Tabush Group's Cloud & Managed IT Blog

With cybersecurity incidents becoming more rampant, firms are realizing that it is no longer a matter of “if” your firm will be breached, but rather “when” it will occur. Cyber criminals are more sophisticated than ever, with new and evolving tactics employed to steal valuable business information. Of course, the first line of defense is proactive protection, but if those measures fail, how does your firm know what to do in the case of a cybersecurity incident? The best course of action is to have a strong cyber incident response plan.

Desktop as a Service (Daas) is a cloud-based service in which virtual desktops are streamed to end users over the internet. DaaS has many benefits for companies. Because it is typically licensed on a per-user basis, it can easily be scaled up or down depending on the firm’s needs. It also securely allows for a flexible work environment and a “BYOD” policy, permitting users to safely log in from any location and any device they choose, such as a laptop, desktop, thin client, smartphone, or tablet. Before you consider choosing a DaaS provider, here are five factors to consider.

Clients expect high-value service from their law firm. They want their attorney to be accessible, to understand their needs and to solve their problems, expertly and quickly. In today’s fast-paced world, law firms must be highly productive and efficient to meet these demands if they are to retain clients and gain word-of-mouth referrals. 

Law firms are a prime target of cybersecurity attacks because they deal with confidential data, and many do not have the proper security protocols in place. An October 2020 report from the American Bar Association shows that the number of firms who experienced a security breach (such as a lost/stolen computer or smartphone, hacker, break-in, or website exploit) increased over the prior year: 29% of respondents compared to 26% in 2019. One of the most costly forms of a cybersecurity attack in terms of time and resources is ransomware. Let us explore what ransomware is and how to protect your firm.

Small to midsize law firms have been increasingly targeted for cyberattacks. Cybercriminals know that smaller companies are less likely than their larger counterparts to have sophisticated security protocols in place, and that law firm data is particularly valuable. The confidential nature of attorney-client relationships gives lawyers added motivation to pay a ransom to recover their sensitive data, which is not lost on bad actors. In fact, 24.9% of all ransomware attacks in 1Q 2021 targeted professional services firms, especially small and midsize law firms, according to Coveware. 

But despite the growing risk of cyberattacks, law firms continue to make critical mistakes that leave their systems vulnerable to breaches. Below are 5 common cybersecurity mistakes law firms make. 

Cybersecurity attacks continue to rise, and law firms of all sizes have become a prime target. According to Coveware, 24.9% of all ransomware attacks in Q1 2021 targeted professional services firms, especially small and midsize law firms. With the surge in cyberattacks, firms have begun to shift how their IT is managed, with an increase in the use of managed IT services versus in-house IT professionals.

Many companies have emerged from the pandemic with plans to maintain a hybrid work model going forward. This model allows companies to enjoy the communication, brainstorming, and hands-on management benefits of in-person collaboration while still being able to offer employees the perk of working from home a couple times a week, which cuts their commuting costs and improves work/life balance. But while the hybrid model may be the best of both worlds, companies must take steps to ensure that their flexible work environment does not make them more vulnerable to cyberattacks. 

We’ve talked a lot recently about the growing cybersecurity threats that small to midsize firms face as the sheer volume of attempted attacks grow in numbers and sophistication. It is important to make sure our systems are as safe and secure as possible. Here are 2 simple ways to get started: passwords and multi-factor authentication.