Peer to Peer: ILTA's Quarterly Magazine
Issue link: https://epubs.iltanet.org/i/1508143
13 I L T A N E T . O R G service providers to make sure they provide adequate protection of client data stored in the cloud in ways that meet lawyers' ethical obligations. Again, data and client security is absolutely critical for the practice of law. Security needed for every type of device, including smart phones Remote working has created a massive increase in mobile device use, and switching between laptops, tablets and smartphones is common due to convenience and case deadlines. Now that so many organizations are undergoing digital transformation, cybercriminals are always looking for ways to target and cause harm to individual users as well as entire organizations. As Gartner pointed out in an April 2022 article, the top trend in cybersecurity now is the expansion of what is called the "attack surface" – the constantly expanding digital footprint of today's organizations. This naturally includes the use of cloud computing, which has become essential to today's distributed organizations. Cloud computing offers scalability, efficiency and cost – but cloud services have become a prime target for attacks. Misconfigured cloud settings are often behind the data breaches you've likely heard about in the news. These misconfigurations, due to speedy implementation or simply lack of expertise, can leave you open to unauthorized access, interfaces that aren't secure and account hijacking, all of which can result in major case disruption, downtime, potential regulatory fines and loss of clients. With the average cost of a data breach now at a record high of $4.35M, your organization needs to keep security top of mind. Cloud migration doesn't have to be confusing but understanding your unique business needs and challenges will be important to fully assess before choosing the right cloud solution. And if your organization doesn't have a full and highly experienced IT staff, it makes sense to use the services of an outside expert. Unless you've implemented a comprehensive and layered approach to your organization's digital security, you can't be sure your department or firm won't be hacked or have your data held for ransom – either of which causes work disruption, downtime, extensive costs and loss of reputation among your clients. The seven essential security stack requirements While there's no way to be 100 percent protected in today's cyber environment, implementing critical elements of what is referred to as a security stack – the essential layers of security technology to protect your organization as much as humanly possible – goes a long way to providing some peace of mind as you go about the practice of law. In addition to making sure you add security patches to your software programs whenever they're needed, there "Misconfigured cloud settings are often behind the data breaches you've likely heard about in the news."