Why Multifactor Authentication is Essential

If there’s one thing that law firms have in massive quantities, it’s information. From email inboxes containing clients’ addresses and signatures to file folders that detail highly sensitive particulars about financials, attorneys possess reams of data that can damage reputations and ruin lives should it happen to fall into the wrong hands.

While numerous methods of protection exist to keep eyes-only information just that – including passwords, firewalls, identity theft resources and physical security – there are equally as many ways of gaining access. Be it hacking, malware, phishing or skimming, bad actors resort to a wide assortment of underhanded tactics to expose and make off with private data.

Multifactor authentication throws a wrench in these malicious methods. Instead of entering just one password or inserting a single keycard, multifactor authentication – otherwise known as 2FA – requires two or more credentials for access to be granted. Generally speaking, the more that are required, the harder it is for information to be stolen. As noted by Carnegie Mellon University, 2FA involves several “somethings”:

  • Something you know (e.g. password, security question, PIN number);
  • Something you own (e.g. key fob, ID card, smartphone);
  • Something you are (e.g. fingerprint, face, voice, palm vein)

This latter something is a fairly new technology in terms of availability and usage. It involves biometrics, or the analysis of physical characteristics for authentication. Because no two fingerprints are perfectly identical, it makes them difficult to replicate or steal.

Given the effectiveness of 2FA, more industries are adopting it. Many handheld devices now require users to input two or more credentials, or at least provide this option.

“Many attorneys and law firms aren’t fully embracing this security methodology.”

However, whether due to resistance to change, in general, or unfamiliarity with technology, attorneys and law firms aren’t fully embracing this security methodology, ABA Journal reported. If you’re among them, here are a few reasons why you may want to reconsider:

Data breaches are more common than ever
At one time, it seemed like every cyberattack was reported by the mainstream media, particularly those that impacted retailers. They’ve largely fallen out of the news cycle, but that doesn’t mean they’ve become any less common. According to the most recent statistics available from the Identity Theft Resource Center, the number of consumer records stolen in 2018 rose 126% from the previous year, totaling 446.5 million overall. That’s up from 197.6 million just 12 months earlier.

The chances of data being stolen are significantly lower when 2FA is in place. As reported by Forbes, household-name software providers say 99% of automated attacks can be successfully blocked by enabling 2FA. Several other telecommunications and technology companies also hail the effectiveness of multifactor authentication.

Firms are a top target
No business or industry is entirely immune from data breaches, and that especially includes the business sector, an umbrella that law firms fall under. Of the 1,632 breaches that took place in 2018, 907 of them affected business, ITRC reported from its findings. This equated to 181 million records, with healthcare in a distant second at 5.3 million records and 384 breaches.

Small law firms in the crosshairs
According to the most recent polling available, tracking how many practicing lawyers are currently in the U.S., the number sits at over 1.3 million, based on the ABA’s figures. The vast majority of these attorneys work for small firms. Conventional wisdom might suggest the big firms would be targeted the most, but as Attorney At Law Magazine reported, those that have fewer partners tend to receive the lion’s share of the attacks because there are more out there to potentially exploit.

2FA helps to guard against attempted data heists by adding an extra layer of security.

If your firm has transitioned to the cloud, you can’t afford a software solution that doesn’t incorporate multifactor authentication. Built on the largest cloud provider in the world – Amazon Web Services – Afinety leverages 2FA, firewall protection and unparalleled monitoring to ensure information stays under lock and key. For more information on the Afinety Cloud Platform and its offerings, contact us today.

With An Overabundance Of Digital Evidence, The Cloud Can Help Law Firms Stay Organized

With more people than ever utilizing technology in their daily lives, it is no surprise that digital crime and subsequently evidence has increased. A recent white paper by The TASA Group details the growing problem legal professionals are having with massive amounts of digital evidence. This includes everything from body camera footage and video surveillance, to the internet trail left behind by cyber-criminals. Properly storing digital evidence is crucial in conducting an effective investigation and reducing liability. If this digital evidence were to disappear or become compromised, it can derail an entire trial.

