Hackers' methods continue to evolve. That means your security must evolve.
To adequately protect your firm, you need:
Hackers' methods continue to evolve. That means your security must evolve.
To adequately protect your firm, you need:
Topics: Security, Training, Malware, Information Governance, Email Management, Network, Access Control, Mimecast, Dual Factor Authentication, whaling, cybersecurity, Passwords, Biometric Authentication, Two Factor Authentication, Ransomware, Hacking, Advanced Persistent Threats, phishing, Antivirus, Cybercrime, Enterprise Mobility Management, Mobile, Email Security, 2FA, Information Security, Penetration Testing, Vulnerability Testing, firewall
Posted by William Pate
August 23, 2016 1:20 PM
When you consider the best place(s) to store your data – in the cloud, on-premises in your office or some hybrid of the two – what questions do you ask?
Topics: Cloud, Data Backups, Cloud Storage, Disaster Recovery, Network, Access Control, cybersecurity, Cybercrime
Posted by William Pate
August 3, 2016 5:02 PM
We know during the lazy days people can become a bit lax in following security protocols. We wanted to share this infographic to help you and your firm stay vigilant and safe this summer.
Topics: Technology Consulting, IT Tips, Network, cybersecurity, Infographic, Cybercrime, Cybersecurity Infographic
Posted by William Pate
March 29, 2016 8:00 AM
As we wrap up this series of Law Firm Cybersecurity Tips, remember that we're always keeping an eye out and keeping you up-to-date on new threats to your law firm. For our final post in the series, we'll discuss a very dangerous threat to law firms.
A highly destructive — to information as well as physical security — threat is the Advanced Persistent Attack (APT).
These threats come in several different forms. They are stealthy and determined in their attempts to compromise data. They can be simple, such as a rogue administrator account hiding in an obscure organizational unit in your Active Directory (you are checking who has membership to domain administrative and enterprise administrators, right?), ranging to the better-known Trojan-horse attacks. Some of these viruses sit on your computer or server silently collecting your data for months.
The Stuxnet computer worm is a famous example. While this threat was originally intended to target Iran’s nuclear capabilities, hackers discovered the source code and re-engineered it to use against individuals and corporations.
Topics: Security, Malware, IT Tips, Network, SentinelOne, cybersecurity, Advanced Persistent Threats, Endpoint Protection, APTs
Posted by William Pate
March 15, 2016 3:23 PM
As the number and types of cyber-threats multiply, regularly updated security policies must be developed and additional training provided to ensure law firms' users are aware of such threats and how to avoid them. Unfortunately, there is usually a disagreement between users and IT staff about users knowledge and ability to recognize and circumvent an attack.
There is a distinct divide between what IT administrators feel about security and the impressions of a law firm’s general users. While most administrators feel users need more training to better recognize security-compromising events, i.e., email phishing attempts, many end users feel they are already able to spot when they are the victim of a sophisticated phishing attempt. It is important that the firm’s IT department and managing team are on the same page when it comes to information security and the amount of training required to support the firm’s directives and legal and ethical requirements.
Topics: Security, Malware, IT Tips, Network, whaling, cybersecurity, Ransomware, phishing
Posted by William Pate
March 8, 2016 4:01 PM
Wouldn't it be nice if security threats remained the same? We would only have to implement a single type of protection for each risk -- and that's that. No need for a deadbolt because the regular doorknob lock works. Car alarms were never invented because door locks worked fine. Cybercriminals couldn't shut down your network or ransom your files because you had anti-virus software installed.
Unfortunately, that is fantasyland. However, sometimes we treat our networks and endpoints as if they operate in that idealized world.
Topics: Security, Malware, IT Tips, Network, whaling, cybersecurity, Ransomware, phishing
UPDATE 1 MAR 2016: Our partners at Mimecast announced today at the RSA Conference that they are launching the first-ever threat protection against whaling. Learn more here.
Whaling Attack? No, it’s not the latest survivalist reality television show. It’s a potential hacking threat posing a real problem for today’s technologically driven law firms and companies. [Update 29 FEB 2016: Here are a few good, if sad, examples of whaling.]
As in reality, whales are bigger than phish. Phishing is usually conducted using shotgun-style emails sent to the masses looking for people to divulge sensitive information, like Social Security Numbers or other personally identifiable information (PII). A whaling attack, however, targets the C-suite, partners, upper management, celebrities and other individuals of high worth or influence.
Topics: Security, Malware, Technology Consulting, IT Tips, Disaster Recovery, Email Management, Network, SentinelOne, whaling, cybersecurity, phishing
Our partner Mimecast has shared their newest defenses against email threats – and what you need to do to ensure they are actively protecting your systems. Some of these steps may be somewhat complex to the non-Exchange Administrator. If you need help getting started, please contact us.
Topics: Security, Malware, Technology Consulting, IT Tips, Email Management, Network, Mimecast
Posted by William Pate
February 2, 2016 8:00 AM
Topics: Technology Consulting, Cloud, IT Tips, videoconferencing, Network
Posted by Eric Hoffmaster
January 19, 2016 8:00 AM
Networks – the fundamental backbone of all technology in business.
Historically, only large law firms have had the means and capacity to implement always available, highly redundant, robust networks. As the Internet becomes more prevalent in every facet of business – from online research tools to cloud computing – ensuring network infrastructure has the above capabilities is a necessity for all firms. Fortunately, technology has matured and costs have decreased, allowing small and midsize law firms access to this previously exclusive technology.
Selecting the right network equipment and design is a tremendous responsibility. Below are some tips to help law firms decide on the most appropriate network infrastructure.
Download the rest of this free article for help building a long-lasting, resilient network infrastructure for your law firm.
Topics: Security, Malware, Technology Consulting, Cloud, IT Tips, ECM, Disaster Recovery, DMS, Network
Posted by Tim Van Bourg
January 12, 2016 8:00 AM
Law firms need to know where their intellectual property is at all times. They also need the ability to track who has accessed what data from where and what they did to it. Most important, they need the ability to lockdown information that should never leave the firm’s physical or digital walls.
Topics: Security, Technology Consulting, IT Tips, ECM, Information Governance, Network
Controlling access to law firms’ physical and information assets is the cornerstone of information technology security (aka cybersecurity). The primary reason for implementing an access control program is to ensure the availability, integrity and confidentiality of the data on law firms’ systems.
Topics: Security, Technology Consulting, Cloud, IT Tips, ECM, Network
Comment on this post