TLOMA Today

Now that the TLOMA 2019 Associate and Business Services Surveys have been launched, we thought it would be helpful to provide you with some useful tips to complete the surveys, specifically related to job matching!

Following these 3 easy steps will significantly help you, when you are entering your data into the Excel template provided to you upon registration regarding how to match jobs, specifically in the Business Services (TBS) survey.

Step 1.  Gather your Firm's job/role information

Before you start to complete your 2019 TBS Input Template (Excel), gather all of the job documentation and compensation information you have available. It is important that you are able to understand and assess the full scope of accountability that is associated with each job in your organization. If you are not closely familiar with all roles, it is recommended that you seek input from managers who directly oversee the roles. You will also want to access the TBS User Guide which contains a list of all survey job descriptions and other reference material.

Step 2.  Initial TBS role match

Referring to the TBS User Guide, start at the beginning of section VII. Read the content for each role description in the column “Sub Job Family”. Use the description – not the title - to determine if you have a role in your Firm that is a good match. Good matches possess 70% or more of the role’s accountability. This is a subjective assessment but an important one. If your Firm’s role matches less than 70% of the description, then do not provide a match for that Sub job Family in your submission. When you have a match, proceed to Step 3 to determine the appropriate level. If not, proceed to the next Sub Job Family.

Step 3.  Confirm job level (using career ladder)

Again, referring to the TBS User Guide, at this step you will determine the right career level for the role in your Firm that you matched to a Sub job Family in step 2. Start at the beginning of section V and VI. On page V-1 you will see a Career Ladder diagram which illustrates the relationship between Individual Contributor roles and Manager roles. Within the Individual Contributors there are Support Roles and Professional Roles. Using the descriptions in section VI you can assess the most appropriate level of the role you have in your Firm. It is important to assess the level of the role rather than the level of the individual (or person) in the role. In other words – match jobs not people. Again, use the full descriptions of each level and not the titles, or headings, only.

Together, the combination of Sub Job Family and Career Level will provide the Job Code in your submission template. An example job code is ADM.32.S20 which is Administrative Assistant – Intermediate Support.

Repeat steps 2 and 3 for each Sub Job Family in section VII.

If you have questions about the matching process or other questions related to the compensation surveys, please connect with Bridget Bohan at bridget.bohan@paystats.ca or a member of your Compensation Committee.

Thanks,
Katherine Mather

2019 Compensation Committee Chair

Expect the Unexpected

Going into our day, week, month and year with this perspective helps prepare our mindset that things will not always go as planned.  Do not be surprised when unusual events take place, anything might happen and probably will.

Recently I thought a few seasoned employees had lost their minds because they started behaving in unusual and unexpected ways.  In part, was this because they did not know what was expected of them? Perhaps but not likely given their experience.

When partners are unhappy because their team is letting them down, it is our job to figure out what happened, why it is happening and to come up with solutions to ensure it does not continue or happen again.

Through a few great conversations, I learned how these employees are feeling, what their expectations are and what they need from us.  We can now work together to move towards a resolution and change or improve behaviours.

Going through this landed me on the phrase “expect the unexpected”, it was a good reminder that things will happen around us that we need to be involved with and sometimes they are going to come from the most unlikely person or situation.

Expecting the unexpected also helps us to be open to receiving things that we might otherwise miss or not be tuned into.  We will be open to picking up on something someone has said or the way they have said it that ends up letting us know that they need our help.  This will help avoid unhappy partners when their team is not meeting their expectations, we will be able to get ahead of it before something goes off the rails.

Another way of looking at this phrase is to expect what we think we cannot reach, what is unexpected.  This might be a great project to work on, a new position or career path or getting to work with a great group of people you have not had the opportunity to work with in the past.