Digital Evidence Helps And Hinders Law Firms

This overabundance of digital information is a double-edged sword for law firms. Recently, law firms have seen how digital evidence can aide in their trials and have devoted time to eDiscovery. As the Association for Information and Image Management found (AIIM), eDiscovery, short for electronic discovery, is, “the process of discovery in civil litigation that is carried out in electronic formats.” For law firms, discovery is done during the initial phase of litigation where both parties are required to provide their evidence for the case. With eDiscovery, any electronically stored information – including emails, text messages and websites – is up for grabs as evidence.

There is a proper method that law firms have to abide by to proceed with eDiscovery. As AIIM outlines, data found during eDiscovery must first be identified by attorneys and placed on legal hold. Then both attorneys have to determine if it is relevant to the scope of the trial before it can be analyzed and used in court. This is obviously a simplified way of explaining a process that can be lengthy and difficult depending on the amount and type of information discovered, but it is the general eDiscovery process.

As you can imagine, eDiscovery can benefit a law firm during a trial, but it can also hurt it. Another part of eDiscovery is having policies in place to ensure records that are no longer needed are destroyed in a documented way. Holding onto unneeded data can come back to haunt a law firm or an individual if that information came up during another attorney’s eDiscovery period. Overall, digital data can be harmful and helpful for a law firm. Making sure needed documents are stored safely and correctly while unneeded information is discarded is easier said than done. Luckily, there is a digital solution to avoid this digital problem.

Securing digital evidence is crucial for protecting the integrity of a trial_Afinety, IncSecuring digital evidence is crucial for protecting the integrity of a trial.

The Cloud Solution For Law Practices

Legal professionals need to access digital evidence quickly and securely, and the cloud is the best technology to achieve this. The cloud keeps your data protected and secure. Alongside an email and document management system, like iManage, documents can be shared seamlessly within your law firm and be accessed by your employees safely from anywhere. Using a document management system in conjunction with a cloud platform adds extra levels of security to your digital evidence. Utilize this software to organize your data and continuously discard what you no longer need.

Another perk is cloud platforms can actually reduce the cost of eDiscovery for law practices. Investing in a cloud solution is the best way to cope with the massive amount of digital evidence available and protect your law firm during eDiscovery. During a trial, digital evidence can be needed in an instant. Having a strong organization system in place, with the help of quick keyword searches, is highly beneficial.

When looking for a cloud service provider for your firm, consider the Afinety Cloud Platform (ACP). Afinety deploys cloud networks specifically for law firms and understands the unique challenges they face when it comes to data protection and digital evidence.  Afinety partners with industry leading companies and ensures all applications are seamless integrated with ACP and Office 365.  Contact us today to see how you can get the most from investing in a cloud platform.

Is Paying the Ransom Always a Non-Starter?

What Should Law Firms Do When Faced With Ransomware

Ransomware attacks are increasingly common, with some estimates suggesting that they’ve risen in frequency by nearly 500% from 12 months ago, according to Forrester Research. If your law firm IT were to be affected by such a cyber incident, would you pay the ransom?

Entertaining such a question seems to not only go against conventional wisdom but what IT security experts have long cautioned – that you can’t negotiate with the unscrupulous. Further, capitulating to hackers’ demands in no way guarantees that they’ll wind up surrendering the information stolen or encrypted.

However, given the sensitivity of the data involved, some IT authorities say it’s not so nonsensical a notion after all, as its in bad actors’ best interests to deliver on their promises when those they prey upon pay up.

