Managing IT Security Risks in your Law Firm
Clients expect their law ﬁrms to act as a vault for valuable, conﬁdential and sensitive information. So it’s no surprise that lawyers take extra care when it comes to managing the security of their IT systems.
THE FIRST step to managing your IT security risk is to understand some threats your business can be exposed to. At Innessco, we have three categories of threats: Random, Accidental and Deliberate.
– Your documents are encrypted and you are required to pay a ransom to decrypt them (Cryptolocker-style virus)
– A virus infects your IT system and generates so much activity that normal computer use is not possible (Denial of Service)
– Staff‑ member loses mobile phone or laptop with email and/or business documents stored on it
– Staff‑ member accidentally deletes files from a file server
– Staff‑ member takes corporate documents for private use (or distributes to unauthorised parties)
– External party targets your organisation for sensitive information
Three Basic Steps for improving your IT security straight away
Before you start looking at sophisticated systems and expensive solutions, make sure you have covered off‑ the basics for IT security.
- Apply Windows Updates Monthly – to your servers and workstations. Run a management report to verify successful application. Did you know that when Microsoft releases Windows Updates it actually publishes details of the security vulnerability? This increases the risk of deliberate threats to your firm.
- Implement a Virus Scanner that has a central management console. Again, run a management report to verify that the virus definitions have been successfully applied.
- Treat passwords seriously. A slip in your system allows easy unauthorised access, so make sure you:
a. Don’t have the same password for all users.
b. Don’t reveal your personal password to anyone
(use application security settings to share access, e.g. mailbox delegation).
c. Configure your system to require passwords with capital letters, numbers and special characters.
d. Configure your system to disable an account after five password failures.
Once you have these first principles in place, you can begin to consider more sophisticated solutions. The next step I recommend is to make sure you have a secure document management system that enables document level security, versioning and auditing.
Your Hosted Desktop in the Cloud is
- Accessible securely from any internet connected PC
- Able to run your current business applications
- Running on enterprise class high, performance servers in a Tier 1 datacentre
- Secured using Cisco and TrendMicro technologies
- Designed to provide a consistent experience for all of your team
A standard package includes
- Microsoft Office – Outlook, Word, Excel, PowerPoint
- Exchange Mailbox
- Nightly Backups
- Daily system monitoring
- Monthly Windows Patching
Contact Innessco to learn more
Click here to learn more…
Hosted Exchange “Archive Special”
Provides AntiSpam, Mobile Sync and Web Access as standard. Innessco Hosted Email extends standard email to provide:
- Signature Management
- Email Archive
- Shared Contacts
- Microsoft Enterprise Feature Set
Contact Stewart and mention, “PROMO CODE 23” to receive “Archiving” free for 1 year.