This part resonates with me in my position as TLOMA President; I filled myself with negative talk and self-doubt that I would not be considered as a Board member for many years.  This prevented me from pushing myself outside of my comfort zone, which I have come to realize robbed me of this amazing experience for a long time.  Thanks to one of my long-time TLOMA friends, he convinced me that I have the right experience and passion to offer to TLOMA volunteer positions and would enjoy the work.  I would get to be a part of the leadership of an association that I value tremendously and have received so much.  He was right in a big way; this experience has been rewarding, fulfilling and an amazing learning opportunity.  I would love to help any of you who may be feeling the same way, give me a call or send me a note, I would be happy to share more of my personal experiences and help you obtain the unexpected.  In fact, the Nominating Committee will be considering new candidates for the upcoming 2020 Board roles and other volunteer positions within the organization. If you are considering contributing to TLOMA please give me a call and we can discuss this self-fulfilling journey.

It is hard to believe that it is already June.  Our Summer Networking Event on June 7^th at Copacabana Brazilian Steakhouse is always a lot of fun and a great opportunity to connect in person.

Our SIG Leaders have been providing amazing education to us this year and I am looking forward to the SIGs taking place over the summer.

• June 25^th - TLOMA Technology SIG event - The Data Breach Dilemma sponsored by Cryptomill.
• July 25^th - TLOMA Technology SIG event - Protecting your firm from Cybercrime sponsored by Vertex Solutions Corporation.
• August 22^nd - TLOMA Marketing SIG event - Public Relations for Your Law Firm – Positioning Your Key Staff & Partners as Thought Leaders sponsored by Jelly Digital & PR.
  
  

The 2019 Associate and Business Services Surveys were successfully launched in early May.  In order to preserve accurate and consistent information do not forget to participate every year.  You do not need to purchase the survey in order to participate.   The board and committees have been working hard to ensure that we are continually meeting the needs of our members.  The Board stroke a membership task force to undertake a review of our current membership criteria. If you have any suggestions or want to contribute to this important discussion please let me know.  We have been receiving very positive feedback regarding our new live video streaming and are also looking for further learning development enhancements.

TLOMAToday will be on a break until September, please watch the website and email communications to keep informed on what is happening.  With the warmer temperatures, we can get outside and enjoy this amazing country where we live, be safe to avoid the unexpected, but if it does arise embrace it and make it a learning opportunity.

I am wishing everyone a great and warm summer and I look forward to seeing you at the TLOMA Conference in Blue Mountain!

Pamela Harris,
TLOMA 2019 President

Is cybersecurity insurance worth it? Do we really need cyber insurance?

If you’ve been discussing these questions in your operational meetings, you’re not alone. In fact, many organizations from several different industries are debating the need for cyber insurance, especially in light of the Marriott Hotel chain data breach in late 2018. This breach potentially affected 500 million guests and could cost the Marriott hotel chain upwards of $3.5 billion in the years to come. Some of these costs will be covered by the cyber insurance that they have, but there’s a strong possibility that the Marriott’s coverage may not be sufficient to cover claims that will come against them because of this attack. 

Now, consider that your law firm deals with sensitive, confidential information that is arguably just as important as the credit card, birth dates, and passport numbers that the threat actors got in the Marriott breach. Regardless of your area of speciality – financial and banking, criminal, litigation, or other – you handle delicate information that has great appeal for threat actors to try and get hold of.

The Marriott breach serves as a cautionary tale in two ways:

• Cyber insurance is worth it.
• It’s vitally important to pick the right cyber insurance for your needs!

Why is Cyber Insurance Necessary?

There is no doubt that we’re living in turbulent times, and law firms are definitely not exempt from them. In fact, after Equifax’s massive data breach in 2017, law firms realized how especially vulnerable they were – law firms have lots of sensitive data, often deal with unencrypted emails, and typically have inadequate cybersecurity in place to protect themselves.

