top of page

LITIGATION SUPPORT TIP OF THE NIGHT

Featured on the ACEDS blog.

The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information. This policy is subject to change at any time. The owner is not an attorney, and nothing posted on this site should be construed as legal advice. Litigation Support Tip of the Night does not provide confirmation that any e-discovery technique or conduct is compliant with legal, regulatory, contractual or ethical requirements.

See my post on Running Regex Searches With a Grep Utility on the ILTA litigation support blog.

New tips for paralegals and litigation support profesionals are posted to this site each week. Click on the blog headings for better detail.

See How-To Videos on my YouTube channel.

Add Password Protection to Multiple PDF Files

Dec 5, 2020

FoxtIt Phantom allows users to create actions that will bulk process multiple PDF files, in a very similar fashion to how actions are created in Adobe Acrobat. It's quite easy to set up an action to password protect multiple PDF files. Follow these steps:

1. Go to File . . . Action Wizard . . . Create New Action

2. In the Protect menu, select Secure Document . . . Password Protect, and add this to the action.

3. From the File menu select Main Panel . . . Save and add that to the action.

ree

4. Under Password Protect click Specify Settings and enter a password. You'll also see an option to select a particular kind of encryption.

5. Be sure to uncheck the option to prompt user for both the Password Protect and Save steps in the action.

ree

6. After the action is saved, you can then run it by going back to File . . . Action Wizard . . . Run Action. You'll see a list of the actions that have been created.

7. After the action is run, a user will be prompted to enter a password each time a PDF is opened.

ree

Client Isolation

Dec 1, 2020

A setting called 'client isolation' on a router will prevent a computer that connects to a wifi network from accessing computers (and other devices) that are on the same network with wired connections. This is very useful if you plan on having visitors use a network set-up for the use of attorneys from your firm.

The client isolation setting will also prevent two devices connected to the network via wifi from connecting with one another.

Client isolation (also known as wireless isolation) differs from guest wifi networks which involve an entirely separate access point. Client isolation uses firewalls to restrict visitors to connecting to the internet.

Don't Use SMS for 2FA

Nov 30, 2020

Using SMS text messages for two factor authentication is no longer considered a best practice.

Forbes Magazine published an article entitled, Why You Should Stop Using SMS Security Codes—Even On Apple iMessage, and CNET posted an article Do you use SMS for two-factor authentication? Here's why you shouldn't .

Wired Magazine notes that a security expert believes, "two-factor authentication using SMS text messages isn't technically two-factor at all."

In January 2020, the Department of Computer Science and Center for Information Technology Policy at Princeton University published the results of a research project, An Empirical Study of Wireless Carrier Authentication for SIM Swaps, which concluded that, "users of websites relying on SMS-based MFA continue to be at risk—in some cases severely."

Cell phones can be vulnerable to phishing attacks that lead service providers to direct texts to different SIM cards. The New York State Department of Consumer Protection has posted a warning about scams which aim to switch SIM cards to new devices. The Princeton Study, "identified weak authentication schemes and flawed policies at 5 US mobile carriers from the prepaid market. We showed that these flaws enable straightforward SIM swap attacks."

International mobile subscriber identity-catcher (IMSI) are mobile towers set up for malicious reasons to intercept text messages.

Malware can also be installed on smartphones which will intercept codes used for 2FA.

Using a token or an authentication app that generates temporary codes are better alternatives. Google Authenticator will generate temporary 8 digit passwords.

bottom of page