Interest Groups

Simulations Test Law Firm System Security - E-Discovery, Information Governance & Cyber Security Section News

Get the news you want the way you want it: click the RSS button in the right corner to add this feed to your RSS reader, or click here to subscribe to this content. By subscribing, you’ll find this news on your Member Account page, and the latest articles will be emailed to you in your customized IndyBar E-Bulletin e-newsletter.

E-Discovery, Information Governance & Cyber Security Section News

Posted on: Apr 6, 2018

Last fall, MacKenzie Dunham was a law student working at a personal injury firm in Houston when one of the firm’s two partners called the office to say their car had been broken into and he would not make it in.

Not worried, the partner mentioned that among his stolen belongings was a MacBook he used for work.

This was when Dunham realized the theft was not just a nuisance—it was a major breach of client documents.

With no stated firm policy, he leaped into action by rejecting the computer’s access to the firm’s various online accounts and remotely wiped the machine.

“I just did what I could to minimize [the breach],” Dunham says. Without his efforts, “the person that had the laptop would have access to client files.”

After the incident, Dunham created the firm’s first security policy and made sure all firm devices were trackable and able to be remotely wiped.

Now a staff attorney at Access Justice Houston, a nonprofit law firm he founded, Dunham says this lesson taught him that “you need to be prepared to have every device that has ever touched client information ... stolen.”

Read more.

This article was submitted by Jonathan T. Armiger, Armiger Law. If you would like to submit content or write an article for the E-Discovery, Information Governance & Cybersecurity Section, please email Kara Sikorski at


Indianapolis Bar Association (IndyBar) est. 1878 | 4,536 Members (as of 2.11.21)