A recent LogicForce survey of over 200 law firms revealed that every firm had been targeted at some point through 2016 and 2017, and that 40% of them didn’t know they were breached. Even more disturbing was the fact that the study found 95% of the law firms were not compliant with their own data governance and cybersecurity policies…

When you consider these statistics, it’s pretty clear to see why cyber insurance is necessary. After all, it’s not a matter of if you’re targeted, but when. Long gone are the days of poorly-written emails from a Nigerian prince offering to pay you money to help them reclaim their throne... cyberattacks, especially phishing attacks, are state-of-the-art, more convincing, and far more devious than ever. They’ll mimic banks, the Canada Revenue Agency, even Microsoft! Even the most tech-savvy can be lured into clicking on malicious links. And experts are saying that those organizations who hold onto sensitive or personally-identifiable information (read: law firms like yours!) are most likely to be targeted.

The Ponemon Institute’s 2018 Cost of a Data Breach Study estimates that the average total cost of a data breach is $3.86 million, depending on how many records are affected by the breach. With that number on the rise (it’s already up by 6.4% from 2017), isn’t it clear why having cybersecurity insurance is a good idea?

What Do I Need To Take Into Consideration when Buying Cyber Insurance?

Like other types of insurance, there are different types of cybersecurity insurance policies, with different deductibles. So, how do you make sure that you’ve got the right cyber insurance for your organization?

In order to get the most from your cyber insurance, consider the following:

• Are you currently handling or processing credit cards?

  If so, make sure that the policy you’re buying will cover credit card fine payments.

• How much data per person are you holding on to?

  Pricing is typically based on how much data per person you have in your organization. According to recent research, the average cost of each lost or stolen record is roughly $148 USD. The more records you have, the more insurance you’ll need.

• Does your cyber insurance policy cover forensic costs?

  After a breach occurs, you’ll probably call in forensics experts who will go through your system and find out what happened. These forensic costs (depending on how complex the breach is) can end up being pretty high, so you need to ensure that your cyber insurance policy will cover these costs. 

• Does your cybersecurity insurance policy cover business interruptions and data restorations?

  If you were to be the victim of a breach, how much data would you need to restore? Further, how much will it cost you if your network goes down for several days? Both of these events can wind up costing your organization a significant amount of money, so make sure that the cyber insurance policy you’re purchasing will offer to cover business interruptions and data restorations costs.

• Are your personal assets safe?

  If you’re an executive, director, or officer of your law firm, you may have pledged personal assets at some point. Unfortunately, the aftermath of a breach can sometimes lead to targeting the executives of the company personally. Make sure your cyber insurance policy protects any personal assets pledged.

Cyber Insurance is Just Half the Equation…

Though a vital necessity, cyber insurance isn’t the only way to keep your law firm protected against threat actors who are just itching to get their hands on your sensitive data. Making sure that you’ve got the right cybersecurity insurance is just half the equation – you should also focus on building a strong corporate culture that includes leading security practices, too. 

To build this secure corporate culture, consider several important questions:

• Where is your corporate data being stored? 
• Do you know who has access to your data? Furthermore, can you guarantee that it’s only your lawyers and clerks who are accessing it?
• Are you confident that any corporate data being accessed or stored from your lawyers’ devices is secure?
• Are you running annual security checks on your IT environment to flag any potential risks?
• Do your employees know what to do in the event of a security breach?
• Does your firm have a clear plan on how to monitor and respond to cybersecurity threats?

The number of people working remotely is on the rise. According to Owl Labs’ Remote Work Statistics report, 2019, 18% of employees now work remotely, 100 per cent of the time—and this trend is set to increase over the coming years. As the way we work become more flexible, the interview process may need be tweaked to ensure businesses can find the right people, people who will work well when working remotely.

Asking the right interview questions

Focusing on goals, experiences, problem solving abilities, and communications skills, the right questions could lead to very telling answers from the candidate. Here are some suggested interview questions to help you effectively assess a candidate who will be working remotely, 100% of the time:

1.  Do you have experience of working remotely? 

This is crucial, as there’s no guarantee that someone without experience will be suited to working this way. If they haven’t, what are their intentions? How does working remotely fit with their goals, and how are they suited to working this way?

2.  What do you like/think you’ll like about working remotely, and what led you to apply for a full-time remote working role?  