Florida City Opts To Pay $600k To Retrieve Data

From small-business owners to international conglomerates, companies of all sizes have ultimately decided to cut their losses and pay the amount that perpetrators insist on. Even municipalities are acquiescing, the latest example being Riviera Beach, Florida. Located north of West Palm Beach, the city and its 35,000 residents have been unable to use public service utilities over the last three weeks because attackers hacked into the city’s network servers, disabling phone lines, emails and payment processing, The New York Times reported. Unable to retrieve the hijacked data, local lawmakers voted unanimously to pay the $600,000 ransom, which officials are hopeful will put computer servers back online as happened for a  Georgia county that paid $400,000 when it was victimized in March, according to The Wall Street Journal.

Riviera Beach spokeswoman Rose Anne Brown told the Times that it’s coordinating with law enforcement and informed them of its decision prior to wiring the money.

“We are well on our way to restoring the city system,” Brown explained.

“170 government entities have experienced ransomware infections since 2013.”

In addition to Baltimore, which is steadfast in its decision to not paying the ransom, Riviera Beach is only the latest municipality hit by such a cyberattack. Based on data obtained by CNN, no fewer than 170 government entities – meaning cities, counties or state – have fallen prey to ransomware infections in the last six years. Forty-five of these were sheriff’s or police departments. This may be particularly worrisome for law firms, given they’re often in regular communication with law enforcement regarding pending cases, which entails the sharing of data.

“We were crippled, essentially, for a whole day,” Albany Police Department patrolman Gregory McGee told CNN. “All of our incident reports, all of our crime reports, that’s all digitized.”

Acceding To Ransomware May Be Best Of Bad Options

IT teams were able to resolve the issue in New York’s capital city within 48 hours and did so without giving in to the offenders’ demands. However, given the stakes involved, many believe that paying should not be summarily dismissed as a non-starter.

“There’s a tendency to answer the question by sloganeering: Never negotiate with terrorists,” wrote Stephen Carter, law professor at Yale University, in an opinion piece for Bloomberg. “Otherwise, so the reasoning goes, you will get more terror attacks. But while this argument makes sense for those who are likely to suffer repeated attacks, it’s not clear that those less likely to be regular targets should reason the same way.”

Josh Zelonis, a senior analyst at Forrester Research, feels similarly, noting that cities who hold the line may suffer from diminishing returns as Baltimore is learning first hand. The financial fallout from the attack is believed to be in excess of $18 million and counting. In other words, the ransom demanded may be a pittance compared to the alternative.

“Many organizations significantly underestimate the scale of disruption they need to plan for or make too many assumptions about what functionality will continue to exist after an attack,” Zelonis warned.

He added that while paying the ransom may indeed be inadvisable, it should at the same time not necessarily be completely out of the question, but explored “in parallel with other recovery efforts to ensure you’re making the best decision for your organization.”

Of course, the best solution is to avoid becoming a ransomware victim altogether. This is possible by remaining vigilant.   Perhaps above all else this also means leveraging a multilayered approach to data security, including multifactor authentication, software patches, updates and a good disaster recovery plan.  Look to a reliable cloud solution, like the Afinety Cloud Platform, which runs on the largest and safest cloud provider in the world, Amazon Web Services to reduce your risk of outside threats in today’s world.

Case Study – AlvaradoSmith Reaches the Cloud With Afinety

AlvaradoSmith Saw 25% Cost Reduction With Afinety Cloud Platform

The legal world has changed a lot over the years, notably in how legal professionals do their jobs and interact with clients. Cloud platforms have impacted virtually every industry and promise to bring a multitude of benefits to those that adopt the technology. The question for law firms is, how can they take advantage of the cloud in a secure, productive way? Law firm AlvaradoSmith experienced the viability and the power of the cloud first-hand.

IT Network Changed To Afinety Cloud Platform To Achieve Goals

With 3 offices and 57 users, AlvaradoSmith represents defendants and plaintiffs with respective civil litigation, corporate and intellectual property cases. The firm handles employment and mortgage matters as well, supporting businesses of all sizes as well as individuals. With so many different kinds of clients and cases that could come through their doors, it was important to keep files confidential while also ensuring that AlvaradoSmith staff could easily access necessary information.

