Security With Zero Effort

Security With Zero Effort

Do you know that October is cybersecurity awareness month? More importantly, do you know what you need to do in order to keep your data secure? Or, are you aware of what you need to do…except sometimes tasks (like regular back-ups) fall through the cracks?

Maybe your IT person or department is responsible for security, but you’re not really sure what that entails – which could mean that you’re not really sure if the efforts your law firm makes toward securing its data are effective.

It makes sense that managing partners of law firms would want to concentrate on the business of law rather than spend precious time attempting to grasp the intricacies of cybersecurity. But, managing partners also understand how important it is to secure their firms’ data.

So, how does a savvy law firm strike a balance: not wasting time (and money) on something better left to experts, but ensuring that its data is completely secure?

There is a way for law firms to benefit from military-grade cybersecurity without the hassles that accompany elite in-house security. No personnel management. No constant upgrades, patches, or maintenance. No unexpected expenses, such as the sky-high cost of replacing a server. No downtime. No cumbersome back-ups. Just peace of mind.

When a law firm opts to work with a cloud environment, such as Legal Workspace, security stops being an issue that anyone in the firm needs to consider.

No more worries, just security

Law firms can be lucrative targets because they store privileged information that hackers can use in unintended ways. If your law firm’s cybersecurity isn’t up to snuff, it could mean that you are at risk. Having holes in your cybersecurity could be considered the equivalent of leaving privileged information out in the open for anyone to take and use.

And, if a law firm’s technology isn’t up-to-date and fully operational, that means a different sort of problem. What would happen if your server failed? How much time – and how much data – would you lose?

When you work within a cloud environment specially designed for law firms, you don’t have to worry about any of those issues any longer. With geographically redundant data centers, such as those used by Legal Workspace, your data is safer in the cloud than it could ever be in an on-site server. Access to those data center servers is limited, and staff is always on-hand to monitor for and prevent problems – and to react should anything unexpected occur.

Advanced data encryption, firewalls with a sophisticated detection system, and automatic back-ups secure your data so well that passing compliance standards, such as HIPAA and PCI, is just a regular part of what Legal Workspace does.

What to do instead

If you make the switch to the cloud and your security worries disappear, your attorneys and employees can spend more time on revenue-generating activities. And, if you have an IT person on staff, he or she doesn’t need to spend the day running from place to place, troubleshooting and patching up problems. Instead, that person can concentrate on strategy: discovering and implementing new technology that will save your law firm time and money.

As for law firm management? Well, you can just sleep better at night, knowing that your data is secure, and your clients are happy.

 

 

 

 

 

 

 

 

Server or Cloud? A law firm deliberates

We get many calls every week from law firms that are debating between the cloud and maintaining local IT resources. Yesterday, we received a call that a law firm is losing productivity because of unexpected server downtime. Concerns about data loss overwhelm the managing partners. What if the server fails?

The law firm is being proactive and looking into solutions. One option is working with their IT vendor, which wants to upgrade their server hardware. But the estimate for that project is prohibitive: $15,000 for server hardware and 40 hours of work at $175 ($7,000). On top of that, they can expect the usual costs for network upkeep that come from quarterly updates, 6 hours of work every quarter ($4,200 annually), and monthly maintenance, four hours of work each month ($8,400 annually).

The managing partners wonder: What if there’s another way to protect our data and reliably keep our firm up and running? Is there a more sustainable option to stabilize costs and eliminate downtime?

There is.

It’s the cloud.

An instant productivity boost

The law firm has an IT administrator on staff who deals with server downtime and other day-to-day tech issues. From his arrival to his departure at the office, he spends every day running around troubleshooting. What would his day look like without the hassle of damage control? He could spend his time evaluating new technology, customizing legal applications, and training new employees — all in the service of maximizing billable hours.

Other, smaller firms have a slightly different IT problem: Attorneys and staff members have to figure out what to do when technology fails. Imagine that problem disappearing. They could get back to focusing on revenue-generating activities.

