Dennis Kennedy

	Web DennisKennedy.com

« March 2006 | Main

April 12, 2006

Four Generations of Computer Malware

Donna's SecurityFlash is a must-read resource for anyone interested in computer security - especially if, like me, you are preparing for a presentation on computer security next week.

Today, she points to a great article by Peter Tippett called "The Fourth Generation of Malware." The article is mandatory reading for anyone who still thinks that anti-virus software is all the protection you need and for anyone who wants to gain a greater appreciation of what the threat environment for computers today.

Tippett describes four generations of "malware," while noting the 20th anniversary of the first computer virus:

1. DOS Viruses (1986 - 1995)
2. Macro Viruses (1995 - 2000)
3. Big Impact Worms (1999 - 2005)
4. Malcode for Profit (2004 - to present)

The money quote:

Over the last twenty years, worms have used all types of replication vectors, which of course increase with each advance in technology. Authors have worked diligently to have their worms and Trojans avoid detection and reach more victims with every iteration. For instance during this fourth generation, we’ve witnessed Backdoors, Trojans and root kits that enable the free reuse of the infected computer, and bots that create ‘zombies’ out of a network of computers that allow the malcode perpetrator to orchestrate responses among tens of thousands, or even millions, of victims at a time.

With each generation of malware growing more complex and devastating, it’s become increasingly important for CIOs to know not only who is on their network, but who is accessing their network.

While there isn’t an end-all-be-all solution to wiping malicious code authors off the face of the Earth, having the best security policies and procedures in place will help enterprises avoid a crippling network attack that not only puts information at risk, but impedes productivity and ultimately damages the bottom line.

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

Learn more about legal technology at Dennis Kennedy's Legal Technology Central page.

Technorati tags: legal technology computer security malware

Posted by dmk at 06:25 PM | Comments (0)

April 11, 2006

New Issue of Law Practice Today Webzine Focuses on Outsourcing

The newest issue of the ABA Law Practice Management Section's webzine Law Practice Today is out. The theme for this month is outsourcing and this issue serves up a good collection of outsourcing articles as well as the customary assortment of good articles on finance, management, marketing and technology for lawyers and law firms.

I played a role in a roundtable article on outsourcing called "Inside vs. Outside: When Does it Make Sense for Law Firms to Outsource?" It's a wide-ranging article that even discusses the topic of outsourcing legal services.

Highly recommended.

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

This post brought to you by LexThink!(R) - The Legal Unconference. Ask us about private LexThink retreats and conferences for your firm, business or organization. Coming soon - LexThink Lounge - April 19, 2006.

Technorati tags: legal technology outsourcing Law Practice Today

Posted by dmk at 07:47 PM | Comments (0)

April 10, 2006

Webcast: Security in a Wired and Wireless World

Dan Pinnington and I will be presenting a TECHSHOW session called "The Weakest Link: Security in a Wired and Wireless World." I'm thrilled to finally get the chance to do a presentation with Dan, one of my favorite people in legal technology.

We've recently learned that the ABA will be doing a live webcast of our session.

While I definitely encourage you to attend TECHSHOW and our session, attending this webcast is the next best thing.

Here's the program description:

An unprotected computer running a non-updated version of Windows will be attacked and compromised within twenty minutes of connecting to the Internet, potentially risking violation of your clients’ privacy.

Computer threats have become increasingly malicious and damaging. Automated attacks and organized crime have changed the security picture drastically from the days of the fifteen-year-old hacker breaking into systems for fun.

As wireless connectivity becomes more common, you are at risk at home, in your office and on the road. The good news is that there are standard steps that you can take and procedures that you can follow to safeguard the vital client, business, and personal information on your computers. The bad news is that neglecting these steps and ongoing security procedures will put your sensitive data in peril. There are many potential weak links in the networks and software systems you use in the practice of law.

Our expert faculty will provide information on current threats, tested strategies, best practices and practical tips that you can use to strengthen your wired and wireless networks.

In this session, you will learn practical ways to:

+ secure your computers and networks using the standard steps security experts recommend
+ test whether your efforts are working
+ minimize your risk of exposing client confidences and your business and personal information
+ stay aware of current security threats

Registration information is here.

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

This post brought to you by Dennis Kennedy's legal technology consulting services, featuring RSS and blogging consulting, technology audit, strategic planning and technology committee coaching packages especially for medium-sized law firms (15 - 100 lawyers) and corporate legal departments. More information on the "Second Pair of Eyes" packages for legal technology audits and strategic planning may be found here (PDF).

Technorati tags: legal technology computer security webinar TECHSHOW

Posted by dmk at 08:50 AM | Comments (1)

April 09, 2006

My New White Paper: "Moving from Reaction to Risk Management"

RenewData has released a new white paper I wrote called "Moving From Reaction to Risk Management: Changing the Focus of Information Governance to Achieve Better Business Results."

From the synopsis:

The whitepaper highlights the fact that information governance is an important component of overall risk management and that considering it as a key part of risk management both improves business results and helps manage risks. In addition, applying business rules can help reduce the costs of compliance and improve the likelihood of compliance and the enforcement of policies and procedures, resulting in a reduction of actual risk and an improvement in risk management.

In the paper I argue that we need to focus on "the benefits of finding and using appropriate business rules to move information governance efforts away from the reactive and passive approaches commonly used today to approaches that can anticipate and even prevent problems."

A fundamental premise of my approach is that electronic discovery is just one part of an integrated records management and information governance effort.

I encourage you to read the white paper and let me know what you think. You may download the white paper (and another white paper I wrote earlier this year on information lifecycle management) here.

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

Learn more about electronic discovery at Dennis Kennedy's Electronic Discovery Resources page.

