Law Firms Encryption Use Case

With a view to protecting its information assets, Law Firms and Lawyers want to equip their information system with a solution that would give it visibility over the consumption of their document resources (files and directories). Law Firms have to follow the security prerogatives imposed by the various regulations to which it is subject and carefully monitors the security policies inherited from the solutions it deploys. In order to go one step further, Law Firms wish to gain control and visibility over their unstructured data. Furthermore, Lawyers might have different profiles. Therefore, the encryption of the files, documents must be based on their profiles. Furthermore, certain Lawyers are involved in M&A which will request special attention to the security mechanisms to implement like encryption of critical documents which could lead to the definition of a different level of criticality, confidentiality.

Many law firms use a variety of cloud services to draft or store documents, record or process their bills, or conduct any other professional activities. Even if your firm does not store any data in the cloud, what do you do if a desktop or laptop computer gets stolen or compromised?

By implementing and enforcing an appropriate encryption policy at your law firm, you can help reduce risk and avoid a costly – or even devastating – exposure of your client’s confidential information.

Lawyers are obligated to protect the confidentiality of their client’s data, and law firms have to pay closer attention to confidentiality than the average business. If law firms do not secure their client communications and other data, they could violate the attorney-client privilege, lose clients, be subject to malpractice actions, damage their reputation, and possibly also lose their license to practice law.

Lawyers have a responsibility to take reasonable steps to protect the confidentiality of their client’s data under four primary ABA rules [1]:

  • Rule 1.1, dealing with competence including that associated with technology.
  • Rule 1.4, addressing secure communication
  • Rule 1.6, outlining the duty of confidentiality
  • Rules 5.1-5.3, focusing on lawyer and nonlawyer relationships

As we know there are two types of encryption that firms should pay attention to: encryption in transit and encryption at-rest.

Encryption in transit means the data is only encrypted while being sent from one location to another, such as while being uploaded or sent. If data is not encrypted while being sent, this means anyone can intercept and read potentially sensitive information.

Encryption at rest means data is encrypted while it’s being stored, ensuring that even if there was a data breach, the information would still remain unreadable without the proper authentication.

Consider the use of encryption on the following technology in order to adhere to ABA standards and limit the risk of unauthorized individuals accessing confidential client data.

Active Cypher Solution

The AC solution renders leaked, stolen, or misplaced files useless to the wrong person, which is essential as users continue to store sensitive corporate files in many different locations such as their personal devices, OneDrive, Dropbox, and Google Drive to name a few. AC protects a company’s most important digital assets by ensuring that critical files are not accidentally or purposely compromised.

Utilizing cloud intelligence and all available signals to detect and respond to access anomalies in real-time.

Key benefits include:

  • Activity logging on file servers and endpoints
  • File activity logging with direct query from Analysis Services reporting
  • Geo-Fencing Reporting and Alerts
  • Access to shared files is easily revoked from Dashboards
  • Customer’s Azure Storage, 3rd Party Storage, Private Cloud Storage

Analytical features include:

  • Analysis Reports sharing through Data Guard HTML5 Secure Viewer prevents reporting data from being saved as email attachments
  • Analysis Services is local to Customer’s Tenant and SQL Database
  • Reporting on Attribute Based Access Control, driven by teams, locations, machines, and content including: Indentity & Machine Authorization
Active Cypher graph 1



  • Windows-based servers, workstations, and laptops.
  • Windows Active Directory-based Domain authentication.
  • Single AD Forest configuration.
  • Files stored in networked shared folders, with permissions set by Active Directory (AD).

Network Topography

  • LAN Based network, centralized file storage, AD Domain Access Control.
  • User Workstations are AD Domain joined and authenticated for access to network resources: files, folders, and printers. 

Software Requirements

Servers – Windows Server 2008 R2, 2012, 2016  

Workstations – Windows 10 Professional or Enterprise

File Servers and Workstations – Microsoft.NET Framework 4.7