logo

Free Trial
  • About
    • About Us
    • Industry Guides
    • Watch Our Story
    • Customer Success Stories
    • Contact Us
  • Solutions
    • Redaction
    • Finding Documents
    • Recipient Checking
    • Manage Metadata
    • Document Comparison
    • Document Bundling
    • OCR for Dropbox
    • Legal Software
    • Accounting Software
    • Mimecast
  • Products
      • veroDocs
      • cleanDocs
      • cleanDocs Server
      • compareDocs
      • compareDocs Cloud
      • pdfDocs
      • pdfDocs Binder
      • contentCrawler
      • contentCrawler Cloud
  • Developers
    • compareDocs SDK
    • compareDocs Cloud API
  • Integrations
    • iManage
    • NetDocuments
    • OpenText
    • SharePoint
    • Worldox
    • Other Integrations
  • News
    • Press Releases
    • Events and Webinars
    • Our Blog
    • Infographics
    • Customer Success Stories
    • Industry Guides
    DocsCorp compareDocs Virtual User Group Meeting - Americas DocsCorp compareDocs User Group Meeting - Americas Weathering the Storm | DocsCorp CEO Dean Sappey Reflects on a Year Like No Other Weathering the Storm | DocsCorp CEO Dean Sappey Reflects on a Year Like No Other
  • Support
    • Customer Support
    • Client Portal
    • myDocsCorp
    • Credit Card Payments
    • eLearning
    • Training Partners
    • Quick Training Guides
    • Product FAQs
  • Partners
    • Become a Partner
    • Find a Partner
    • Training Partners
    • Partner Portal
  • Buy
    • cleanDocs
    • compareDocs
    • pdfDocs


DOWNLOAD THE PDF

How an ISO 27001 certified law firm manages the risk of data breaches

The Business Need

  • Safeguard against email data breaches, since they would undermine compliance with industry regulations
  • Show regulatory bodies and clients ByrneWallace had forced attachment encryption if an email was sent to the incorrect recipient
  • Prompt users to confirm email recipients are correct, so information is only ever sent to the right person
  • Clean metadata in order to stop inadvertent leaks of sensitive and personal data
  • Force password protection on attachments to protect confidential information
  • Maintain efficiency and speed in emailing with minimal pop-ups and interruptions to the end user
  • Integration with iManage for simpler metadata cleaning workflows

About ByrneWallace

ByrneWallace is a top-tier law firm with over 40 years of history. With a large team of over 300 professionals, including 46 experienced partners, ByrneWallace is renowned for its expertise and promotion of clients’ interests. The firm was awarded the Chambers Europe Ireland Clients Service Award 2017 and the Irish Law Awards Excellence in Client Service Award 2018. ByrneWallace is the only Top 10 law firm in Ireland with Lexcel accreditation and in 2016 became the first Irish law firm to achieve ISO 27001:2013 certification.

About ISO 27001 certification

To comply with the ISO 27001 information security standard, firms must implement and maintain a cohesive set of security controls that cover much more than just IT. These systems must address risks, threats, vulnerabilities, and impacts on a firm’s information security. In 2016 ByrneWallace became the first large firm in Ireland to have ISO 27001 certification. For certification to be given, ByrneWallace had to implement an overarching review and management process designed to address security needs on an on-going basis. In other words, it had to implement much more than quick band-aid fixes. Risk must be managed daily.

About GDPR compliance

The GDPR is the largest and most significant change to European data protection laws in the last 20 years. It requires organizations that store, manage, and use the personal data of European citizens to keep it safe from external attacks, internal threats, and accidental leaks.

Managing the risk of email data breaches

Human error is the biggest risk to information security at any firm. Mistakes like sending an email to the wrong person are the leading source of data breaches according to reports from the Information Commissioner’s Office (ICO) – the body responsible for administering the GDPR.

It’s not only who you’re sending an email to that can cause a breach. It’s also what you send. Document metadata – hidden information that can reveal a person’s identity – must be cleaned from email attachments to safeguard it against being discovered by the recipient.

John Kelly, Head of IT at ByrneWallace, explained that “metadata was always something that was discussed and always something on our radar. And then, with ISO 27001 and the GDPR in effect, we decided to actively do something about the potential it had to cause an accidental data breach.”

To keep information security at the required level for ISO 27001 certification and GDPR compliance, John described how the firm looked for a technology solution that would “prompt users to check email recipients, force password encryption and strip metadata.”

Choosing the right solution

John explained that when it came time to find a solution that would tick all the boxes, he consulted his network. “In Ireland, there is a small community of IT Trainers from top-tier law firms who meet once a quarter to compare and discuss the technology being used at their firms.” The IT Trainers would return to their firms, continued John, “and say ‘Such and such is using this product and it’s fantastic, or this other firm is using another product and doesn’t like it.” ByrneWallace’s IT Trainer discussed the available solutions with this community and, based on their feedback, decided to trial cleanDocs.

Integration with iManage, the firm’s document management system, was also an important factor in the product selection process. John said that “because of the integration with iManage, cleanDocs ultimately seemed like the best fit for us when comparing it to other products.”