File cabinets and large folders are no longer viable for modern law firms. Papers can easily be misplaced, stolen or destroyed. The cloud has increasingly become the answer to these issues, providing an online platform for accessibility, mobility and flexibility. Office Coordinator, Gianna Stover, noted that data security is a major concern in the law industry, particularly as ransomware becomes a more prevalent threat. Clients want to ensure that their documents and information are protected, making it necessary to adopt a platform that can meet these needs. That’s where Afinety has made the greatest impact.

Migrating To Afinety Cloud Platform (ACP)

When it came to upgrading the existing on-premises network, AlvaradoSmith wanted to increase mobility for attorneys and ensure security across the board. Many AlvaradoSmith attorneys travel, and the fact that they could get on a laptop outside of the office without an on- premises network was a major advantage. Stover and the firm’s partners met with the Afinety team and discussed what life would be like once the Afinety Cloud Platform Network, powered by AWS would be implemented. They believed it sounded too simple and too good to be true, but once the solution was rolled out, their perception changed.

“The nicest part, which was one of our key selling points, was that we didn’t have to reinvent how we were practicing and what we were doing,” Stover said. “Our programs translated over into the Afinety Cloud Platform seamlessly. We were able to function as we did in the on-premises network and we didn’t have to change every piece that we used.  We just simply transitioned over.”

With Afinety, AlvaradoSmith was able to maintain and improve productivity. Afinety experts walked the organization through the migration step by step, and with diligent, methodical planning, the project progressed to completion without a scramble to get everything done. With their previous network, Stover described how each person was connected to the onsite servers. If one computer was affected by an outage, all users would be affected, creating an issue in rebuilding the workstation and getting everyone back online. The Afinety Cloud Platform runs on Amazon Web Services and provides a separate cloud workspace for every user, thus eliminating the possibility of one workstation affecting another.  If issues do arise, Afinety’s experts provide faster troubleshooting support to eliminate lag time and enable easier login processes.

Measurable Results Gained From ACP

Seeing the benefits of the Afinety Cloud Platform first-hand demonstrates the technology’s true power and serves as an example for how other law firms can reap these same advantages. Stover noted that the solution is more cost-effective than their previous setup, saving the firm over 25 percent compared to an onsite network! In addition, productivity has noticeably improved. Legal professionals at AlvaradoSmith now have faster, more secure remote flexibility that wasn’t available before. They can work remotely when they need to, not even thinking about the network. That’s the true experience of a solid cloud network.

The Afinety Cloud Platform runs on Amazon Web Services, making it a turnkey, secure solution for law firm needs. Storing data on this platform helps put minds at ease since AWS uses batch encryptions and other security parameters to protect sensitive data effectively. This ensures that client confidentiality can be upheld and that industry regulations are in compliance. Afinety has strong track record serving law firms since 1986, with more and more clients moving to the cloud each day.

Why Cloud Should Be Part Of Your Mobile Strategy

Legal practice staff members rarely work in only one location. Lawyers might meet up with partners, consult clients and go to court, leaving behind the desktop at the office. Traditionally, lawyers would be required to carry stacks of files with them pertaining to each case, making it easy for these documents to be forgotten, lost or stolen somewhere along the way.

Mobile devices were introduced as a means to provide flexibility, but this hardware alone isn’t enough. Cloud platforms make up for necessary functionality within mobile initiatives. Let’s take a closer look into why the cloud should be part of your mobile strategy:

1. Greater accessibility for business resources

Mobile devices alone can’t guarantee access to necessary information, particularly if it’s only stored on a desktop. CIO noted that the cloud ensures that lawyers have a resource platform wherever it might be required. Paired with a robust mobile strategy, users can have access everywhere possible, solving challenges of scale, platform support and updating. Cloud and mobile technologies provide greater value when used together and actively rely upon each other to produce benefits.