Technorati tags: legal technology electronic discovery records management information governance white paper

Posted by dmk at 07:27 PM | Comments (0)

Where are the Lawyers at Legal Tech Conferences? Take Two

I had a great time on Friday speaking at Pitney Bowes's National Client Advisory Board meeting in Scottsdale. I gave a presentation on top legal technology trends for 2006 (and I'll be giving a similar presentation next month at the Association of Legal Administrators Annual Meeting).

Once again, I found myself at a great conference where I learned a lot about electronic discovery and records management, and I was almost the only lawyer there.

I learned not just about Pitney Bowes's recent acquisition of Ibis Consulting (indicative of a trend I have mentioned this year of EDD vendors expanding into consulting services (including, especially, project management)), but much about records managmement and electronic discovery from the point of view of clients and vendors. I don't know of a single lawyer who would not have benefited from hearing the insights of clients on electronic discovery issues that I heard.

In addition, I got a new understanding of how daunting the records management issues that face both clients and law firms really are.

It was a great conference and I thoroughly enjoyed getting the opportunity to present to this group.

My recent question still remains: why am I not seeing any lawyers at electronic discovery and legal tech conferences, especially ones where they could get insights into their clients' thinking? Along these lines, I recommend that you read Jeff Carr's comment on my recent post about this topic.

A big thank you to Pitney Bowes for bringing me to this conference.

There's still time for lawyers to register for the ABA TECHSHOW.

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

Learn more about electronic discovery at Dennis Kennedy's Electronic Discovery Resources page.

Technorati tags: legal technology electronic discovery records management TECHSHOW client-driven technology

Posted by dmk at 07:05 PM | Comments (1)

Is The Time Right for Tablet PCs?

Craig Pringle has a great blog post called "Now is the Time for Tablets" that argues that the time is now right for moving to the Tablet PC. As a Tablet PC user and a long-time Tablet PC fan, I could not agree more.

Craig's post is well-reasoned and I highly recommend that you read the whole post. As long-time readers of this blog know, I think that Tablet PCs really make sense for lawyers.

The money quote is Craig's list of reasons why the timing is right for Tablet PCs:

These key influences are:

+ Mobile computing in general is taking off.

+ Connectivity is trending towards being universal.

+ The limitations of battery life are being reduced.

+ The range of devices available is increasing.

+ The range of software written to be tablet aware or tablet specific is increasing.

+ The marginal cost of a tablet over a laptop is decreasing.

+ Awareness of the Tablet PC as an option is increasing.

+ The distinction between "Laptop" and "Tablet" is going to be removed with Windows Vista.

If you are considering the purchase of a new computer soon, add Craig's post to list of articles to study.

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

Learn more about legal technology at Dennis Kennedy's Legal Technology Central page.

Technorati tags: legal technology Tablet PC

Posted by dmk at 06:54 PM | Comments (1)

April 05, 2006

Tips on Getting More Life From Your Batteries

Batteries have been on my mind after our recent set of power outages.

Here's a good article I found today from PC Magazine that explains batteries and battery life and gives some good practical tips for getting the most out of your batteries.

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

Learn more about legal technology at Dennis Kennedy's Legal Technology Central page.

Technorati tags: legal technology batteries

Posted by dmk at 11:25 AM | Comments (0)

April 04, 2006

How to Identify an Anonymous Blogger (Other Than by Litigation)

Marty Schwimmer pointed me today to an article called "How to Unmask and Anonymous Blogger."

I thought it would be a compilation of some of the practical "Internet detective" tips many people use these days to track down owners of websites, commenters and the like. Instead, it focused on subpoenas and other litigation techniques.

Where's the fun in that?

There are a whole set of techniques that can be used that may be more effective and certainly will be cheaper than the techniques mentioned in the article, which I see as last resorts to take if the practical techniques don't work. If you work from that premise, the article is a good one, but mis-titled.

For some good examples of practical tactics I referred to, do some exploring in the links from Doc Searls post "Tale of Whoa."

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

Learn more about legal technology at Dennis Kennedy's Legal Technology Central page.

Technorati tags: technology law anonymity

Posted by dmk at 09:07 PM | Comments (0)

Our Electricity is Back

A short, but violent, storm swept through St. Louis on Sunday afternoon. Our electricity went out with the first gust of wind. Power returned late last night. The electric company returned this morning for more repairs in our neighborhood and the power was out again for a few hours today.

As we rely more and more on technology, this state of affairs can be a real drag, especially if you work out of a home office (or any office that happens to be an area without electricity).

I was talking with a writer today who had interviewed me for quotes for an article for on extranets and we joked about writing an article on the trials and tribulations of the tech-reliant in a time without electricity.

I did some thinking about whether there were some lessons I could learn about disaster recovery planning. There are some, of course.

The tricky part in all in this episode was that the power could have returned at any time, and it usually is not out for as long as it was this time.

For example, I did the trip to a local restaurant with WiFi access yesterday and then was surprised that the electricity was still out (as was my battery on my Tablet PC by then).

I did not try some of my more creative options - heading over to my father-in-law's to check in on him and use his electrical outlets, for example.

The irritating thing in this episode is that we were right on the dividing line - our neighbors across the street all had power the whole time.

By the way, I'm not sure how Abe Lincoln and others were able to read by candlelight.

[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]

Learn more about electronic discovery at Dennis Kennedy's Electronic Discovery Resources page.

This post brought to you by LexThink!(R) - The Legal Unconference. Ask us about private LexThink retreats and conferences for your firm, business or organization. Coming soon - LexThink Lounge - April 19, 2006.

Technorati tags: legal technology disaster recovery planning

Posted by dmk at 08:39 PM | Comments (0)