Not everyone is able to work remotely full-time. Remote workers can struggle to fit in with the culture of the workplace, suffer from loneliness and burnout, experience problems being consistently engaged with their work, and even come to feel shunned and left out. This question gives you an indication of how thoroughly they have thought through the prospect of working remotely, and how it will complement their working style.

3.  How do you intend to collaborate with colleagues when working remotely? Can you tell me about how you’ve done this in the past? 

Breakdowns in both communication and collaborative working can occur when individuals, or several team members, are away from the rest of the business. Their answer here will give you clues as to how much they value collaboration and the skills they have to do this effectively when working remotely.

4.  What has working remotely taught you about how you work most effectively?  

The candidate should be able to reflect on what they’ve learned from working remotely, and how it’s helped them to develop. They should be able to tell you, for example, which part of the day are they most productive, or how they have adapted certain skills to working away from others.

5.  Which online collaboration tools do you have experience of using?  

It’s important the candidate feels at home when using new technology. They should be able to use their skills and intuition to get themselves accustomed to any new platforms your business may be using, and use these to effectively, and regularly communicate with colleagues.

6.  Do you foresee any challenges with working remotely, and how do you plan to tackle these?  

Given the pros and cons of working remotely, they should be able to identify these, and prove that they can anticipate and solve foreseeable problems. For example, one challenge they foresee could be feeling disconnected to the business. In their answer, they should be able explain to you how they would proactively tackle this.

7.  Do you have sufficient office space at home?  

This one sound obvious, but it is absolutely crucial that the remote worker is able to work safely, comfortably and productively at home.

8.  Can you tell me an example of when you managed a project from start to finish?  

The trust that you place in your remote employees needs to be returned in the form of results. The ideal candidate should be a self-starter, someone who values results over process, and is able to demonstrate attention for detail and the ability to track their KPIs. This question enables you you to assess the candidate’s problem-solving and communication skills, responsiveness, and ability to take initiative.

9.  How do you focus and remain productive when working remotely, but still maintain a positive work-life balance?  

If the candidate can work effectively remotely, they should be able to explain how they stay focused, hit their targets and avoid overworking, providing you with practical, real-life examples.

10.  How do you deal with miscommunication or conflict, and can you give me an example of doing so?

How calmly and practically the candidate handles conflict could be key to their success in the future when working remotely. As miscommunication can be more common, without face-to-face engagement, they should be able to easily explain to you how they resolve such instances.

11.  How do you get to know new members of your remote team?  

How the candidate answers this question indicates how effectively they communicate, engage with others and learn how to work collaboratively, even from a distance. Their answer will also give you a clue as to how highly they value teamwork and the development of professional relationships.

12.  Is there anything you need from me (your boss) in order to work remotely? 

If the candidate is good to go, great. But if they do identify anything they need before getting started, it’s better to find out right now and get everything in place.

The questions above should help you to ascertain which candidates are suited to working remotely, and which possibly are not. Remote working certainly isn’t for everyone and for every organisation—which is why carefully interviewing candidates who have applied to work this way is so important. By approaching the interview in the right way, you’ll stand a good chance of identifying the right people to add to your remote workforce.

Accessibility is what people want and expect in today’s world. Moreover the appetite for doing work away from the office is voracious. Already in 2017, 94% of lawyers told the American Bar Association they were using a mobile device for work tasks at home. Meanwhile, nearly half (47%) were already creating documents using tablets away from the office.² To enable this, users need seamless secure document access from any location; they need the aforementioned consistent user experience and security; and they need device‐independent cloud computing, meaning that as long as they have a browser and an internet connection they can get on with their work wherever they want to (and IT Services are removed from the equation).

System scalability is last on the list but still important – and what you get with cloud based SaaS platforms. It makes even the most sophisticated DMSs a very cost effective option for even the smallest firms. It enables firms to grow (or shrink) their system very rapidly to meet business demands or, as required, to save costs.