Were the law firm to migrate to a cloud environment, such as Legal Workspace, the IT administrator, attorneys, and staff members could reclaim their time. Legal Workspace’s data centers have a history of more than 14 years of 100% continuous uptime.

Wasted time eliminated.

More than convenience: Safety

That concern the managing partners have about data loss if the server fails? It’s a real problem that could occur whenever you use an onsite server. Cloud solutions such as Legal Workspace have geographically redundant data centers that render data safer in the cloud than it could ever be on an onsite server. Here’s a video that illustrates the difference between server and cloud security. Legal Workspace has advanced security measures in place, such as:

• Limited physical access to servers
• Staff that’s available to react if a problem occurs
• Firewalls with sophisticated detection system
• Advanced data encryption

Using a solution like Legal Workspace also allows law firms to provide the tightest security available to their clients. For example, a firm that works with healthcare providers will need to be HIPAA compliant. Legal Workspace has a HIPAA-compliant version of its cloud environment and will even sign a business associate agreement. Other special security mandates from financial institutions and government contractors are easy for a solution such as Legal Workspace to meet and exceed.

Security concerns eliminated.

What choice would you make?

What choice do you think the law firm made? Did they plunk down $21,000+ and upgrade their onsite server, or did they jump at the chance to advance both productivity and security by switching to a cloud environment? Did they decide to eliminate downtime and stabilize costs?

The choice seems pretty clear.

Everything You Need to Know About Cryptolocker & Ransomware

Cryptolocker Strikes

Buzzzzzzzz-That’s the sound of your alarm clock going off at 5AM, you have a big day ahead of you. You grab your phone, which moonlights as your alarm clock (among other things), and silence the alarm. With your phone in hand, you glance at your email — low and behold, there is the email from your client you’ve been waiting for! Quickly, your feet hit the floor, you move swiftly to your Keurig machine and brew up your morning cup while simultaneously powering on your laptop… Multitasking before 6am was not your plan, but you are very anxious to get logged in so you can open the attachment your client sent you.

Java in hand, shaking the sleep out of your eyes, you open your email, double click on that attachment you received, and you wait for it to open…. wait, why isn’t it opening? You double click it again and still nothing. Hmm, maybe the third time is the charm… double click and nothing. Frustrated, you decide to check the news and browse the web while you wait for your file to open. You open your browser and POW! What’s that noise? All of the sudden your computer is screaming at you and there is a message on your screen you have never seen before. Your computer is telling you it’s been infected with a virus meaning all of your files are locked and encrypted. To regain access to your files you need to call a strange international number and provide them with 5000 bitcoins (not dollars, yen, or pesos, but bitcoins– Bitcoins. What’s a bitcoin? Where do I get them?). Why is this happening to me? What on earth is going on?

What Is CryptoLocker and Ransomware?

You’ve just fallen victim to one of the most emerging cyber attacks on the planet. The email you thought was from your client was really a “spoofed” email address from a fraudster looking to make a quick buck off the innocent and unsuspecting professional. In technical terms, it’s called ransomware. The good news is, the story painted above did not actually happen to you, but it could.

Once considered a consumer problem, ransomware has morphed to target entire networks of computers at law firms and other businesses. These entities have more to lose than the average consumer making them prime targets for cyber crimes. According to the U.S. Department of Justice, ransomware attacks have QUADRUPLED this year compared to just one year ago, averaging about 4,000 a day. Typical ransomware payments range from $500 to $1,000, according to cyber-risk data firm Cyence Inc., but some hackers have demanded as much as $30,000. Every infection is unique and equally as painful to recover from.

How do you Prevent Cryptolocker and other Ransomware Attacks?

