A recent survey by Brainloop suggests that the legal sector’s most sensitive and confidential data is commonly distributed using insecure methods, with less than one in ten professionals using a business-grade file sharing tool to send classified documents and information to colleagues, it is claimed. Despite confirming that the information shared by legal professionals is often highly sensitive, the majority of respondents also admitted that they have sent documents or information to the wrong recipient in the past.
The survey found that almost half of legal professionals most commonly send and share sensitive data and information over email. Of those questioned, 46pc confirmed that email is the preferred choice for internal sensitive communications, while 42pc said that they would still use email to send sensitive information to clients or business partners.
Other distribution methods highlighted in the survey included USB drives (8pc), consumer-grade file sharing (5pc) and Instant Messaging apps (3pc). Less than a quarter of respondents stated that business-grade file sharing solutions are commonly used for sending sensitive information externally and just one in ten use business-grade file sharing solutions for internal communications of a sensitive nature.
The survey confirmed that the information shared by legal professionals with colleagues and external parties is highly sensitive. Contracts (30pc), personal information (13pc), customer or partner information (12pc) and boardroom documents (12pc) are the most commonly shared items, while the remaining 10pc of shared documents include less-sensitive invoices and other miscellaneous information.
The survey also suggested that three quarters of respondents admit that either they, or a colleague, have sent a document or information to the wrong recipient. A further 5pc indicated that they were not aware if they have done this, while 3pc were not willing to say if they have shared information with the wrong recipient before.
Almost 90pc of survey respondents confirmed that they are aware of the regulations surrounding data protection, file sharing and the exchange of information, including the General Data Protection Regulation. In addition, 84pc of those surveyed confirmed that the loss of confidential information formed part of their firm’s risk management system. However, when it comes to the respondents’ view of broader awareness across the sector, almost one quarter admitted that they felt between “neutral” to “not at all confident” in their organisations’ understanding of these key data protection regulations.
Mark Edge, UK Country Manager at Brainloop, said: “The majority of documents that legal practitioners work on need to be shared with clients and business partners on a day-to-day basis. Added to this is the fact that these documents contain highly sensitive information that must be secured against the threat of malicious hacking, unauthorised views and potential leaks, from both inside and outside of the firm itself. Law firms must ensure that practitioners follow best practices to deal with data and documents in both a secure and compliant manner.”
