on legal technology, his writings, his well-known blog, DennisKennedy.Blog, and information about how you can have Dennis speak to your organization or group.

Dennis Kennedy is one of the most knowledgeable legal technologists you will find. - Michael Arkfeld.

Dennis Kennedy, a lawyer and legal technology expert in St. Louis, Mo., has been a significant influence in the ever-evolving relationship between lawyers and the Web. - Robert Ambrogi

Old Computer Security Lessons from New Electronic Discovery Stories

Bob Ambrogi does a nice job of summarizing the recent story about issues arising out of Microsoft Outlook, security patches, LexisNexis’s Applied Discovery tools, and the ability to see or not see certain data in certain instances. It’s an important story from a number of angles.
First of all, the response letter of Scott Nagel of Applied Discovery is required reading to provide a context for the story and deserves to be as publicized as the original article. There is a big difference between email that is erased and email that is unseen, but still exists and is easily recoverable. The devil is always in the details.
It’s important to get the full story and all the facts out. Too often, I hear stories about flaws in software programs and it turns out that the real issue is “operator error.” In other cases, there may be problems in the software. In other cases, problems arise because of odd configurations, outdated programs and computers infected with viruses and malware.
I have no basis to form any opinion on this story involving Appllied Discovery and will wait until the investigation concludes before making any judgments. My point in this post lies in a completely different direction than the substance of the Applied Discovery issue.
I do, however, want to make one very important point. As both Nagel and Craig Ball point out, Microsoft released patches for what seems to have caused the glitch or problem perhaps as long ago as in 2004.
With zero day exploits becoming more common, it is just plain crazy for law firms (or anyone else) to be running versions of Windows and Offices that are not current on security patches. As a quick example, read this article I found today called “Hackers hunting for unpatched Microsoft computers.”
In the last week alone, there have been a good number of critical security patches for both Windows and the Mac OS.
If you or your firm is not installing critical security updates, you are not only inviting and begging for attacks, you have also highly increased the odds that your computer has been compromised with malware. Having some apparently readily-resolvable e-discovery problems may be the least of your concerns.
The cavalier approach to security updates referred to in these stories causes me much more concern than the e-discovery angle of the story.
I wrote the concluding chapter to a book on information security from the ABA called “Information Security for Lawyers and Law Firms.” I closed the chapter and the book with this quote from computer expert Fred Langa:

Just as drivers who share the road must also share responsibility for safety, we all now share the same global network, and thus must regard computer security as a necessary social responsibility. To me, anyone unwilling to take simple security precautions is a major, active part of the problem.

I’m not sure how much longer we can tolerate having share the Internet with law firms who are years behind in installing security patches. I’m also finding it difficult to muster much sympathy for them when they run into problems that appear to stem from these lax practices.
Rather than over-focusing on the Applied Discovery story, you might better spend your time with a trip here, after a stop here.
[Originally posted on DennisKennedy.Blog (]
Learn more about electronic discovery at Dennis Kennedy’s Electronic Discovery Resources page.
Technorati tags:

Permalink: Old Computer Security Lessons from New Electronic Discovery Stories

Comments are closed.

Dennis on the Web


Attorney Lawyer website design for Law Firms
Spry New Media Quality custom web site design, development and promotional services for Attorneys and Law Firms.