Now, you have to be wondering what you can do to prevent this happening to you and your entire practice….. The last thing you want to do is tell your largest client that all their matter files are corrupted, infected, and useless. The best thing you can do to prevent cyber attacks from happening to you is to invest in your technology, know what you’re up against, and train your employees. We recommend starting with the basics:

Anti-Virus Software- You have a myriad of choices when it comes to Anti-Virus software. Companies such as McAfee, Trend, and Symantec offer suitable small business products. These can help catch the majority of these infections before they begin.

Look before you click- When you receive an email with an attachment, look at the sender’s address to make sure it’s coming from their actual email address. Some spoofing attacks will use an email address that’s very similar to a legit one – chris@gmaiil.com instead of chris@gmail.com. It’s easy to overlook the extra letter in the domain name. If you question the email’s validity, check with the sender to ensure they sent it. If it came from someone you don’t know, or looks phishy (pun intended), delete the email immediately.

Augment your IT infrastructure to an IT Company- Spend your valuable time practicing law not figuring out IT. Companies, like Legal Workspace, spend the time, money, and effort to implement enterprise-level protection against online attacks. You’re in business to practice law, not understand and implement corporate IT solutions. Leave that to the experts.

I’m sure you’re glad this situation did not happen to you, and so are we. The cyber world is moving at a vigorous pace that can be hard to keep up with. Employ legal technology professionals to keep up with emerging threats and cover your bases for you. Practice law, not technology — leave your cybersecurity worries to us.

10 Technology Mistakes Lawyers Make Every Day

An email arrives from an address you don’t recognize with an attachment that is marked “important.” Since it may be something urgent from a current or prospective client, you decide to open it. However, with a quick click, you could inadvertently download a virus that could hijack every file on your firm’s server.

Security is just one of the technology challenges that law firms face every day, and the threats are constantly evolving. Nearly 60% of the respondents to the International Legal Technology Association 2015 Legal Technology Purchasing Survey listed security management as their top IT challenge. That was followed by email management at 48%, information governance at 40% and risk management/compliance 33%. BYOD, cloud-related security risks and change management were all tied at 22%.

Additionally, Bloomberg reported last year that at least 80 of the largest U.S. firms by revenue have been hacked since 2011.

Lawyers need to understand how even simple errors can compromise their firms, their clients and even their livelihoods. By educating attorneys and staff alike, law firms can keep their data—and their reputations—intact and avoid the top-10 mistakes that occur at firms every day.

Clicking On Attachments From Unknown Senders

While attorneys strive to be responsive, being too quick to open every email can lead to serious consequences. This is the most common way law firms find themselves infected with viruses such as Cryptolocker. According to a report by the Wall Street Journal, more hackers will use malware to hold organizations’ data hostage in 2016 than in 2015—and there were more than 4 million samples of ransom-ware in the second quarter of 2015 alone.

Prior to opening an email, check the email address to find out if you recognize the sender and if it is his or her correct information. Also check the subject line and body to help identify any red flags such as typos, inconsistent information or requests for access to personal or financial data. Most importantly, be sure you have robust virus protection installed that can scan attachments and warn you before you hit open.

Storing Unencrypted Client Data On A Laptop Or Mobile Device

Laptops, tablets and phones are prime targets for thieves. They contain almost anything a thief needs to harm your practice–client files, financial information, passwords and personal data. Thieves can auction off the information, use it themselves or can simply sell the device–putting your firm at risk from other unauthorized individuals.

The portable nature of laptops and mobile devices means that they are often in areas that are at a high-risk of theft–cars, restaurants, hotel rooms or subways–when compared to office-bound PCs.

In short, laptops and mobile devices are easy targets. You should avoid storing information on these devices. Instead, opt to store information in the cloud, which offers an elevated level of security including two-factor authentication, intrusion detection systems and encryption. That way, if your laptop or mobile device is stolen, they may have the hardware but not the data.

Failing To Invest In High-Quality Internet

When a new DSL provider offers a cheaper rate for internet access, it may be tempting to sign up. Cheaper isn’t always better. That is especially true now that so much data is moving to the cloud. Good quality bandwidth, such as fiber through an internet provider, will always pay off when it comes to staff productivity by eliminating connectivity issues with apps, voice calls and more.

