15 April 2017Jon Robinson
The cyberattack and the massive global disruption caused by the ransomware WannaCry in May 2017 has not only affected 99 countries but also called into question whether the IT security measures employed by individual organizations or corporations are sufficient to protect our data against malicious hackers.
Just a day prior to this wave of 75,000+ ransomware attacks — no doubt prompted by the increasing number of data breaches across both government agencies and the private sector with hacking/skimming/phishing being the leading cause — the White House issued an executive order that called for “a modern, secure, and more resilient executive branch IT architecture” to manage and reduce risk.
The executive order stated, ”Agency heads shall show preference in their procurement for shared IT services, to the extent permitted by law, including email, cloud, and cybersecurity services.”
“Shared IT services,” simply put, is the consolidation of business operations that are used by multiple parts of the same organization. (source)
The advent of cloud computing, in which data and files are stored in a centralized off-site location instead of being hosted on individual computers or local servers, has modernized the implementation of shared IT services.
This executive order underlines a shift in our nation’s approach to cybersecurity and should be taken as a directive — for small businesses and large corporations alike — to rethink their own IT security.
Lessons From The WannaCry Cyberattack
The ransomware WannaCry attacks individual computers and the local network they’re connected to, locking down files and data so businesses have to pay a ransom to the hackers in order to regain access to their files.
The ransomware targeted a vulnerability in Microsoft Windows operating system — one that was discovered a back in March 2017, and for which a patch was issued.
Most individual computer users, who have automatic software update enabled on their computers, were not affected. However, larger organizations with a cumbersome IT procedure might not have deployed the fix in time to protect their systems from the attack.
The ransomware made its way into the organizations via employee emails — it took only one unsuspecting employee to click on one link or open one file to introduce the virus onto their machines. Since the infected machines are connected to the local server, every computer connected to the network then became compromised.
Numerous organizations were brought to their knees because their local servers were attacked by the virus.
If the data and files were not stored locally in computers or on-premise servers, the ransomware wouldn’t have had anything to hold for ransom.
The Challenge of Using an On-Premise IT Solution
Many law firms are still using an on-premise IT solution — which means all the computers in an office are connected to a server installed on-site — the exact local network set up that made the May 2017 cyberattack possible.
Maintaining an on-premise IT solution is becoming increasingly challenging and costly as hackers are coming up with new ways to breach IT security systems faster than ever.
Many in-house IT professionals have found it very difficult, if not impossible, to keep up with new security measures: keeping every piece of hardware and software up to date, ensuring security settings are correctly applied and audited regularly and having a backup system in case of a failure or attack.
Not to mention, few companies have the personnel or resources to stay on top of the fast-changing cybersecurity landscape.
If you’re still using an in-house server, you too are facing these challenges whether you’re aware of it or not. When was the last time you check with your IT team to understand the security measures that are in place to protect your company from malicious hackers and other cyber crimes?
As a law office, an IT breach will not only put your own files and data at risk but also the confidential information entrusted to you by your clients.
A breach will not only cost you financially but will also affect your reputation as well as your client relationships.
It’s time to re-evaluate the security measures you have in place and see how you can better protect your files and data from malicious hackers.
Beef Up Cybersecurity With Cloud Computing
The best way to lighten your cybersecurity burden is to move your files and data to the cloud.
If you’re having doubts and wondering if the cloud is indeed more secure than an on-site server, consider this: a majority of IT professionals who understand the intricacy and cost of setting up and maintaining a secure IT environment consider cloud computer to be a more secure solution.
Having your server on-premise could give you a false sense of “control” but in reality, you’re exposing your company to unnecessary risks.
Cloud computing is more than just storing your files off-site in another computer — a misconception preventing many from taking advantage of all the security features cloud computing has to offer.
A top-tier cloud-computing platform is supported by a large team of experts who make maintaining a secure IT environment their business.
The platform can be set up so it can only be accessed through multiple layers of authentication to minimize unauthorized access.
Moreover, the cloud is isolated from the individual devices (e.g. computers, phones and tablets) used by your employees, so even if one device gets infected with malware, your files and data will remain secure.
Many cloud-computing platforms, such the Salesforce platform on which Litify is built, are compliant with some of the most rigorous, industry-accepted security and privacy standards — including HIPAA/PHI. Their teams of security experts keep the platforms up-to-date with all the compliant requirements so you don’t have to break a sweat.
Last but not least, cloud computing providers have comprehensive backup and recovery plans in place so you don’t have to worry about losing your files and data in an event of a cyberattack or a physical disaster.
Start Protecting Your Data Today
Since current ransomware only has the ability to affect locally stored files, the best way to protect your data is to store your files in a cloud-computing platform.
Litify stores all the clients’ data on the Salesforce platform — a top-tier cloud-computing provider that follows the strictest security protocols.
The platform backs up data frequently at regular intervals. If our clients experience data loss, they can simply restore their files from a backup with minimum disruption to their businesses.
If you’re ready to see how your law firm can benefit from cloud security, contact our team here at Litify to schedule a free demo.