admin 
The Firm That Never Made a Decision Somewhere in the last year or two, someone at your firm started using AI. Maybe it was a paralegal summarizing a long document. Maybe it was an associate drafting a first pass at correspondence. Maybe it was you, testing something out on a quiet afternoon. No one announced … Read more
The Firm That Thought Everything Was Fine Three weeks. That is how long it took a mid-size law firm to piece together what a departing senior associate had access to. She had not left on bad terms. There was no incident. She simply left, and no one had a process for what happened next. By … Read more
The Workaround Nobody Talks About A paralegal needs to convert a PDF quickly. The firm’s approved tool works, but it takes extra steps and runs slowly on her machine. She searches online, finds a free converter, uploads the document, and gets the result in thirty seconds. It works. She uses it again. So does someone … Read more
The Permissions Question Nobody Revisits I’m noticing with firms that SharePoint gets set up, documents get added, and then the permissions question never really gets revisited. The platform works. Files are accessible. Collaboration is happening so the assumption becomes that access is reasonably controlled. It usually is not. By the time someone thinks to check, … Read more
Most firm owners did not plan to become the IT department. It happened one request at a time. Someone could not log in. Someone needed a new laptop set up. Someone asked whether the firm had a backup of a file that was lost. All questions that they thought only the owner could answer. Then … Read more
When someone on your team clicks a bad link, the instinct is to blame the person. That instinct is understandable. It is also the wrong place to put your energy. Phishing attacks are not designed to fool careless people. They are designed to fool careful ones. The firm manager who opened what looked like a … Read more
When Everyone Knows the Password, No One Is Accountable Picture this: a paralegal leaves the firm. She had access to the document management system, the billing platform, and the client portal. Her login was shared with two other staff members because it was easier than setting up separate credentials when the software seat count was … Read more
When someone leaves your firm, the work of ending their employment usually gets handled well. Final paycheck, equipment return, exit interview. HR has a process. The separation is documented. The work of ending their access is a different story. For most firms, access revocation is not a defined process. It is a task that gets … Read more
Why “We Have Insurance” Is Not a Cybersecurity Strategy, and What to Do Instead Some firm owners are making a quiet bet right now. They are choosing not to tighten up security because they assume cyber insurance will write the check if something happens. I understand why that feels reasonable. You pay the premiums, you … Read more
Imagine this scenario: A former employee walks out the door today and still has complete access to your client files, emails, billing software, and even your phone system. Frightening, isn’t it? Yet, this is a reality many law firm owners face without even realizing it. Welcome to the critical topic of internal access control, a … Read more
