Peer to Peer: ILTA's Quarterly Magazine
Issue link: https://epubs.iltanet.org/i/1508143
14 P E E R T O P E E R : I L T A ' S Q U A R T E R L Y M A G A Z I N E | F A L L 2 0 2 3 are typically seven layers of cybersecurity that provide comprehensive protection: Critical asset security – This is the data that's essential to protect because it's part of your organization's mission and primary operations. These include case files and all the information you store for your clients. Data security – Security controls are necessary to protect the transfer and storage of your organization's data. These must also include putting backup security measures in place to safeguard your data in the event of any loss. To make sure this data is secure, you must also use encryption and data archiving. Of course, there are specific security requirements to meet to maintain compliance regulations in the practice of law. Endpoint security – As mentioned above, this includes protection for all desktops, laptops and mobile devices. Depending on your needs and whether you're working in the cloud, you need endpoint security for your networks and for applications you use in the cloud. Application security – These security features control access to an application and the access to your other information assets via that application, including the app's internal security. In most cases, applications are designed with security measures that protect the app when it's in use. Network security – This involves security controls to protect your organization's network, with the goal of preventing unauthorized access to the network. It's important to regularly update all the systems on your network with any necessary security patches, including encryption. And if you have any unused interfaces, be sure to disable them to protect against threats. Perimeter security – Here's the security layer that protects the physical and digital business, including things like firewalls that help to guard against external threats. Last but not least, the human layer – This layer refers to processes such as implementing two-factor authentication, systematic and required password changes among users and other prescribed actions that incorporate management and permission controls. It's very common to read about a single user unwittingly causing a major hack or falling for an email or SMS phishing scam, which is why the human layer is F E A T U R E S "It's very common to read about a single user unwittingly causing a major hack." 1 2 3 4 5 6 7