Maiorana, P.C.

Registered Patent Attorneys

Should I Be Concerned about Computer Security with My Patent Attorney?

Probably, since Patent Law is sensitive by nature. Our Patent Attorneys take security issues seriously.

You don’t need to be on the leading edge of technology to realize that security breaches occur on a regular basis. If big name companies have trouble securing data, what type of concerns should I have when dealing with my patent law firm?

The good news is that when you work with a smaller patent law firm in Michigan [1], there is a much higher chance that the patent attorneys have a cohesive law firm information security policy in place [2]. The more people involved in an organization, the higher the chance that someone in the organization will inadvertently do something that will be vulnerable to an attack. While phishing attacks are prevalent, a less subtle, but more frequent security breach can occur if an email is either addressed incorrectly, or the wrong attachment is used. We have even heard of security recommendations that frown on email attachments altogether.

We take several steps to minimize security risks in our law firm data security policy. We use a common address book for all of our clients. Each computer accesses the common address book. When we no longer represent a client, we delete the appropriate email addresses from our common address book. This reduces the chance of sending an email to an old client that includes confidential information from a new client.

There are several alternatives to email attachments. One is to use encrypted links. There are several services available. We can create a link to a document, such as a PDF file, that can be accessed for a limited time. This allows risk management by not having attachments available on an email server for long periods of time. I was recently surprised how quickly an attachment from an email sent in 2008 popped up on my screen. If the wrong attachment is included in the link, there is a possibility of fixing the issue before any security issue occurs.

For more sophisticated clients, we can use a shared folder. The service we use for shared folders has not had any security breaches to date. We believe our policies help us as a Boutique IP Law Firm.

Password management is always an issue as well. We use strong passwords for all of our publicly available accounts [3].

Another issue that comes up some times is whether all of the emails being sent are to the same domain. With the auto fill features on modern email tools, it is easy to start typing one persons name, but have several similar sounding names show the option to auto populate. This is especially true when you are a busy Patent Attorney in Michigan. We found a plug-in that works with our Mozilla Thunderbird application that automatically flags emails that are not all addressed to the same domain. Sometimes this is intended, but the plug-in helps when that is not the intention. This is just another security feature that we have implemented based on our model security protocol - create a policy, follow the policy, and revise the policy. This holds true for many risk management situations.

  • Chris Maiorana
  • Revised December 2017

Tags: Patent Attorney in Michigan, Boutique IP Law Firms, Patent Law Firm, Law Firm Information Security Policy, Law Firm Data Security Policy, Patent Attorney
[1]  We are in the Detroit area, but also represent clients nationally. Our offices in St. Clair Shores are a short drive from the Midwest Regional U.S. Patent and Trademark Office .
[2]  That is one of the advantages with working with a Boutique IP Law Firm.
[3] A strong password has at least 12 characters, has numbers, symbols, capital and lower-case letters, isn’t in the dictionary or a combination of those words and no obvious substitutions like “H0use” We use a very good password generator and manager.

If you would like us to analyze your particular situation, call us to set up an appointment to discuss starting an engagement. Please do not send confidential information prior to negotiating an engagement.