Peer to Peer Magazine

Summer 2017

The quarterly publication of the International Legal Technology Association

Issue link: https://epubs.iltanet.org/i/854572

Contents of this Issue

Navigation

Page 4 of 69

6 PEER TO PEER: THE QUARTERLY MAGAZINE OF ILTA | SUMMER 2017 BEST PRACTICES Preparing for the Future of Law Firm Security Preparing for the Future of Law Firm Security By fear or by force, law firms are being dragged into the realities of craing and managing a secure technology environment. What does the future have in store? More firms than ever will be held to the same exacting standards as bigger firms. Firms will need to comply with client-required technologies and associated remediation. Lawyers will no longer be able to resist security measures perceived to cause an inconvenience. While businesses in other industries are adopting innovative approaches to cybersecurity, most law firms lag behind in implementing modern information security solutions. Through associations like the International Legal Technology Association (ILTA) and the Association of Legal Administrators (ALA), leaders can look to the experiences of other firms and businesses when searching for appropriate technologies for their firms. Reviewing and addressing each of these areas within your technology environment will lay the groundwork to secure the firm and prepare you for the future. Advanced Firewalls Firewalls are in place to protect unwanted ports from being accessed over the internet and to log network connections traversing security boundaries. Logging should include source Internet Protocol (IP) address, destination IP address, destination port, protocol type (e.g., Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and Internet Control Message Protocol (ICMP)) and date and time of the aempt. Geographic considerations should limit traffic from specific locations. An example would be allowing Remote Desktop Protocol (RDP) or virtual private network (VPN) traffic to originate only from within the United States of America. Advanced firewalls support utilizing sensors and appropriate current signatures, identified as intrusion prevention sensors (IPSs) or intrusion detection systems (IDSs). IPS/IDS alerts typically contain the following aributes: unique identifier, date, time, priority level identifier, event description, notification sent to security team and event status. Client audits are an increasing concern to key stakeholders. Compliance issues continue to grow. Internal fears and reputational repercussions from breaches, ransomware file encryption, and related business interruptions are real. Client security audits are becoming more detailed, and requirements are expanding. Internal IT teams and external vendors are evaluating their information security postures. by Michael Kemps

Articles in this issue

Archives of this issue

view archives of Peer to Peer Magazine - Summer 2017