Articles

Austin ALA Business Partner, TerminalB Presents

 

Creating a Secure and Effective Remote Work Environments for Law Firms

     

As our clients start 2020, a common inquiry we’re hearing is how to establish a secure and effective remote work environment. A range of factors is contributing to the popularity of working away from the office, including commuting hassles, rising rents, broadband availability, and the desire for a healthier work-life balance. More and more, Terminal B is fielding inquiries from law firms that have taken the remote-work idea to its logical conclusion: they have no dedicated office space, yet have employees statewide, nationwide, and even worldwide.

The New Normal

Here's what we know; remote work is no longer just a trend. As of 2020, 83% of US businesses have introduced a flexible workspace policy, or are planning to. The driving forces are obvious: Remote workers tend to be happier and more efficient, resulting in higher performance and lower costs.

The data heavily supports this. In their 2019 year-end review, the employment site Flexjobs found that 80% of U.S. workers would turn down a job that didn’t offer flexible working. And regarding performance, their surveys show that 85% of businesses reported increased productivity from employees working remotely, while 77% found it led to lower operating costs. Clearly, the tipping point has been reached.

Past the Tipping Point

So, offering flexible workspace options has become essential to productivity, profitability, and to attracting and retaining talented staff. Let’s then return the question of how to set it up. Enabling a successful mobile workforce requires a change in a firm’s technology focus: The paradigm must shift from the end-user’s possession of company data to their access to company data.

Any transformation that empowers employees to work anywhere at any time demands that technical barriers be removed. But obviously, this must be executed in a manner that does not compromise the security of the organization. If you're preparing your business to implement remote work policies, make sure to consider these five key factors.

5 Key Technical Considerations that Enable a Successful Remote Legal Workforce

Reconsider Your Network Infrastructure

In the modern work environment, an organization’s network includes all the locations an employee could work from. Without quality bandwidth, remote access can be frustrating, and the benefits lost. Firms can ensure quality bandwidth by reimbursing some, or all, of remote bandwidth costs. Firm-managed firewalls such as the Cisco Meraki Z3 Teleworker Gateway can create a secure, restricted connection within a remote network, greatly simplifying user access and support.

Be Present

Working exclusively in virtual teams can make remote workers feel isolated. To prevent this, “in-office days”, when possible, and the productivity tools discussed below enable the personal interactions employees crave.

Security: Good Fences Make Good Neighbors

Law Firms must take the initiative to secure their employees’ remote locations. Connecting to unsecured networks like those in airports or coffee shops increases the risk of cyberattacks. No location, including home office networks, should be considered 100% trustworthy.

This applies similarly to devices – significant cost-saving and productivity benefits can come from bring-your-own-device (BYOD) policies, but only if they are properly protected. Company technology tools (antivirus, administration, etc.) and policies must be updated and enforced, regardless of who owns the assets used to access company data. And all devices should be encrypted to mitigate the impact of physical loss or theft.

To minimize security risks, make sure you should:

  • Use a VPN and encrypt data to render it unreadable in the wrong hands
  • Install security patches as soon as they become available
  • Set controls so that employees can access only the data they are authorized for
  • Implement multi-factor authentication (MFA) protocols

 

Employee Training

In any network environment, most data breaches are caused by human error. So before letting employees work off-site, it’s more important than ever to train them on cybersecurity. Make sure they can identify social engineering scams like phishing emails, and how to be vigilant toward fraudsters aiming to trick them into giving up vital information like login credentials.

Empower Your Remote Workforce with Office 365

Office 365 combines the Microsoft applications everyone is familiar with, and cloud computing solutions like Exchange and SharePoint, into a single subscription service. It’s readily deployable and it’s secure, with built-in privacy and compliance tools that make it easy to keep your data safe. On top of this, it’s familiar, and employees are less likely to commit security mistakes in a familiar environment.

If you have been thinking about mobile work as a trend, it is time to realize that has become much more than that. For many of your most attractive customers and employees, it is the new normal.

