Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Marketing the Law FirmFeaturesLaw Firm Marketing and Business DevelopmentTechnology Media and Telecom

COVID-19: Threats Abound: How to Protect Your Remote Workforce

By Tomas Suros
May 01, 2020

The COVID-19 pandemic has changed the conversation around remote work. Today the challenge is less about gaining flexibility and a competitive edge. Rather, the conversation has moved to social isolation, self-imposed and forced quarantines and sobering questions about business continuity. This is a real challenge in the face of a viral outbreak that is predicted to affect our communities on a level not seen in decades.

If there's an upside to this unsettling period, it's that the same cloud that irrevocably changed the way companies do business in recent years will now help them navigate through this pandemic. By enabling remote work in response to this crisis, companies will emerge nimbler, more technologically sound and more productive.

As more employees — or all employees in most organizations — work remotely, law firms must employ security best practices to ensure that the extended reliance on the cloud doesn't expose sensitive data or cripple daily operations.

Following is a practical checklist of systems, technologies and processes to consider when evolving your firm for remote work and selecting your cloud technology provider.

|

Securing your Remote Workforce

There are many remote work strategies and controls that law firms can implement in order to significantly reduce the likelihood of a data breach, limit exposure of sensitive information and maintain security in a virtual office scenario.

All firms relying on a remote workforce should be implementing the following measures in order to ensure the safest possible environment.

  • Password Requirements. Passwords are the first line of defense against unauthorized access to your systems and information. You should have strict requirements for employee passwords that ensure length, complexity and randomness. Changing passwords at frequent intervals and using a password manager are also recommended.
  • Multifactor Authentication Policy. Multifactor authentication is one of the best ways to prevent unauthorized access to email accounts and systems. A multifactor authentication policy requires a user to have two pieces of information to gain access, not simply a password. This prevents attackers from gaining entry even if user passwords or credentials have been compromised.
  • Role-Based Access Control. Role-based access control is a neutral access policy that restricts every user's access rights on the basis of the role played within the organization, with specific access granted to specific roles. Also known as a zero trust model, this approach restructures access within your firm's systems based on a "never trust, always verify" philosophy targeted specifically at preventing improper access.
  • Strong Encryption at Rest and in Transit. Strong encryption is crucial to protecting your data from outside eyes, and you need to be sure that your data is secure at all times, regardless of where it is or how it's being used. Strong encryption must be in place when data is at rest, or simply residing in your system, as well as when it's in transit, or moving from one location to another. Equally important, you must know who has access to the encryption keys at all times.
  • BYOD or Company-Supplied Hardware. Many employees use their own devices to access firm data and track and manage time and communications, but the better practice is for the firm to supply hardware that is consistent, secure and managed as part of a best practices IT strategy. That way, remote workers will not require huge IT overhead to support their hardware or activity.
  • Meeting Recording and Transcriptions. Virtual meetings offer convenience, but audio/video challenges and file sharing can sometimes be complicated. We suggest an organization standardize on a widely used virtual meeting system with a robust mobile app. There are many inexpensive, accurate and fast services. Record the meetings and then store transcripts of what was discussed, thereby creating and preserving an official record and minutes of the meeting.
  • Proactive Security Monitoring with AI Behavior-Based Protection. Proactive security monitoring is crucial to detecting threats before they wreak havoc on your systems. Behavior-based security measures that incorporate advanced AI and machine learning are designed to proactively monitor all activities in order to identify anomalies and deviations from normal patterns. This monitoring then offers a protective response as soon as a threat is detected.
  • Auditing, Training and Planning. Aside from the specific tools and measures outlined above, dedicate firm resources to the prevention of cybersecurity threats on all fronts. This includes performing regular cybersecurity audits of your own networks and systems, requiring employees to undergo regular training in security best practices and revising your overall incident response plan as the cybersecurity threat continues to evolve.
|

Be Proactive

The immediate need to support remote work has brought with it an increasingly complex and risky cybersecurity landscape. Thinking proactively about remote work strategy and controls, business continuity and disaster recovery and application management when choosing or monitoring a cloud provider is the best way to prevent cybersecurity breaches before they happen.

*****

Tomas Suros is a technology advocate working at the intersection of IT and client consulting. With AbacusNext since 2004, he currently serves as global director of product marketing, guiding firms through the process of identifying forward-facing technology options and ensuring the successful implementation of a tailored solution. He can be reached at [email protected].

This premium content is locked for Entertainment Law & Finance subscribers only

  • Stay current on the latest information, rulings, regulations, and trends
  • Includes practical, must-have information on copyrights, royalties, AI, and more
  • Tap into expert guidance from top entertainment lawyers and experts

For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473

Read These Next
How Secure Is the AI System Your Law Firm Is Using? Image

In a profession where confidentiality is paramount, failing to address AI security concerns could have disastrous consequences. It is vital that law firms and those in related industries ask the right questions about AI security to protect their clients and their reputation.

COVID-19 and Lease Negotiations: Early Termination Provisions Image

During the COVID-19 pandemic, some tenants were able to negotiate termination agreements with their landlords. But even though a landlord may agree to terminate a lease to regain control of a defaulting tenant's space without costly and lengthy litigation, typically a defaulting tenant that otherwise has no contractual right to terminate its lease will be in a much weaker bargaining position with respect to the conditions for termination.

Pleading Importation: ITC Decisions Highlight Need for Adequate Evidentiary Support Image

The International Trade Commission is empowered to block the importation into the United States of products that infringe U.S. intellectual property rights, In the past, the ITC generally instituted investigations without questioning the importation allegations in the complaint, however in several recent cases, the ITC declined to institute an investigation as to certain proposed respondents due to inadequate pleading of importation.

The Power of Your Inner Circle: Turning Friends and Social Contacts Into Business Allies Image

Practical strategies to explore doing business with friends and social contacts in a way that respects relationships and maximizes opportunities.

Authentic Communications Today Increase Success for Value-Driven Clients Image

As the relationship between in-house and outside counsel continues to evolve, lawyers must continue to foster a client-first mindset, offer business-focused solutions, and embrace technology that helps deliver work faster and more efficiently.