In House - The FindLaw Corporate Counsel Blog

Corporate Work Available: Encryption Required

Peter Beshar, general counsel at Marsh & McLennan Companies, won't shake hands with just any lawyer.

When it comes to email with outside counsel, he requires an "electronic handshake." It's a form of email encryption, which verifies the domains of two companies communicating with each other.

In a cyber-sensitive world, it's an idea that is catching on at many law firms that want to ensure client information is secure.

Transport Layer Security

TLS is an encryption technology that enables secure email exchanges between senders and receivers. Through keys, it works in the same way a third-party like Verisign authenticates websites.

Beshar says his company requires law firms to use TLS when working with him. He said a dozen large law firms have agreed to use the technology.

Gibson Dunn partner Alexander Southwell, for example, said that law firms increasingly use TLS to protect client communications and data from hackers.

"This is a fairly standard, important tool that is increasingly being used to handle the data-in-transit problem," Southwell told Boomberg Law.

Email Opinion

The American Bar Association recently issued an ethics opinion that says attorneys need to consider more secure methods for their email. The opinion basically requires a self-test, focusing on the sensitivity of the information and need for additional safeguards on a case-by-case basis.

But the market is pushing lawyers even more to adapt encryption technologies. Concerned with data breaches, in-house counsel are insisting on encrypted email with outside counsel. Generic email will not do.

Yahoo, which suffered a hack of 1.5 billion email accounts, and other email providers are struggling with solutions for their users. They say end-to-end encryption is a work in progress.

Related Resources: