As we conclude another week, we hope this finds you safely navigating these uncharted times. Uncertainty seems to be the hallmark of this pandemic. OBLIC is here to provide you the certainty and reliability you have come to trust. Let us help you through these bizarre times.

Formal Opinion 2020-300 Pennsylvania Bar Association Ethical Obligations for Lawyers Working Remotely  Take reasonable precautions to be able to access client data and provide information to the client or others, such as courts or opposing counsel. Take appropriate measures to protect confidential electronic communications Avoid using public internet/free Wi-Fi Use Virtual Private Networks (VPNs) to Enhance security Use two-factor or Multi-factor authentication Use strong passwords to protect your data and devices Assure that video conferences are secure Backup any data stored remotely Security is essential for remote locations and devices Users should verify that websites have enhanced security Lawyers should be cognizant of their obligations to act with civility

CISA Alert COVID-19 Exploited by Malicious Cyber Actors Top Tips for Spotting Phishing Email: Authority – Is the sender claiming to be from someone official (e.g., your bank or doctor, a lawyer, a government agency)? Criminals often pretend to be important people or organizations to trick you into doing what they want. Urgency – Are you told you have a limited time to respond (e.g., in 24 hours or immediately)? Criminals often threaten you with fines or other negative consequences. Emotion – Does the message make you panic, fearful, hopeful, or curious? Criminals often use threatening language, make false claims of support, or attempt to tease you into wanting to find out more. Scarcity – Is the message offering something in short supply (e.g., concert tickets, money, or a cure for medical conditions)? Fear of missing out on a good deal or opportunity can make you respond quickly.

• Do not make meetings public. Instead, require a meeting password or use the waiting room feature and control the admittance of guests.
• Do not utilize unrestricted, publicly available social media to post or give notice of a meeting. Provide any links to meetings directly via confidential communications.
• Manage screensharing options. Change screensharing to “Host Only.”
• Ensure users are using the updated version of remote access/meeting applications.
• Ensure telework policies address requirements for physical and information security.

We understand law firms utilize many email addresses and voicemails, including email addresses to which communications via law firm websites are sent. We urge you to systematically and regularly check ALL email addresses and voicemails utilized by your firm, and timely respond to all legitimate communications. These can easily be overlooked when many are working from home, potentially causing something important to fall through the cracks.