Monthly Archives: January 2015

Time for….Secure Cloud Backups by David Bilinsky

One of the major themes of the Predictions for the Legal Profession for 2015  – Part 1 and Part 2 from the 25 thoughtful contributors was the increasing focus on security for law firms for 2015.  Perhaps Sharon Nelson, a lawyer and President of Sensi Enterprises Inc, a digital forensics, information security and information technology firm in Fairfax Virginia,  put it best when she said:

“Cybersecurity is now universally the chief worry of large firms. We have already concluded that we cannot keep determined intruders out. “

 I am aware of several law firms that have been hit by the Crypolocker or Cryptowall ransomware malware.  These ransom Trojans enter your system and begin stealthily encrypting all files that they can locate.   Finally one day you enter your office only to be met with a message similar to this on your screen:

The ransomware then demands payment to de-encrypt your files in Bitcoin within a very short time frame (too short to use brute force attacks to break the encryption) and if payment is not made within this time frame, it vanishes from your system – leaving your files fully encrypted.

PCWorld stated, quoting CTU Reseachers:

“Between mid-March and August 24, 2014, nearly 625,000 systems were infected with CryptoWall,” the CTU researchers said. “In that same timeframe, CryptoWall encrypted more than 5.25 billion files.”

The largest number of infected systems were located in the United States—253,521 or 40.6 percent of the total. The next most affected countries were Vietnam with 66,590 infections, the U.K. with 40,258, Canada with 32,579 and India with 22,582.

How does it enter into your system? Typically these Trojans enter by way of an attachment to an email message that appears to be sent by a legitimate company.  It is a disguised executable file and it installs itself and adds a key to a Windows computer that causes it to run on startup.  From here it contacts one of many command and control servers that generate a very large encryption key pair.  The public key is sent to the infected computer and uses these keys to encrypt as many local and networked files that it can find (per Wikipedia:  https://en.wikipedia.org/wiki/CryptoLocker).

The firms that do not pay the ransom gave up on their data or –  the fortunate ones – were able to restore their system from a cloud-based backup that was not attacked by the Trojan.

Accordingly, we can learn from someone’s unfortunate experience by creating a backup that (we hope!) will be immune from such ransom exploits.

How have the firms done this that survived the attack?

They had cloud-based backups that were not continually connected to the office servers.  In other words, they made periodic backups that were ‘versioned’ and as such, the firm was able to go back to a date prior to the infection and at least restore their data as of that date.

It may have been of assistance that the files were also stored in encrypted format by the cloud backup service.  If the files are not of a format recognized by the ransomware, they are not encrypted.  Furthermore the cloud-based backup was not recognized by the ransom Trojan.

One cloud storage and backup service that may protect your files against such a threat is Spideroak (note that we say may protect – we make no assurances in this regard and each reader is recommended to check with their IT and security expert to determine how best to guard their systems against these threats).

Spideroak (https://spideroak.com) is a zero-knowledge backup and storage service.  That means that the Spideroak servers never know the plaintext contents of the data you are storing (most importantly they are not stored in Word or other common formats!). Furthermore only you have the key to de-encrypt your data (you can’t ask Spideroak to reset or provide this for you..they don’t know it) and they don’t know your password either.  They can’t reset that for you, either.

These days, when it comes to your precious law firm data, it is reassuring to know that at least someone has your back.

The Rural Lawyer – New Year’s Goals

To be perfectly frank, I stink at New Year’s resolutions. While my intentions are admirable, most of my resolutions seldom make it past mid January, early February at the latest. So this year, I’m resolving to avoid resolutions altogether and in their place try goal-setting instead. The cool thing is that there is some tech for that — granted it’s a analog device that Buddhists have been using for some 400-odd years, but I have no doubt that someday soon there will be an app for that.  It’s called the Bhavacakra (“wheel of life”) and it is a framework for laying out goals.

Step 1 – Identify the important stuff. Thing big picture; what are the 8 things you’d like to tackle this year. If you need some help coming up with ideas – one version of a Bhavacakra is pictured below. Think of these big picture items as forming the rim of the wheel.

wheel

Step 2 – Create a few aspirations to go under these big picture categories. Aspirations are your answers to questions like: I want to develop more…, I want to learn…, I want to try to… There should be at least one aspiration for each of your big picture items – but a many to one mapping works too, just remember not to bite off more than you can chew, after all you only have 365 days to work with. For our example, aspirations might be “I want to develop more clients” which maps to “marketing”, or “I want to be more mindful in my practice” which maps to “health”.  These form the spokes of the wheel and are usually where most New Year’s resolution stop.

Step 3 – Develop measurable, manageable goals with timelines that will meet each of your aspirations. These fill the sections of the wheels.  Goals need to be measurable so you can track your progress, need to be manageable so you don’t get overwhelmed and they should have a time line so there is an impetus to stay on track. The more specific you can make your goals, the better; details are things that can be tracked, measured and managed

The only thing left is to left to do is to execute your goals and the best way to do that is to find away to keep yourself accountable for them. This can range from blogging about your progress to finding an accountablity partner – someone to check in with on a regular basis and who’ll help keep you on track. The key is to find a process you are comfortable with and to go with it. Personally, I use a system of rewards to keep me on track (meet a milestone, get a treat – I find old Scotch and fine chocolate work well as). It’s basically operant conditioning without the electroshocks. If you want a bet of a technological edge, there are goal tracking apps out there; topping my list are Joe’s Goals, Mindbloom’s Life Game, Goalscape, Lifetick, and Milestone Planner. I would note that most of these could double as project management software as well, so while you are on the road to personal improvement, your practice could become more efficient as well – what a great twofer.

So, here’s to a new year and success in achieving your goals.

Bruce M. Cameron Having decided that going to law school and opening a solo law practice would be a sufficient response to the male midlife crisis, Bruce now practices Collaborative Family Law and Estate Planning in rural Minnesota. When not in the law office, he can be found on his small farm where he and his wife are at the beck and call of a herd of horses, a couple of cats, a few dogs and one extremely spoiled parrot. http://www.rurallawyer.com

 

 

David A. Moore

3 Methods For A Most Productive Year by David A. Moore

How many productivity and goal setting articles can you read at this time of year? Just so many right? And then it becomes redundant and you realize you are just procrastinating. You’re 1) not being productive, and 2) you’re not goal setting, you’re dreaming.

I’m a world-class procrastinator. I mean black belt level. Think Bruce Lee of procrastination. But somehow I’m a productive procrastinator. You might be one of those too.

As you kick off the New Year, you are probably setting goals for the growth of your practice as well as personal growth. Productivity can play a key role in helping you accomplish both of these goals. A simple example would be if you were highly productive during your work day, you might be able to get out of the office to meet more prospective clients or referral sources AND be home at a reasonable hour to have more family time.

So let’s look at some goal setting methods that can help:

Goal Setting Methods

Google “Goal Setting” and you’ll have 27.9 million results to keep you busy. Most of us don’t have a problem “setting” goals. The biggest problem is trying to tackle too much. We always think we can do more than we actually can OR we choose conflicting goals (i.e. make partner at the law firm versus spend more time with the family).

Below I highlight three methods (books) to help in your goal setting:

  • Zig Ziglar’s Pick Four: Selected by Seth Godin as part of The Domino Project this is an extremely helpful guidebook based the goal setting principles laid out by Zig.  The concept is simple. You pick four major goals and are taken step-by-step on a 12-week journey toward achievement. You review goals daily and must record what you have done to advance. If nothing, you must write “nothing” which means you must pay attention.
  • Getting Results the Agile Way: This book/methodology is a productivity system itself. The team at AsianEfficiency.com has done a great job of walking you through many of the “12 Core Practices.” The book is written by J.D. Meier who was a project manager at Microsoft. It would be nearly impossible to digest and implement all of the techniques simultaneously. But…the RULE OF 3 is mission critical. The idea of focusing on three major yearly goals, three monthly goals, three weekly goals, and three daily goals, all supposedly supporting one another, is one of my favorites.
  • Chris Brogan 3 Words – Chris Brogan is a mega-personality in the online world and has been for years. For several years I have received his “My 3 Words for (enter year)” email and linked post. The concept is very simple and very zen-like. It’s an exercise where you pick three words that help you focus on your annual goals and filter your daily activities. For example, last year one of my words was “EARLY.” This was to remind me that I had a goal of getting up at 5:30 a.m. But this also helped me accomplish a fitness goal of getting to the gym first thing in the morning. This, ALSO, helped my wife start working out with me, which we found out we both enjoy that time together. So instead of picking a word like “Workout” or “Fitness” a broader word like “EARLY” accomplished many things in many areas. You get the idea?

There you have it. Together, we can make 2015 a productive and profitable year!

David A. Moore is the owner of APG:Legal, a division of Advantage Print Group, a full-service print and marketing services provider to solo, small and mid-sized legal firms. David
helps firms automate the order process, increase efficiency and eliminate mistakes.