Call Us Today For A Free Quote | 866.940.1101
Professionals Insuring Professionals
 

Data SecurityLaw firms are starting to see clients auditing their security practices, controls and technology.   Many clients that are concerned about data security audit their law firm’s information technology services and infrastructure. Some firms struggle to comply with client expectations.  Client audits vary from a couple of pages to detailed service contracts.   Clients are starting to realize that their weakest security link just may be their law firm.

Here are the 6 items that Law Firms need to be concerned with:

1.       Two Factor Authentication

As law firms utilize mobile devices and remote access with increasing frequency, Two Factor Authentication (2FA) has become mandatory. Some clients require mandatory controls to ensure that two factors of authentication are employed. With two factors of authentication in place and all Active Directory accounts are restricted; the law firm immediately experiences a dramatic increase in security.

 

2.       Encryption

Common practice with on-premises servers is to default operating systems and file systems not to encrypt data. While best practices have recently employed the same in transit data encryption using Secure Socket Layer (SSL for encrypting data at rest.

 

3.       Data Loss Prevention

Data Loss Prevention (DLP) controls eliminate risk associated with data being accidentally or deliberately disclosed, typically via email or removal media. With cell phones and USB thumb drives common systems must be employed to deliberately monitor outbound email activity and to lock down user access to USB ports/keys, remote or external hard disks and other removable media.

 

4.       Vulnerability Scans

 

Technology environments are constantly changing. Processes associated with adding and removing hardware, applications require law firm networks to constantly adapt. New opportunities for security vulnerabilities continually arise. Ongoing, recurring vulnerability scans and even ethical hacks employed by third-party specialists to discover open ports, applications and potential threats before they become a problem are critical.

 

5.       Backup & Disaster Recovery

 

Backup and disaster recovery processes are required to protect law firms from data loss. Without them, a natural or manmade disaster could cause a law firm to lose client information. Cloud data storage helps prevent the loss of data that could result from relying upon on-premises backups. It can speed recovery from security breaches by allowing instant remote access to replicated applications and data.

 

6.       Security Awareness Training

 

With humans as your weakest link, key security procedures may be forgotten and bypassed, or change controls misunderstood. This has the potential to lead to a security breach. Law firm staff should be trained about the firm’s security practices and expectations in protecting firm and client data from unauthorized disclosure.

Clients that for example deal with medical information demand that law firms employ appropriate security practices to protect their HIPPA data, confidentiality and relationship.  Without the appropriate controls these clients will just move on to another law firm that provides the data security they require.

Share |


No Comments


Post a Comment
Name
Required
E-Mail
Required (Not Displayed)
Comment
Required


All comments are moderated and stripped of HTML.
Submission Validation
Required
CAPTCHA
Change the CAPTCHA codeSpeak the CAPTCHA code
 
Enter the Validation Code from above.
NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive


View Mobile Version
Quick Contact
Referrals
We love referrals! And thank you even more for your continued business.
Customer Service
Self policy service any time of the day, directly from our website.
Join Our Newsletter
Stay in touch with the latest events, news and offers we have.
From Our Blog From Our Customers
Read More Read More
Stay In Touch With Us Helpful Site Links Read the News
Sign up now to receive new and updates Stay up-to-date with the latest industry, community and agency news through our newscenter. We also provide handy hints on how to save on your insurance.

Read More
We have the expertise to find you the right coverage at the right price 
Powered by Insurance Website Builder