Our greatest assets here at Afinety are our extraordinary and dedicated employees who look for ways each day to maintain excellent client service and find new ways to deliver value to our clients.
Today, we’re introducing a new video series that will highlight the various employees — both client-facing and behind the scenes — that are committed to ensuring our law firm clients have a high-performing technology platform they can rely on.
We’re starting our series with a name most of our clients know intimately: Bill Sangston, Technical Support Manager.
The reality is (as the ever-growing list of victims of such attacks makes clear): Cybercriminals are actively targeting organizations of nearly all sizes. And law firms, with their access to highly sensitive data, are a prime target.
But this blog post isn’t designed to be a scare tactic. Instead, we hope to help you better understand the steps you can take to mitigate your risk. Our goal is to do our small part in advancing broader cybersecurity awareness and education within the legal community, particularly given the exponentially escalating nature of these cyber-threats.
A Layered Approach to Security
Over the next couple of months, you’ll be seeing a series of blog posts – from high-level security strategy highlights to security tools that law firms can use right now – that we hope will shine a light on different areas of security and provide law firms with key considerations and best practices to keep in mind.
We’ll structure the discussion using a layered security model we have adopted for our own security roadmap. This includes:
Perimeter Security
Network Security
Endpoint Security
Application Security
Data Security
Policy Management & Enforcement
Monitoring & Response
Within each security layer, we’ll explain that layer’s purpose, and highlight:
Common security mistakes organizations can make
Minimum security measures every organizations should take
Best practices around security that organizations should consider
We’ll also talk about security philosophies and mindsets – least-privilege and zero-trust for example – and the steps you can take to help improve security in your organization – regardless who manages your IT infrastructure.
Shared Responsibility for Security
For too long, managed service providers and technology partners (including us) have taken the stance of shielding our clients from the headaches, intricacies, and complications that a strong security stance involves. While it’s true that we can significantly reduce the burden of security on our clients and their teams, the responsibility is still shared. We owe it to our clients to ensure they not only understand the steps we’re taking as their IT partner, but also the measures that require their active participation and consent.
We hope this series of blog posts will help form the basis for those conversations, and we’re looking forward to more discussions to come.