Mobile devices and cloud enable lawyers to access resources from anywhere_AfinetyMobile devices and cloud enable lawyers to access resources from anywhere.

When integrating these tools, legal practices must gauge employee operation requirements. Mobile needs will largely guide cloud strategy to serve as an enabler to stay connected and engaged. Ensure that mobile apps will work even with poor connectivity to provide true anywhere, anytime accessibility.

2. Better security through centralized management

In bring-your-own-device environments, maintaining governance is a considerable challenge for many businesses. Without being able to manage mobile hardware, it’s uncertain that users will follow data best practices, download appropriate applications, regularly update systems and use security capabilities. Wrangling all of the potential devices and enforcing BYOD policies have posed significant problems for organizations, particularly in heavily regulated fields.

The cloud solves a large number of these issues by offering centralized management for security, data access, computation and storage. Computerworld contributor Bill Claybrook noted that with the cloud, organizations can rely on security of the mobile device to get to the app, but will need to authenticate against the back-end system in the cloud to view critical data. This will ensure that even if a phone is lost or stolen, malicious parties can’t access business resources or information.

“Look for cloud providers with uptime records of 99.999% and 24/7/365 monitoring.”

3. Improved recovery strategies

Mobile devices could be a key part of bolstering disaster recovery strategies. If the office, your desktop or critical files are inaccessible, mobile hardware can easily allow work to continue, provided the information has been backed up. The cloud acts as a centralized storage platform that regularly syncs with essential documents. This ensures that the most recent versions are available to continue operations and reduce downtime.

With a capable cloud provider, law firms can quickly recover during disaster situations. ITProPortal contributor Kevin Scott-Cowell noted that cloud vendors keep systems up and running, enabling you to go through your normal operations. Look for uptime records of 99.999 percent and 24/7/365 monitoring to quickly catch and address issues before they cause damage. If something happens on your end, the cloud vendor is available to guide you and restore critical systems as fast as possible.

Mobile initiatives are critical to bolstering law firm capabilities, but the cloud adds extra necessary functionality. The cloud will enable greater accessibility, improved security and better recovery options across mobile hardware. These features will significantly benefit lawyers as they look to operate in more places and view critical documents on their devices. For more information on how law firms can take advantage of the cloud in their mobile strategies, contact Afinety today.

How The Cloud Can Boost Your Disaster Recovery Plan [Video]

Increase Disaster Recovery Rate For Law Practices

More organizations are creating formal disaster recovery plans to ensure business continuity and minimize downtime during emergencies. Implementing cloud technology as part of this strategy can boost your disaster recovery efforts and yield significant benefits.

Reliability is the number one priority when choosing a disaster recovery solution. Cost and speed of recovery are also critical considerations. The cloud takes care of these needs with accessibility on any device and pay-per-usage plans.

Cloud solutions ensure that if your office or hardware is inaccessible, important files can still be accessed. Organizations can also use the cloud as a backup and archive tool. If data is lost or corrupted, it can be easily restored from saved online versions. For more information on how the cloud can boost your disaster recovery plan, stay tuned with Afinety.

Productivity Benefits Gained From The Cloud [Video]

Afinety Demonstrates Cloud Law Firm Productivity

Cloud environments bring considerable advantages, but the productivity benefits from using this technology might be the most significant. There are a number of productivity benefits that you can expect by embracing the cloud.

Investing in a tool like the cloud enables workers to access relevant files anytime, anywhere, increasing productivity as much as 400 percent. Nearly three-quarters of businesses noted that the cloud gives them a competitive advantage due to its flexibility to capitalize on opportunities more quickly.

Cloud users have seen real productivity improvement results. In fact, 59 percent of organizations using the cloud are more likely to see productivity benefits like better flexibility and efficiency. To learn more about how the cloud can bring productivity benefits to your law firm, contact Afinety today.