ByrneWallace trialed cleanDocs with a department that handled especially sensitive personal data. “Our initial requirements when looking for a solution were recipient checking, metadata cleaning and forced password protection. cleanDocs does all three.” Members of the pilot group gave positive feedback, and cleanDocs was deployed firmwide.

“With cleanDocs, staff can check the recipients for external or public domains and see color-coded warnings, which helps them to manage risk.” On the same screen where recipients are confirmed users can clean attachments of more than 100 types of metadata. Then, they can action a series of time-saving tasks like renaming attachments, converting to Secure PDF or PDF/A, or adding password protection.

John explained that though some users were hesitant at adding a step to their email workflow, “they understand the reason we have cleanDocs and, overall, they are very happy with the product.”

The firm’s management – largely responsible for safeguarding its ISO 27001 accreditation – is also pleased with how cleanDocs is helping staff minimize risk. “After seeing how cleanDocs worked, our stakeholders didn’t have any concerns about it being rolled out to staff. It was welcomed as another layer of protection against data breaches.”

Summary

cleanDocs is tightly integrated with ByrneWallace’s email program, and its iManage document management system to ensure sensitive information is protected from the most common data breaches. Staff use email recipient checking technology to ensure sensitive information isn’t sent to the wrong person, and metadata cleaning to stop accidental information leaks by reminding users to remove it before files are sent or shared.

Since sensitive information is safeguarded and shielded from the most significant security risks, ByrneWallace is upholding their commitment to ISO 27001 certification and GDPR compliance.

When asked what advice he would give other firms when it came to keeping data safe, John recommended “implementing products like cleanDocs alongside continual education for staff on the risks of data breaches and how best to manage them.”

DOWNLOAD THE PDF

  • How MacRoberts simplified software management with DocsCorp
  • Madgwicks Lawyers increases productivity using a PDF editor with iManage integration
  • How DocsCorp and SeeUnity delivered a joint solution that cleans documents of metadata as they sync between systems
  • DocsCorp and Morae’s Phoenix Business Solutions: a partnership based on teamwork and trust
  • How Delphi uses technology from DocsCorp to minimize human error
  • How award-winning Benelux law firm Stibbe uses DocsCorp solutions for core legal workflows
  • How Stibbe used contentCrawler to index 28 million documents and emails for its enterprise search engine
  • Automating electronic binder production boosted productivity and morale at this leading Australian law firm
  • How U.S. law firm Taft eliminated licensing and performance issues when it switched to compareDocs for document comparison
  • How contentCrawler improves the user experience of searching in Microsoft SharePoint
  • An IT Infrastructure Manager explains how simple it was to manage compareDocs during a merger and Office 365 update
  • How confidence was restored in core applications like metadata cleaning and document comparison at UK firm Hempsons
  • How Top U.S. firm Shook, Hardy & Bacon automated OCR, resulting in more litigation items being filed in less time
  • How UK Top 100 Firm Winckworth Sherwood strengthened data protection for GDPR compliance
  • How DBL Law converts image files to searchable PDFs using batch OCR processing
  • How this insurance broker slashed paper usage with document comparison software
  • How Simpson Grierson found a better alternative for document comparison
  • How a PDF binder solution gave Simpson Grierson a competitive edge on billable hours, and their clients an even better experience
  • Preparing for changes to data privacy regulations: How Simpson Grierson improved and streamlined its metadata cleaning
  • A regulatory body in Australia’s legal industry reduces production costs for mandatory paperless Court Briefs by 84%
  • How an ISO 27001 certified law firm manages the risk of data breaches
  • Four solutions, one firm: How ByrneWallace uses the DocsCorp productivity suite
  • How Mobile Helix used compareDocs SDK to provide accurate document comparison in the LINK App for Lawyers
  • Seddons uses cleanDocs and contentCrawler to support their GDPR compliance goals
  • cleanDocs helps DBL Law protect against accidental data leaks
  • contentCrawler helps minimize the number of hidden files in Makinson d'Apice DMS
  • contentCrawler changed Becker & Poliakoff's OCR workflow from four steps to one

NEWS IN YOUR INBOX

Home
  • About DocsCorp
  • Disclaimer
  • Privacy Policy
  • GDPR Policy
  • Data Security
  • Accreditations
  • Service Level Agreement
  • Human Rights Policy
  • Anti-Slavery and Human Trafficking Policy
  • Anti-Bribery and Corruption Policy
  • COVID-19 Statement
Products
  • pdfDocs
  • pdfDocs Binder
  • compareDocs
  • compareDocs Cloud
  • compareDocs SDK
  • cleanDocs
  • cleanDocs Server
  • contentCrawler
  • contentCrawler Cloud
News
  • Press Releases
  • Events/Webinars
  • Industry Guides
  • Case Studies
  • Blog Posts
  • Infographics
  • Watch Our Story
myDocsCorp
  • Support login
  • Pay2Go
  • myDocsCorp
  • Training directory
  • Customer Support
  • Product FAQs
  • Find a partner
  • Contact us
  • blog
  • linkedin
  • twitter
  • facebook
logo

© Copyright DocsCorp 2021 - All rights reserved.