Investing In New Systems Without Considering Security

Clients expect you to provide stellar, seamless service. But they also demand that their data stays secure every step of the way. If your systems do not include top-notch security features, the odds are high that your firm will have to rip it out and start all over again.

This can be a challenge for most lawyers, as security standards and threats are constantly evolving. For example, imagine that you implement an online solution that uses an out-of-the-box firewall. When one of your clients conducts an audit and discovers how basic your security is, they may demand that you install a new software program with enhanced security that includes intrusion detection systems, full-disc encryption and two-factor authentication.

If they do not have a security expert on staff, law firms should consider partnering with a business or consultant that specializes in protecting electronic systems and information. These experts, who are dedicated to staying abreast of technology and its threats, can ensure the highest level of protection for your operations.

Listening To “Bob From Microsoft”

Lawyers are now well aware of cyber threats and are exploring proactive ways to protect themselves. Hackers are now taking advantage of that.

The con starts with this: Someone from a tech support company may call your direct line claiming to have noticed a virus on your computer. When he or she offers to do a screen connect to fix it, you accept their help. But allowing an unverified technologist to remote into your computer is a huge mistake.

No one is ever going to call you out of the blue to fix your computer, no matter how knowledgeable they sound. If you do not recognize the person or the company, you shouldn’t let them anywhere near your computer.

Falling Prey To Proprietary Data Storage

There are hundreds of legal software applications to help you manage your firm. Sometimes trouble arises when law firms outgrow their current software and need to upgrade to an entirely new system. Different software applications format data differently (and oftentimes they have a proprietary format for doing this), which makes extracting or transferring that data out or to another program difficult.

Skimping On Training

At a time when technology plays such a large role in the success of law firms, cutting back on training to save a few dollars can cause extensive harm. Chances are that if a lawyer or a staff member doesn’t understand how programs or apps work, they will either resist using it or won’t be able to take full advantage of all of its features.

It’s like giving someone who has never driven the keys to a race car.

Take the time to fully acquaint all lawyers and staff with new solutions. Have trainers or providers explain how the solutions work, what they offer and how to leverage them in day-to-day tasks.

Handling Your Own Tech Challenges

While some attorneys shy away from technology, others embrace it. You may think you can hire one-off vendors to manage your technology infrastructure and services, but that is usually a short-sighted approach. In the long term, you will probably lose time and money and heighten your security risks. Just think of the lost billable hours, headaches and frustration that happen when you have to call your managed support provider (MSP), explain your tech troubles, and manage their timeline and budget. Choosing the right IT provider that specializes in law firms, cyber security and legal software can make all the difference. When you hand off IT to the true experts, they can handle your technology issues easily and correctly the first time.

Choosing Solutions Based On Cost, Not Effectiveness

The cheapest solution is not always the one that pays off. Your firm needs to take the time to understand the features of new technology and how your attorneys and staff will use it. Only then can you thoroughly weigh the pros and cons of each new tool. For example, many firms use non-legal-specific software for bookkeeping. It may be cheap, but a good billing and accounting software program designed for law firms is a better choice since it can accommodate specific issues firms face when tracking timekeepers’ hours.

Not Taking A Holistic Approach To Technology

When selecting different technology tools and systems, you must consider the needs of everyone, including attorneys, staff and clients. Only then can you select tools that will help meet everyone’s goals. That means you, or any other individual attorney, may not be the best person to make decisions on new software purchases.

You should work with experts who are familiar with many different types of software and know how to line up a firm’s needs and goals. Experts can bring a completely different, and more encompassing, point of view to the technology selection process as well as a keen eye for helpful and powerful integrations.

In today’s world, it’s impossible to avoid incorporating technology throughout the practice. Clients won’t accept that approach, and younger attorneys wouldn’t want to. By avoiding a few common mistakes, you can make technology work to your advantage, not let it hamper or harm your practice.