Law Firms
Managed IT for Law Firms
Secure, reliable IT for attorneys and law firms in Eugene and Lane County.
The IT Reality for Law Firms
Client confidentiality isn't optional for a law firm — it's an ethical obligation. Your IT environment needs to match that standard: controlled access to client files, encrypted communications, and the ability to demonstrate you've taken reasonable steps to protect sensitive data. Ask Erik provides law firms with the security controls, documentation, and reliable support needed to meet those obligations.
Common IT Challenges
- Client confidentiality and state bar ethics obligations
- Secure document management and file sharing
- Phishing attacks targeting attorneys and staff
- Remote access for attorneys working from home or court
- Data breach notification obligations
What We Do for Law Firms
Practical IT management focused on the systems and risks that matter most for your practice.
Secure Document Management
Controlled access to client files, version history, and audit logging — so you know who accessed what and when.
Encrypted Client Communications
Microsoft 365 configuration for encrypted email, secure file sharing with clients, and documented procedures for sensitive communications.
MFA & Zero Trust Access
Multi-factor authentication and Zero Trust remote access for attorneys and staff — no open RDP, no unprotected remote connections.
Practice Management Software Support
Clio, MyCase, PracticePanther, and other legal software — infrastructure support and vendor coordination for application issues.
Encrypted Backup & Recovery
Daily encrypted backups of client files and matter data with documented, tested recovery procedures.
Security Awareness Training
Phishing simulations and staff training focused on the social engineering tactics used to target law firms.
Frequently Asked Questions
What are my ethical obligations around client data security?
Oregon RPC 1.6 requires attorneys to make reasonable efforts to prevent unauthorized disclosure of client information — and what counts as "reasonable" scales with how sensitive the data is and what it would cost to protect it, which means a firm handling family law or high-value business litigation has a higher bar than one doing routine transactional work. In practice, that baseline means strong access controls, encrypted communications, multi-factor authentication, and a written incident response plan — the kind of controls a bar complaint or malpractice claim would specifically ask whether you had in place. I build firms to that standard, not the minimum that technically gets by.
Do you support Clio, MyCase, or other legal software?
Yes. I manage the workstations, network, and Microsoft 365 environment your practice management software runs on — uptime, backup of your matter data, secure remote access for attorneys in court or working from home — and coordinate with Clio, MyCase, or PracticePanther support directly when an issue is application-specific rather than infrastructure. Most firms I work with are running one of these three; I already know their common failure points and support escalation paths.
How do we share files securely with clients?
The cleanest option is a client portal built into your practice management software, or a properly configured SharePoint/OneDrive setup inside Microsoft 365 with expiring links and access logging. Either one avoids the real risk with email attachments — an unencrypted PDF of a settlement agreement or medical record sitting in someone's inbox indefinitely, forwarded who-knows-where. I set up and support whichever fits your firm's existing workflow, and I make sure staff actually use it instead of defaulting back to email out of habit.
What should we do if there's a data breach?
Oregon law requires notifying affected individuals if their personal information was accessed, and depending on how many people are affected, may require notifying the Oregon Attorney General as well. Your first calls should be to your IT provider to contain it, your cyber insurance carrier, and your malpractice or general counsel — roughly in that order, and within hours, not days. Having those numbers written down before an incident, as part of an actual incident response plan, is the difference between a controlled response measured in hours and a scramble that stretches into weeks while everyone figures out who's supposed to be doing what. I help firms put that plan together before they need it.
What makes Ask Erik different from other IT companies?
Client confidentiality depends on continuity, and that's exactly what you get working with me directly instead of a rotating help desk. I've spent over 40 years in IT, running Ask Erik Computer Services since 2006 and serving Lane County firms since bringing the business to Eugene in 2017. I'm a Microsoft Partner, AI-certified, and a BNI Hall of Fame member here in Eugene. I document every access control decision and security change I make — the kind of record a bar complaint or malpractice claim would actually require — and I explain it in plain English, not jargon. When something breaks, you hear why it broke and what we're changing so it doesn't happen again, from the same person who set the system up in the first place.
Is your firm's IT security up to your ethical standard?
We assess law firms throughout Lane County and give you an honest view of what's protected and what isn't.