In the new conditions of digital transformation, when most legal tasks can be performed remotely — from preparing documents to participating in video conferences — the issue of digital security becomes not only relevant, but also critically important.
Lawyers increasingly handle confidential information using mobile devices, cloud services, and electronic document management, creating serious challenges in data protection.
Oleksandr Urdenko, PhD, an expert in digital forensics and ISO 27001 auditor, outlined in his article for the “Legal Gazette” (Issue 4, 2025) practical and technical measures that every lawyer should know and implement to protect professional information.
Key Recommendations for Lawyers
- Device Encryption — use BitLocker (Windows), FileVault (macOS), or third-party programs like VeraCrypt to protect internal drives and crypto containers.
- USB Drive Security — opt for models with hardware encryption or software protection.
- Mobile Security — activate memory encryption, two-factor authentication, and remote device locking features in case of loss.
- Password Managers — store passwords in dedicated programs (KeePass, 1Password, Bitwarden), avoiding reuse or storage in browsers.
- Secure Cloud Storage — use encrypted archives and choose reliable services with two-factor authentication.
- Antivirus and VPN — regularly update systems, firewalls, network screens, and work through VPN in public networks — the basic minimum for protection.
- Digital Hygiene — do not open attachments from unknown sources, avoid connecting to suspicious charging devices, and regularly review mobile app permissions.
Legal and Ethical Dimension
Preserving professional secrecy is not only an ethical requirement, but also a legal obligation of a lawyer. In the context of modern challenges, including hybrid warfare and cyber threats, ignoring cybersecurity principles can cause irreparable harm to both clients and the legal profession.
The Bar Association of the Kyiv Region calls on the legal community to pay increased attention to digital security issues and actively implement modern protective practices in their professional activities.
Data protection is the protection of clients’ trust and professional dignity.