In early July, my husband and I took a road trip to Cleveland to check off a very pressing item on my lengthy bucket list – to see the A Christmas Story House and Museum. Many have seen this film during its annual 24-hour Christmas marathon (“You’ll shoot your eye out, kid!”), but few are aware that they can tour the house that once functioned as Ralphie Parker’s home (at least for the external shots) almost any day of the year! There were a lot of interesting things to see in the museum – but (never too far from my IG brain), one of the most fascinating was the security “program” they used while filming the movie. As you can see from the image to the left, a simple Christmas tree button was the primary source of identification – and access – to the set of what would become one of the most widely-known holiday shows in history.
Security programs have, of course, progressed quite a bit over the past three decades, and are still evolving – especially within the legal industry. As data regulatory requirements become stricter, and clients are more concerned with how outside counsel manages their data, many firms are struggling with how to modify their security structure so as to maintain compliance with such requirements, while at the same time not hindering the attorney’s ability to work. Law firms must consider who will be responsible for applying security, how the security will be applied (e.g., what application to use), and how broad the security change will be within their environment. Additionally, there is a significant cultural impact to any firm undergoing such an initiative – and thus proper communication, training, and change management are critical to the ultimate outcome.
The Transitioning from an Open Environment to a Closed Environment Task Force Report addresses many of these concerns. As the task force discussed the topic – both internally, as well as with others during the LFIG (Law Firm Information Governance) symposium – it was clear that there may never be a “one size fits all” approach to addressing this challenge. However, we were able to identify several leading practices (it was suggested that it may be too early in the process to call them “best”) that a firm may consider when implementing stricter data security within their own environment.
Like Ralphie’s quest for his Red Ryder BB Gun, transitioning from an open to closed environment will require a lot of planning, communicating, and perseverance – and, of course, addressing those who don’t believe it is a wise choice (“You’ll shoot your eye out, kid!”). In the end, however, law firms can reap the rewards of better compliance, happier clients, and a more secure environment in which to do their work.
Looking for more information on leading practices for IG in law firms? Here are a few other Law Firm Information Governance Symposium reports: