How safe is your ‘safe’ list?

Print This Post

4 March 2015

Lawyer Checker200Risks are often described like cockroaches – they hide well, multiply quickly and become everyone’s problem to stamp out…..…we need a clear view of the risks and to put in place controls, which include Law Firms’ management of risk and the actions they take and are able to evidence with documentation, to manage the risks within their business.”

Samantha Barrass – SRA executive director 2013

The ‘cockroaches’ are breeding and they are breeding fast. One of the biggest bugs is the cyber-criminal.

The conveyancing industry knows about the damaging effect a bogus law firm can have on a client and the reputation of a firm.

Here at Lawyer Checker we recommend as an absolute minimum the implementation of a Safe List policy throughout your conveyancing department.

Transactions thus fall into two categories:

  1. Transactions with firms you deal with on a regular basis
  2. Transactions with firms you have had little or no dealings with previously.

In list two, this could include transactions where you are dealing with a firm that you recognise, BUT the Fee Earner is not known to you, equally it could just be that the transaction has thrown up some concerns.

How do you manage your ‘Safe List’? Is it a physical list or a mental one? “We always deal with XXXX therefore they must be safe….”

How do you really know whether or not the transferring of funds is ‘safe’?

In order to adequately manage the risk associated with conveyancing transactions, Lawyer Checker suggests that, where there is not a ‘Blanket Use’ policy applied to using Lawyer Checker, keeping a ‘safe list’ is ‘the next best thing’.

How can you ensure that your safe list is safe? Firstly use a physical one, ensuring that it is impenetrable:

  1. Encryption:

Ensure that your safe list is encrypted in order to keep the hackers out. Remember – tablets and smartphones can all too easily fall into the wrong hands

  1. User authentication:

Control your user accounts – an ex-employee should no longer have access to company information – in 2014 CIFAS reported an 18% increase in employee fraud. Set passwords for the safe list which then ‘lock out’ an individual who fails to enter the right password.

  1. Audit trails

Have a service which allows your firm to keep detailed logs of which employees download, upload and share files with whom and when. Gain better visibility into your operations – then if there is a security breach it ought to be easier to work out how and when it happened and who was the culprit.

All of the above can most certainly aide and abet in this fight against the cyber-criminals, but without doubt Blanket Policy use avoids any potential problems that Safe Lists fails to.

Next week’s spotlight will focus on Blanket policy use….


Associate News is provided by Legal Futures Associates.
Find out about becoming an Associate

Legal Futures Blog

GDPR and the rise of ‘datanapping’ – the new threat to the pockets of law firms

Nigel Wright

You’ve heard about ransomware – a hacker infiltrates your IT systems, locking them down until you pay a ransom. Some studies now estimate that over 50% of businesses have experienced this type of attack in the last year, and it’s particularly prevalent within the legal sector. Previously, firms could protect themselves by having a solid disaster recovery plan in place to ensure they can get back up and running in the event of a disruption. However, the General Data Protection Regulation (GDPR) – the new EU-wide regime which comes in effect on 25 May 2018, irrespective of Brexit – means that this approach alone is no longer adequate and security measures must be strengthened to prevent attacks.

April 21st, 2017