WannaCry Ransomware: Protecting your law firm from the next cyber attack
Legal18 May, 2017

WannaCry Ransomware: Protecting your law firm from the next cyber attack

Ransomware. Cyber attacks. Data theft. These are the new threats disrupting businesses globally.

Just this weekend, the WannaCry ransomware cyber attack crippled business all over the world, highlighting once again how vulnerable and ill equipped organizations, including law firms, are when cyber attacks occur.

Considering the quantity and sensitivity of client information your firm has on hand, it is vital that data security, back up and recovery is taken seriously. But habits around file sharing, collaboration and document storage also need to evolve.

It appears that the WannaCry ransomware attack was caused by a malicious piece of software that finds it's way into companies when employees click on email attachments, spreading quickly as employees share documents. While antivirus software will help you fend off these types of attacks, we also need to acknowledge the inherent risks associated with our digital habits.

Furthermore, law firms are subject to rigorous confidentiality obligations, professional secrecy and third party data protection, which require additional effort on the part of employees to prevent non compliance and avoid data loss.

As we brace ourselves for the next wave of copy cat attacks, the question remains: is your law firm doing enough to protect the client and firm data? If you are still using email and hard drives to store and share legal documents, then the answer is probably no. Your best line of defense is to adopt secure, cloud based practice and case management software, where your data is always available, empowering employees to act in compliance and where documents are back ed up in case of security threat.

Here are a few tips to when considering cloud software to improve your digital habits and reduce the risk of a data security breach:

  • Opt for commercial grade cloud solutions, built for law firms. Many consumer grade services can leave you open to data leaks and other security threats Law firms need a business grade service that allows users to control who can access documents, when they can access it (ie. expiring access) and alerts when users upload or download a document. Also, cloud based services that are built for law firms have the added feature to provide audit trails in the event you need to generate compliance statements.

  • Use a secure cloud based portal that is protected with encryption and passwords. Using a secure service with encryption and passwords ensures that only registered users like clients or other third parties are able to access the information you are sharing.

  • Invite colleagues to review documents directly from the cloud based service. As evident with the WannaCry ransomware attack, email is the gateway for viruses to enter your company. With a cloud based file sharing service that facilitates document collaboration, you invite only those authorized users who you want to access, comment or modify your document, all in a secure environment.

  • Use a cloud based document management system where you can always access documents anywhere from any device. With the use of mobile devices, it's important that your firm extends access to files in a secure but easy to use way. If the system you have adopted is over complicated with rules and cannot be accessed outside the office or on mobile, it will be hard to get everyone using the same level of diligence. When systems are overly complicated, users are deterred from logging in and find alternative, unsafe methods to share and access files.

  • Have a working back up systems and ensure you can recover files in the event of disaster. On premise servers and infrastructure are vulnerable to a host of disastrous events from power shortages to fires and floods and back up systems are known to fail. With cloud based storage systems built for law firms, all of your files are automatically backed up to secure servers, documents versions are controlled 24/7 (to ensure the latest versions are always backed up) and everything can be recovered in case of disaster.

Protecting your firm with Kleos

We are proud to report that not a single law firm using Kleos has been impacted by this latest ransomware attack.

With Kleos, you can breathe easy knowing that your data is securely stored and automatically backed up in our ISO 27001 certified system, including disaster recovery. We update our servers and applications to ensure maximum security at all times, meaning your files are all safely stored and cannot be corrupted or lost.

Plus, not only do we work to identify possible threats in advance to protect our systems, but we also communicate potential risks to customers so they can prevent malicious attacks from happening in the first place by updating their systems with antivirus software.

Keep confidential client and firm data protected, isolated and backed up to prevent data loss with Kleos!

Explore related topics
SOLUTIONS
Kleos
Cloud-based practice management software

See what Kleos can do for your law firm