Terminal B is your trusted advisor for Microsoft Office 365, Microsoft Azure Hosting, Cisco networking, and other technology law firms rely on for successful remote work environments.

By Greg Bibeau

 

 

Austin ALA Business Partner, TerminalB Presents

  

Law Firms Should Secure Accounts with Dual Factor Authentication…Now.

Cybercrime is on the rise. According to a 2018 report published by global cybersecurity firm McAfee, more than two billion online users have had their personal data stolen or compromised over the last few years. Approximately 780,000 records were lost, and 80 billion malicious scans took place in 2017 alone. One in 13 web searches leads to malicious pages and 68% of breaches took months or longer to discover. This will only get worse.

Details have been released of the first class-action lawsuit against a law firm for inadequate security measures. A complaint filed in April 2016, Shore v. Johnson & Bell, alleges that the law firm engaged in “systematically exposing confidential client information and storing client data without adequate security.”  “There is no evidence the client’s information was actually compromised – only that it could have been.”

Considering the current climate, it's no wonder why websites and applications are increasingly adopting Dual Factor Authentication (2FA) for enhanced protection of users. Also known as Multi-Factor Authentication (MFA), this technology provides an effective layer of additional security for accounts. Popular services like Google, SalesForce, and Office 365 all use 2FA to protect their users and ensure that their private data doesn't end up in the wrong hands. In most cases, 2FA can be enabled for free and, according to Symantec, 80% of security breaches could be prevented with 2FA.

How Does Dual Factor Authentication Work?

In this digital era, having a strong password is no longer enough to keep your email and other online accounts secure. Cybercriminals are now using cutting-edge software to gain access to computers, web portals, and online banking apps. Dual Factor Authentication has emerged in response to these threats.

This technology uses several factors to secure your accounts. These include:

  • Something you know (such as a PIN number, secret questions, or passwords)
  • Something you have (such as a smartphone, laptop, voice, retina, or fingerprint)
  •  

Hackers may be able to easily crack your password to gain online access, but hijacking your mobile phone, for example, creates a considerable challenge to hackers. Even though these things can happen with 2FA, they're not common.

Additionally, the latest authenticator apps, such as Authy, Google Authenticator, Microsoft Authenticator, and LastPass Authenticator, feature extra layers of security. Some will randomly generate six- or 10-digit codes that refresh every few seconds. This makes it a lot harder for cybercriminals to make their way into your system.

The idea behind this technology is that a second, or even third, authentication factor will compensate for the weaknesses of the other factor(s). The simple act of entering a code that you receive on your phone provides greater security than using a password alone.

2FA for Microsoft Office 365

The best way to understand how 2FA works is to use a real-life example. Let's take Office 365, for instance. In 2017, Microsoft began increasing its efforts to make passwords obsolete. The tech giant launched an app that completely eliminates the need to use passwords. Furthermore, users can turn on 2FA for all Microsoft services, including Office 365.

Once enabled, users continue to use Office 365 like usual. The difference is that they will have to enter the code received on their mobile devices into the system to log in. Alternately, using an application like Microsoft Authenticator allows users to simply approve an alert on their personal cell phone as a second form of authentication, bypassing the need for a code at all. Most services that use 2FA involve the similar experiences. With dual-factor authentication, you and your team will have peace of mind knowing that your accounts are secure and much less vulnerable to data breaches.

Why Not?

Again, in most cases, 2FA can be enabled for free. Even though logging into your accounts may take an additional step, it's worth the effort. Multi-Factor Authentication not only increases security, but it may also help law firms reduce their operational costs and maintain productivity in the workplace. Plus, you’ll have peace of mind knowing that you won’t have to deal with the embarrassment, hefty costs and legal repercussions of a data breach.

Terminal B is your trusted advisor on Dual Factor Authentication, Microsoft Office 365 and other technologies law firms rely on.

By Greg Bibeau