Lock up your data. Cyber security – ensuring no one can access your data, but you.
When it comes to cyber security, it’s not if an attack happens, it’s when. Law firms hold significant amounts of confidential information across thousands of documents and more and more this data is held in the Cloud. The ‘promise to protect’ remains crucial in maintaining client trust and reputation so when adopting Cloud technology, a founding tenet to your cyber security must be that no one can access your data, but you.
Every business and firm is different and you need to work with your technology vendors and partners to create security posture based upon on your specific business needs. At NetDocuments we believe the key to this is addressing what we call the security trinity; physical, application and customer managed security. With this approach we help our clients be prepared, should the worst happen – and we’ve been preparing for the worst for a very long time.
Certification and Physical Security
Alongside connectivity protection, like multi-level firewalls, service denial mechanisms. Is there appropriate significant physical security protection, things like armed guards and serious fencing? When it comes to Cloud you need to hold service providers, data centres and applications up against robust compliance criteria. When you see certifications like ISO 27001 and ISO 20018, it means that providers meet important information security standards and that regular audits take place giving reassurance that your data is protected – for the benefit of both your firm and your clients.
For applications security you’ll need the ability to decide on different access rights. Does the application include a security approach that guards against somebody accessing a device and the data held on it or within your business? An important consideration here is encryption and data organisation. For example, NetDocuments can help ensure that the way you encrypt and organise your data actually enhances data security. So if, somehow, somebody gets over the fences, through the multi-layered firewalls and grabs a handful of data, it’s meaningless.
Authentication is also very important and simply means making sure the people given access to data and systems are who they say they are. Sophisticated restrictions should be in place. Automated login and two-factor authentication may sound complex but are just ways of building control and protection into your system. The ability to know what users are doing with your firm’s data and documents is also crucial. An automated and rich audit trail means, for example, you will be able to see if somebody is moving too much content, and will automatically warn your system administrators.
Running applications that have the ability to detect changes and automate backups can also help minimise the impact of data corruption from ever more sophisticated cyber threats like ransomware or malware. Without the need for a lengthy process, your IT administrator can roll-back to a particular date and time. This means you can access the right data again and this one capability can save valuable time.
Another big worry. How is your firm protected? Let’s say your firm was the victim of a cyber security attack. Your systems, your environment, your network could well be off-line causing significant disruption to business activities. Ideally, even during the disaster recovery period, your lawyers and their support teams would be able to access the data and documents environment – and with the right application choices this is entirely possible. If you prepare for the worst and create a disaster recovery process, you’ll have the right safeguards in place should disaster strike.
At NetDocuments we’ve taken security very seriously in all these areas. Our cloud architecture and design isn’t static and we’re constantly looking to apply the next innovation and stay ahead in the cyber security landscape. As technology evolves, cyber threats become more sophisticated and more prevalent, so we incorporate the latest technologies and understanding into the NetDocuments platform and it’s our customers that inherit the benefit.
Guy Phillips, NetDocuments