Conclusion ‐ What Moneyball can Teach us

Moneyball suggests that stepping away from how it’s always been done can be a good move so long as you focus on the evidence and what it’s telling you. In the context of law firms in 2019, that might just be a useful strategy.

The firms which prosper in this new era will be those which understand the changing landscape, anticipate how things are evolving and act accordingly. This will include selecting a DMS which assumes collaboration is the new normal, and provides the accessibility, efficiency and ease of use which lawyers now both want and expect. Moreover, it will be a cloud‐based solution which in addition supplies all the cloud’s inherent advantages. These include unparalleled security and massively reduced IT costs since there’s no longer an infrastructure to support, nor licenses to buy, nor the professional services costs of infrastructure building, engineering, installation, servicing and regular upgrades to be born. In today’s dynamic landscape, reading the evidence and opting for a future‐proof, cloud‐based DMS really could be the best move.

For more information:
https://www.tikit.com/document-management-solutions-canadian-law-firms/ 

¹ The movie was based on: Moneyball: The Art of Winning an Unfair Game by Michael Lewis
² https://abovethelaw.com/2017/02/mobile‐lawyer‐trends‐and‐tips‐in‐2017/ 

In March of 2018, Global News predicted that half of Canadian jobs will be impacted by automation in less than 10 years. Are you prepared for this disruption as you contemplate future career plans?

No one wants to hear the words “It’s over” especially from their employer. For many people, the relationship they have with an employer will be the longest relationship they will have in their lives. According to Business Insider, the average worker will spend over 90,000 hours at work during their lifetime. Consequently, it can be a very large blow to the ego to hear that this relationship is no longer valued or wanted, often after many years of service. If you are going through career transition, it’s important to think carefully about the financial implications of decisions you will make at this crucial time in your life.

1) Consider retaining the services of a legal professional.

Don’t sign off too quickly on a termination agreement, no matter how tempting it may be in the moment. When an employee feels a termination was unexpected, there may be an initial shock period. This can be especially true in a downsizing situation when an employee may be tapped on the shoulder for no reason. Feelings of anger, guilt, and the surprise element may lead them to want to sign off on a termination and final settlement and release letter “just to get it over with”.  The key is to take the time to speak with someone who is familiar with their options to determine whether the settlement being offered is fair and legal based on Employment Standards Legislation. 

2) Consult with a financial planner to determine how your severance package will be paid and what options for allocating the payments are available to you. 

Is there a severance and will it be paid out in one lump sum? Will some of the severance be paid now and the remaining paid after a period of time, say 6 months? Will some of the severance be contingent on not finding another job? Will it be a working notice termination? Will the severance package delay eligibility for employment insurance? All these scenarios will require different contingency planning strategies for a person facing sudden unemployment or transition.

3) Investigate classifying your severance as a “Retiring Allowance”. This option can help you to reduce taxes paid on the settlement. 

If you have worked for your employer for many years and are currently being downsized, you may be eligible to “roll over” funds from the settlement into an RRSP without reducing your current RRSP contribution room.  A retiring allowance can be a useful tool for an employee with long service to defer taxes on their settlement while maintaining their own RRSP contribution room for other tax planning opportunities.

4) Now is the time for you to take stock of your insurance needs and confirm when your life and health plans will expire. 

What is your family situation and current state of health? What type of coverage is currently available to you at work? Have you taken advantage of medical benefits available while they last? For example, now may be a good time to book that last dental checkup (for yourself and your family) to ensure problems are identified and addressed while there is still coverage in place. You may also want to investigate the costs of converting your existing health and life plans to individual plans, especially if there is no other coverage in place, and you are in poor health. Life insurance plans offered at work can be converted to an individual plan without a medical test if this is done within a certain time period after your termination. An often-overlooked benefit, especially for clients who are the main breadwinner, is disability coverage. If the main breadwinner becomes disabled while they are out of work, it could be financially disastrous for the family. 

5) Determine what will need to be done with your group retirement or pension plan. Carefully weigh your options. Seek out advice that offers best and worst-case comparisons for each option. 

