PBCBA BAR BULLETINS pbcba_bulletin_April 2019 | Page 31

TECHNOLOGY C o r n e r Is Your PC Keeping Your Information Private? Take This 10-Question Quiz CHRISTOPHER B. HOPKINS What entity was the victim of the largest data breach in history? According to The Guardian, the “biggest [hack] in history” involved 11.5 million documents known as the Panama Papers stolen from… a law firm. “BigLaw” firms are not alone – small firms and solo lawyers frequently suffer ransomware attacks while, according to Verizon, in-house lawyers were, “far more likely to actually open a [phishing] email than all other [corporate] departments.” Lawyers are particularly susceptible targets for data breach because we often hold clients’ confidential and financial information. Worse, we can be a weak link: lawyers are quick to respond to new client inquiries and we respond quickly and at all hours from our mobile devices. How safe is the PC on your desk? Whether you reply upon a valued IT professional or your office manager, Rule 4-1.1 tasks you, the lawyer, with “an understanding of the benefits and risks associated with the use of technology…” The following quiz takes about 5 minutes and requires basic PC and keyboard skills (special thanks to Matt Korduner, GDSN Administrator at Florida Crystals, for his contributions). 1. Are You Running A Supported Version of Windows? Microsoft currently supports Windows 10, 8.1, and 7. Windows Vista and XP no longer receive upgrades from Microsoft and are exposed to hacking risks. Hit the windows key (left of your space bar) and the letter R. A box will appear. Type “winver” (for “windows version”) and hit enter. 5 points for Windows 10, 2 points for Windows 8.x, and 1 point for Windows 7. You have failed this quiz if you are running any other version. 2. Is Your PC Password Protected? This should be an easy “yes.” But do not be fooled, this is weak security (do a Google search for “hack Windows password”). 2 points for a required password, 1 point if you use a PIN, or -10 points for “no.” 3. Do I Have Administrator Access? An administrator account has full access to all features of Windows while standard accounts are restricted from, say, installing new software. Unless it is a personal computer, few users need full “admin rights.” Tap the Windows key and type “control panel.” Select User Accounts (twice). 5 points if “administrator” does not appear under your name. If it says “administrator,” and it is not your personal PC, subtract 5 points. 4. Is Your Hard Drive Encrypted? An encrypted drive should render your drive unreadable if it is stolen. Tap the Windows key and type “control panel.” Select “Security and Systems” and look for BitLocker encryption to be “on.” Admittedly, there is more than one encryption method; hit the Windows key and type “PGP” to see if you find PGP Whole Disk Encryption. 5 points for encryption, no points for an unencrypted desktop, and -5 points for unencrypted laptop. 5. Is Your PC Up-To-Date? Keeping a current version of Windows is essential for patching security risks. If you are running Windows 10, this occurs automatically so award yourself 3 points (recent reports suggest not to manually check for updates in Windows 10 out of concern that Microsoft views this as an invitation to push beta versions of updates). For Windows 8.1 and below, tap the Windows key, type “Control Panel,” and choose Windows Update. Award 3 points if you are current on all critical or security settings; -1 for each unpatched item. 6. Am I Running AntiVirus? In Windows 10, hit the Windows key, select Settings, Update & Security, Windows Security, and click, “Open Windows Security.” For prior versions, hit Start, then go to Control Panel, Security and Systems, Review Your Computer’s Status, and look for Security. 5 points for green buttons, -5 points for red buttons. 7. Do I Have a Firewall? This is a critical line of defense to prevent unauthorized access to your PC. Take the same steps as you did to check your anti-virus software. 5 points for green buttons, -5 points for red buttons. PBCBA BAR BULLETIN 31 8. Can Someone Else Remotely Access my PC? Hit the Windows key and R, then type “SystemPropertiesRemote.exe.” It should open a new dialog box with the title “Remote Access.” If “Allow Remote Assistance” is unchecked, give yourself 5 points. If your IT department allows remote access limited to “Network Level Authentication,” add no points. If remote access is allowed without restriction, subtract 5 points. 9. Do I Have Any Unknown Programs on my PC? Tap the Windows key and type “control panel.” In the upper right corner, type, “program” in the search box, and select “show which programs are installed.” Add 3 points if you recognize all apps; -1 for each app you cannot identify. 10. What are Your Privacy Settings? Hit the windows key and select “Settings” and either “privacy” (Win 10) or Change PC Settings and Privacy (earlier versions) In Windows 10, everything should be “off.” In prior versions, select “General” to determine what settings are “off.” 5 points for everything turned off and -2 points for each item that was “on.” If your score is a positive number, you passed. Anything near zero or below, please consult an IT professional soon (if the PC is owned by your law firm, do not seek to change settings without consulting your policies). Christopher B. Hopkins is a cyber security lawyer with McDonald Hopkins, LLC. [email protected]