Security and confidentiality are paramount in legal matters. Even if a case matter has no protective order or confidential designation, you don’t want your clients’ information compromised in any way. It is a non-negotiable that your court reporting agency keeps your information and your clients’ information private. Remote platforms, repositories, sharing software, etc., need to be secure. Your agency should be completely transparent about security measures in place, including encryption, host platforms and the like.
Think about the most confidential files in your intellectual property matter, for example. Where would they be most vulnerable? The court reporting agency’s repository hosts all the transcripts, videos, and exhibits for every deposition and possibly through the trial. Additionally, if you are using their exhibit sharing platform, you must consider how secure that platform is, as sensitive documents containing proprietary information and even source code will be stored in and shared through the program. The dark world of virtual theft has become more and more sophisticated. Ransomware attacks have increased dramatically in the last two years, and law firms have become a target for these nefarious agents. It is more important than ever to scrutinize the security practices of your court reporting agency. All hosting platforms must have ironclad impenetrability.
What security measures should you look for? These are crucial:
- Strong password policies
- Multi-factor authentication
- Protective order compliance
What is encryption? Encryption converts data into a code for the purpose of prohibiting unauthorized access. You want your files protected in this manner when they are being emailed and when they are in virtual storage. Look for 256-bit AES (Advanced Encryption Standard) Encryption, which ensures high security. AES is fast, flexible, and safe. 256-bit AES is considered “military grade” encryption and is adopted by the U.S. government and other intelligence organizations worldwide. It is used in many applications as well, including VPNs (Virtual Private Network, an encrypted connection from a device to a network), enormously important in security. Are files encrypted both in transit and at rest? The answer should be yes. You want all your information fully protected.
How are the password policies? It is possible to create a strong password on your own initiative, but are you forced to create a strong password by their policy? The court reporting firm needs to prioritize security, and this will be reflected in how difficult they make it to unlock your login.
- How many characters are required?
- Do you have to include a number and special character?
- Do you need both upper- and lower-case letters in your password?
- How often do you need to update your password?
A good rule of thumb, password requirements should encompass the following:
- At least eight (8) characters
- At least one upper case letter
- At least one lower case letter
- At least one special character
- At least one numerical value
The more complex your password, the better. You should update your password periodically. Companies serious about protecting information have protocols prompting regular password updates. Planet Depos has written some helpful tips for creating solid passwords.
Multi-factor authentication gives your password extra teeth. Multi-factor authentication is sometimes referred to as two-step verification. In addition to the username and password, you need a second method to prove you are the person authorized to access the account. The initial factor is your username/password combination – something you know. The additional factor is something you have – your smartphone, for example, or an email account. When you correctly input the username and password, you’ll get a text or email with a code for you to enter, and only then can you access the account. Multi-factor authentication makes it more difficult for someone to break into your account, unless they have access to your second method of verification such as your cell phone or email. Multi-factor authentication is often only enabled for the first time you sign into an account from a new device, which you can then register to be recognized by the account in question.
The protective order is top priority. You want the order signed by all applicable parties and returned to you as quickly as possible. The order should be plainly followed, with correct designations used, and all emails appropriately labeled, transcripts redacted as needed, etc. If files need to be destroyed in the future, you should receive a response from the case manager immediately confirming receipt of the instructions, and notification when all files – transcript, video, exhibits, correspondence, and any other materials listed in the order – have been destroyed.
Security is crucial to your clients and must be strict throughout the duration of the case. All case information is valuable to your client, much of it very sensitive as well, so you need to review the systems and procedures that will be safeguarding that information. In this age of so much remote litigation, stronger infrastructure and protocols have evolved to add an extra layer of security.
Planet Depos has been supporting remote litigation with best-in-class court reporting all around the world for over a decade. Whether remote or in person, big or small case, PD reporters have the knowledge, experience, and technology to make it happen, while keeping all records safe and secure. For more tips on court reporting, remote depositions, and more, check out the PD blog. To schedule your next proceeding, contact Planet Depos at firstname.lastname@example.org or schedule online.