Legal Field IT Specialists CEO, Robert Finley, answering some questions from firms regarding defense in layers:
I've heard about 'Defense In Layers'. What does this mean? and how should it work for law firms?
A great way to protect your organization, client’s information, and yourself, is by understanding the need to defend your firm in layers. Simply having a firewall is not adequate. Installing endpoint protection on your laptops and desktops is just the start. Encrypting all hard drives, backups, and web-based services is not enough. In today's climate of catastrophic security breaches, you need defense in layers.
Here are four actions you can take today to improve your firm's cybersecurity stance.
Layer 1: Test Your Backups - It's the restoration that matters!
It is not enough only to have a backup. The backup must be encrypted. The backup must be continually tested and retested for its ability to fully restore your critical systems in a timely manner. Ask yourself, "Does my backup get me up and running quickly enough? Is the time to fully recover a server or workstation as fast as I need it to be? How long am I willing to be out of business?" If it takes you a day or more to rebuild your servers should an attack take place, then, in my opinion, it is not an adequate backup. Services needed to run your firm should be fully operational in minutes, not hours or days. All these processes can be and should be fully automated, including the testing.
Layer 2: Continually Audit Your Devices
Whenever we take on a new client, we always have an initial fact-finding discussion. Many times, clients will realize they are facing weaknesses which may not have been taken into consideration before. Now, we are there to advise you on steps you can take to protect your network and your clients. Again, that all comes out of the initial discovery meeting. After that, the next thing we do is a scan of your network and devices. This audit will look for vulnerabilities which may exist, and configuration vulnerabilities which are present. Then, the next step is to create a remediation plan. We will come up with a plan together to fix and repair any gaps in your security system. We will also rerun the audit to gain confirmation that our remediation has indeed fixed what we said we were going to fix, and that everything is working correctly and securely.
Layer 3: Ongoing Data Monitoring
Another essential step to include in a security system is daily data leak monitoring to limit access to PII. For instance, if somebody has attacked your system, has begun accessing your files, and has also covered up their footprints, then you may not know it until a client, or news reporter, finds a text file with client information on some out-of-date server. In 2007, this very incident occurred at an local law firm.
The largest source of threats may come from your own staff. For example, an employee may illegally access a client's record because they know that person. Routinely check your computer and server logs for all log-in attempts and views of client data. There are various services available that do just that. Lastly, you can monitor for PII & PHI on the dark web. While continually looking for any of your client's data on the dark web may not be why you went to law school, it is an effective safeguard for your firm. Any reputable law firm focused IT provider should be able to offer you this service. Just remember: a client's personal information is immutable: they can't just cancel it like they can with a credit card. Once it is out there, it is forever a risk.
Layer 4: Regular Staff and Provider IT Security Training
Finally, a key component of your plan which often goes overlooked is IT security training. Every one of your employees, staff, and providers should undergo, at the minimum, annual cybersecurity training. Options range from in-person sessions at your offices to online videos and testing. Every person worthy of your training dollars should be tested. There are tests which each person takes online with immediate scoring and suggested study. Several services are available which test your staff through fake phishing emails to see who opens a questionable attachment or clicks on a suspect link. The results are then shared with you and your IT provider to develop a plan for correction. Constant training is critical to the success of your IT plan.
If you feel that your firm could use assistance with developing defense in layers call us today. Legal Field IT Specialists provides tailored IT support services to law firms of all sizes to protect your firm from the dangers of online threats as well as working with you to ensure that your staff is highly productive & efficient which, in turn, helps to increase your firm's profitability as a whole.
Phone: (678) 926-9192
Web: www.LFITS.com