Cybersecurity Protocols and ADR

The legal profession, in general, needs to modernize its approach to cybersecurity. And alternative dispute resolution has even more work to do, given its unique composition. ADR participants — arbitrators, mediators, representatives — come from different organizations, each with its own systems, technologies and procedures. This heightens the risk that something will get into the wrong person’s hands. What’s more, it’s not uncommon for ADR professionals to use a mix of consumer and enterprise software, inviting additional risks. To safeguard sensitive documents, clients should look for ADR firms that have secure document exchange, extensive use of encryption, web-browsing control, and advanced intrusion detection, among other systems and controls.

There are steps ADR professionals can take to guard against hacks and data breaches, and not all involve installing expensive systems. These include complex passwords and passphrases, tools like password manager and two-factor authentication, and freeware avoidance. Additionally, use full disk encryption on all computers, encrypt files on portable storage devices and never send passwords by the same media as password-protected files.

Ultimately, the legal community, ADR in particular, should approach cybersecurity as they do any other important aspect of their work, taking part in training programs; keeping abreast of research, new guidelines and technologies; and empowering themselves to be part of the solution, not the problem.