find the latest legal job
Monash University Director Workplace Relations
Category: Industrial Relations and Employment Law | Location: All Melbourne VIC
· Exceptional senior leadership role
View details
Personal Injury Lawyer - Melbourne Eastern Suburbs - 2-5 years PAE
Category: Personal Injury Law | Location: Lilydale VIC 3140
· Fulfilling role as part of a small team in a positive workplace
View details
Legal Counsel
Category: Banking and Finance Law | Location: Sydney CBD, Inner West & Eastern Suburbs Sydney NSW
· In-house opportunity · Be part of our engine for success in a high growth business
View details
Trainer/Assessor Diploma of Legal Services
Category: Other | Location: Liverpool NSW 2170
· 3 Days Per Week · 9am - 4pm
View details
Corporate and Commercial Partner
Category: Corporate and Commercial Law | Location: Adelaide SA 5000
· Adelaide CBD · Join a leading Adelaide commercial law firm
View details
Managing IT security risk?

Managing IT security risk?

Promoted by

Clients expect their law firms to act as a vault for valuable, confidential and sensitive information. So it’s no surprise that lawyers take extra care when it comes to managing the security of their IT systems. 

THE FIRST step to managing your IT security risk is to understand some threats your business can be exposed to. At Innessco, we have three categories of threats: Random, Accidental and Deliberate.

Random threats
- Your documents are encrypted and you are required to pay a ransom to decrypt them (Cryptolocker-style virus)
- A virus infects your IT system and generates so much activity that normal computer use is not possible (Denial of Service)

Accidental threats
- Staff member loses mobile phone or laptop with email and/or business documents stored on it
- Staff member accidentally deletes files from a file server

Deliberate threats
- Staff member takes corporate documents for private use (or distributes to unauthorised parties)
- External party targets your organisation for sensitive information
3 Basic Steps for improving your IT security straight away
Before you start looking at sophisticated systems and expensive solutions, make sure you have covered off the basics for IT security.

1. Apply Windows Updates Monthly – to your servers and workstations. Run a management report to verify successful application. Did you know that when Microsoft releases Windows Updates it actually publishes details of the security vulnerability? This increases the risk of deliberate threats to your firm.

2. Implement a Virus Scanner that has a central management console. Again, run a management report to verify that the virus definitions have been successfully applied.

3. Treat passwords seriously. A slip in your system allows easy unauthorised access, so make sure you:
     a. Don’t have the same password for all users.
     b. Don’t reveal your personal password to anyone
     (use application security settings to share access, e.g. mailbox delegation).
     c. Configure your system to require passwords with capital letters, numbers and special characters.
     d. Configure your system to disable an account after five password failures. 

Once you have these first principles in place, you can begin to consider more sophisticated solutions. The next step I recommend is to make sure you have a secure document management system that enables document level security, versioning and auditing.

Robert Cox helps law firms solve their IT problems as a director at Innessco.
Email This email address is being protected from spambots. You need JavaScript enabled to view it.


Promoted content
Recommended by Spike Native Network