Information Security for Lawyers and Law Firms

Paperback (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $4.24
Usually ships in 1-2 business days
(Save 94%)
Other sellers (Paperback)
  • All (6) from $4.24   
  • New (2) from $25.00   
  • Used (4) from $4.24   
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any coupons and promotions
Seller since 2005

Feedback rating:



New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

2006 Softcover 8vo, paperback. NEW. Still in shrinkwrap--never opened, never used. xx, 424 p.

Ships from: Cockeysville, MD

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Seller since 2015

Feedback rating:


Condition: New
Brand New Item.

Ships from: Chatham, NJ

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Page 1 of 1
Showing All
Sort by

More About This Textbook


The book provides sound advice and offers valuable guidelines and assistance to bridge the worlds of law and technology on important information security issues that face the legal professional every day. This essential guide discusses the ethical duties of lawyers relating to securing their electronic information. If you are a small firm it will advise you on how you can have reliable security. If you are a large firm it will help you to decide what information security duties can be delegated. Other topics include, worms, Trojans, spyware, malware, spiders, key loggers and their implications, and whether or not it is safe to use wireless technology for the delivery of legal services.

Read More Show Less

Product Details

  • ISBN-13: 9781590316634
  • Publisher: American Bar Association
  • Publication date: 9/28/2006
  • Edition description: New Edition
  • Pages: 424
  • Product dimensions: 6.14 (w) x 9.15 (h) x 0.91 (d)

Table of Contents

About the Editors/Authors     xiii
Introduction   David K. Isom     1
Information Security Guidelines for Lawyers and Law Firms   Sharon D. Nelson   John W. Simek     5
Terms and Definitions   Charles R. Merrill     9
Information Security     9
Confidentiality     10
Authentication and Authorization     11
Integrity     11
Availability     12
Information Security: The Basics   Anne M. Rogers   David K. Isom     13
Change the @#{dollar}%#* "Defaults"!     15
Update Your Software     16
Install and Use Reputable Antivirus Software     16
Create, Audit, and Enforce Compliance with Security Policies     17
Don't Save Passwords Locally     17
Use the Full Security Capabilities of Your Software     18
Let No One Else Use Your Computer     19
Select Strong Passwords     20
Know Where Your Data Is     22
Information Security Legal Principles: The Basics   Charles R. Merrill     25
Confidentiality of Client Information Sent by Internet E-mail     25
The Duty of Confidentiality     25
TheVarious Consequences of a Breach     27
Encryption Technology in Historical Perspective     31
Security Hawks and Doves     32
ABA Formal Opinion No. 99-413     33
Where We Go from Here     34
Information Security and Legal Practice: Risk Assessment   Patrick Cain   Denley Chew   Charles R. Merrill     35
The Nature of Risk     35
Risk Assessment     36
Suggested Best Practices for the Process of Law Firm InfoSec Risk Assessment     36
Outputs of the Risk Assessment Process     43
Joint Risk Assessment and Risk Response     44
Quantitative and Qualitative Risk Assessment     45
The Nature of the Law Practice: Its Effect on Risk Assessment and Risk Response     48
Physical Security   Michael C. Maschke     51
What Is Physical Security?     52
Why Is the Physical Security of Your System Important?     53
Perimeter Security Considerations     55
Access Control   Arshad Noor   Ariel Peled     69
History of Access Control     70
The Taxonomy of Access Control     73
Choices in Identification     75
Choices in Authentication      84
Choices in Authorization     89
Recommendations     90
Conclusion     94
Routers and Firewalls: Keeping the Bad Stuff Out and the Good Stuff In   Sharon D. Nelson   John W. Simek     95
Back to School     95
Router Equipment     96
Nah, Nah, Nah,...NAT     97
Any Port in the Storm     98
Tiny, Small, Medium, Large, BFR     99
Firewalls     100
Resources     103
Security When You Travel and Remote Access to Data   Anne M. Rogers     105
Remote Access     109
Securing Wireless Networks the Easy Way   Sharon D. Nelson   John W. Simek     113
Plan the LAN     116
Go the Distance     119
Plug and Play     120
Beam Me Up, Scottie     120
Tighten the Security     121
To Route or Not to Route, That Is the Question     123
White Hat Hacking (Done by the Good Guys!)     123
E-mail and Internet Usage Policies   David G. Ries     127
The Challenges     128
Drafting Policies     133
Implementation      136
Monitoring and Policy Enforcement Tools     136
Conclusion     140
E-mail Management   Thomas L. Mighell     143
Protecting Your Inbox     144
Choosing the Right E-mail Client     145
E-mail Addresses: Three's the Charm     147
Avoiding Spam     149
Viruses, Worms, Trojans, and Other Malware     162
Other E-mail Management Considerations     163
Securing Your Documents: Encryption, Digital Signatures, and PDF   David L. Masters     171
Electronic Document Security Basics     172
Implementing Electronic Document Security Using Adobe PDF Files     175
Document Security in the Legal Setting     176
Adobe Acrobat PDF Security (How To)     182
PDF Security Resources     189
Voice Communications   Anne M. Rogers     191
When Is a Phone Just a Phone?     191
So What Does All This Have to Do with "Information Security?     192
Of Course, If It Isn't the Technology, Then It Might Just Be the Callers     195
Viruses, Worms, Trojans   David G. Ries   Christopher Ries     197
What They Are     198
How They Are Created      199
How They Spread     201
What They Do     204
Some Examples     205
Defenses     207
Recovery     210
Information Sources     212
Spyware   Timothy M. Opsitnick     215
Spyware     216
Cookies     224
Metadata   Timothy M. Opsitnick     231
The Threat     233
Options for Protection     234
Incident Response Plans   Dan Pinnington     239
Phases of an IRP     240
Preparation     241
Detection     249
Containment     252
Eradication     254
Recovery and Closure     260
Follow-up     261
Avoiding Disaster in Your Disaster Recovery Planning and Procedures   Dennis Kennedy     263
Nothing Succeeds Like Preparation     264
Considering Scenarios: The "Mathematics" of Disaster Recovery Planning     265
Putting Together the Plan Document     268
Technology Options for Disaster Recovery     269
The Expanding Notion of "System"     273
External Technology Options     273
Redundancy and Developing a Portfolio of Options     274
People + Practice = Greater Likelihood of Success     277
Putting Together Your Team     279
Practice Makes Things Better     280
Conclusion     282
Disaster Recovery and Business Continuity Planning     283
Top Legal Concerns in Disaster Recovery Contracts     284
Cyberinsurance: Singing in the Rain   Sharon D. Nelson   John W. Simek     287
Employee Issues: Training, Termination, Social Engineering, Safe Computing, and Disgruntled Employees   Sharon D. Nelson   John W. Simek     293
Social Engineering     293
Safe Computing: Train, Train, Train     297
The Disgruntled Employee     300
Real-Life Nightmares     302
Statistics     303
The Dark Side of Security     304
How to Achieve Security and Sleep at Night     305
Third-Party Service Providers   Behnam Dayanim     309
What Is an IT Service Provider?     310
Can You Use a Third-Party Service Provider?     311
Insist on a Contract-A Real Contract     314
Confidentiality, Not a Contract, Is Required     315
When It Comes to Lawyers' Use of IT, Don't Allow Free Agents     318
When to Notify the Client     318
Don't Forget Your Obligations to Your Employees     319
Law Firm Document Retention Policies   Sharon D. Nelson   John W. Simek     321
The False Parable of Arthur Andersen     321
Document Retention Policies: Background and Statistics     322
Sarbanes-Oxley Act of 2002     325
Who Else Do You Have to Worry About?     326
What Are Businesses Doing Wrong?     327
Crafting a Document Retention Policy     327
Spoliation     330
Computer Forensics: Data May Not Go Away     333
The Benefits of DRPs     333
What Happens to Your DRP in the Event of Litigation, Actual or Probable?     334
Yogi Berra Has the Final Word on DRPs     336
Sample Document Retention Policy     337
Computer Forensics   Sharon D. Nelson   John Simek     341
In the Beginning...     341
Why Should You Care?     342
Are Your Computers "in Play"?     343
The Preservation Process     344
It's Over There     346
I Want It All!     347
It Costs Too Much!     348
How Do They Do That?     349
Are We There Yet?     352
File Artifacts     352
What Can You Get for Me?     354
What Can't You Get for Me?     358
Will It Ever End?     360
A Legal Lifeline: Protecting Your Data in Electronic Discovery   Sharon D. Nelson   John W. Simek     361
The Problem     362
Take a Proactive Stance: The Electronic Evidence Protocol     362
Designation of Forensic Expert for Acquisition     363
Confidentiality Agreement     363
Acquisition Schedule     364
Scope of Acquisition     365
Previews of the Evidence     366
Forensic Acquisition     367
Scope of Analysis     368
Screening for Privilege     370
The Special Problems of Law Firms     370
Costs     371
Final Thoughts     372
Equipment and Information Disposal   David G. Ries   Christopher Ries     373
The Problem     374
Solutions     376
Conclusion     381
Additional Information Security Resources: Where to Go Online for More Information   Michael C. Maschke      383
DNS Stuff     384
SC Magazine     386
Network Computing     387
BugTraq     388
Secunia     389
Symantec     389
McAfee     391
Kaspersky     391
The Security Portal for Information System Security Professionals (Infosyssec)     392
Sophos     393
Castlecops     394
Conclusion     394
The Future of Information Security   Dennis Kennedy     397
Outsourced Security Management     399
Identity Management     400
Regulatory Efforts     400
Changing Nature of the Threats     401
Private Internet versus Public Internet     402
Adjusting Efforts to Human Behaviors     402
Smart Documents and Just Enough Rights     402
Disaster Recovery     403
Security Audits     403
Security and Core Business     403
Conclusion     404
Index     405
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)