The options available range from 1) leaving the retirement funds with their current employer, 2) transferring the funds to a new employer, 3) transferring the funds to a locked-in retirement account managed by the client, or 4) transferring the funds to an annuity plan with an insurance company.

6) If you never looked at your spending habits before, now is the time to ‘know your numbers’. 

For example, do you have a budget? How much debt are you in? What is your credit score? Can you access low interest financing for current debts such as a consolidation loan or a home equity line of credit? How long could you live on your severance based on current lifestyle needs? What expenses can be reduced at this time? What major purchases can be delayed? This is an important time for you to understand your financial circumstances and devise a plan to take control of discretionary spending and interest costs as much as possible. 

7) We are in a period of rapid change. To fully prepare for any future job insecurity, you must be willing to take personal responsibility for your own career development like never before.

Get involved in your industry’s professional associations, whether your employer pays for it or not. Commit to life-long learning in your profession and to thinking like a consultant even when working in a full-time position. Ask yourself, are you demonstrating to your employer the value you offer on regular basis?  Maintaining a social media profile such as LinkedIn is an essential tool for you to promote yourself and make contacts for your next career move, even after securing employment. 

In this day and age there is no way to predict when the next ‘tap on the shoulder’ will come. The best way to build your financial fortress is to embrace uncertainty by planning ahead and managing what you can control.

In this day and age, it seems as though IT security attacks have become commonplace. Every day, we seem to hear that yet another company has been hacked and its data stolen and used to exploit the organization and its clients.

This has spawned an entirely new outlook on IT infrastructure: everything from more robust monitoring and new policies and compliance procedures, to new education within companies to ensure people are not taken advantage of through simple human behavior. Yet, far too many organizations—for whatever reason—still ignore their IP phone systems.

It’s no surprise that we live in a digital age with smartphones, apps, the cloud, and more, having brought us all squarely into the world of digital transformation. But the complacency of the past has also become an issue that plagues many organizations: the idea that phone systems are a separate entity that nefarious hackers shy away from. However, nothing could be further from the truth.

For instance, to this day, many don’t realize that the majority of major phone companies switched from traditional to IP systems years ago, meaning that every conversation you have shared with colleagues, clients, and loved ones is, in fact, a digital communication—packets of information that are transferred over a network no different from email, files, or anything else. The end result is that these conversations can be intercepted and stolen the same as any other type of data.

So, what does this mean for security? Think of the conversations you have at work dealing with everything from contractual details to criminal proceedings, from tax fraud to proprietary information about the inner workings of the company, and more. Now, what would happen if those conversations were “stolen” and shared with the world? Could your clients or shareholders be placed in awkward situations? Could one bad conversation or disparaging comment topple your reputation in the eyes of the world? In almost every case, the outcome wouldn’t be pleasant.

The unfortunate thing is that far too many companies that sell so-called business phone systems have little to no knowledge about security, or have few security protocols in place. In many cases, users of their services are being exposed to the world through an unprotected and basic VoIP technology that can be infiltrated with ease.

It’s this paradigm that unwittingly exposes far too many people to potential security threats, a situation brought about by the apathy of telecom companies and their denial that something bad could ever happen. And though people may avoid a breach through simple luck, the Internet of Things (IoT) will open up more opportunities for the criminal world of hackers. Staying safe thanks to a luck of the draw is soon coming to an end. And VoIP will become another target, with distressing outcomes.

So, what are you do to? Don’t fall for the typical VoIP pitch. Just because a company promises phone functionality and can ship you phones that can be plugged in with ease doesn’t keep you safe. Ask the tough questions: Is your phone company operating its service on a private network? Is that private network secured with the latest in IT security technology? Is the service being monitored 24/7 for threats? And what is being done to thwart those threats?

In the end, your phone system is as vulnerable as any other IT infrastructure. It needs to be secured and monitored and to follow the right policies and compliance procedures as everything else. Don’t leave yourself exposed—no one needs or deserves to suffer from a cyberattack and its destructive aftermath.