Law firms and their IT departments spend a lot of time and money ensuring that all devices are updated with security patches and protected with antivirus software. However, many don’t adequately address the flood of personal devices that employees bring through their doors every day.
All it takes is one foreign device in your environment to wreak havoc on your production systems. Law firm staff is often required to connect a client’s laptop to the production LAN, risking the function of every device at the firm. There are some steps you can take to safeguard your production systems while still providing the convenience of Internet access to clients and staff.
- Set up a guest wireless system and connect it to the DMZ on your firewall. The DMZ on your firewall can provide Internet access for your guests without providing any access to your production systems. Many firewalls also provide protection profiles that can filter websites and provide protection from viruses.
- Create an ‘Acceptable Use Policy’ for computer use at your firm. There is little reason to allow anyone to access personal email or social media sites on your production systems as the potential exposure to viruses and malware is too great. If you want to allow employees to access personal email or social media sites at work, there is much less risk to the firm if this is done on devices connected to the DMZ.
- Provide a guest workstation with access to a printer. Law firm guests often ask to use a computer to check their email or print a document. If you have a spare workstation and printer, set up a local account and connect the workstation to the DMZ. A firewall rule can be created to allow access from the DMZ to a network printer if this is preferable to using a local printer. If this has not been configured in advance, guests are often given too much access to the production systems to save time and avoid embarrassment.
