Open Forum

 View Only

IT Security: Why a Disaster Recovery Strategy Must Be Top-of-Mind in Today's Legal Practice

By Jeff Ton posted 08-11-2017 10:45


An entire empire has been built on stealing sensitive company data, holding data hostage or releasing scandalous information to the public. This has made cyberattacks the No. 1 threat for businesses, according to data from the Business Continuity Institute. But despite precautions, these breaches are still occurring at an alarming rate. What could law firms be doing better?

It’s no secret that data security is essential to our modern, technology-driven marketplace. With the internet of things and artificial intelligence growing commonplace, the expectations for continued innovation and constant availability are stronger than ever.

The personal and professional demand for easy accessibility, is in constant tension with security, which tends to slow down user access (think of how login credentials hinder fast banking on your phone). These two immensely important values are challenging for businesses, especially law firms, as they try to push innovation forward.

The answer lies in mitigating the most vulnerable areas where firms keep their data – something that may be most needed in IT disaster recovery (DR) environments.

How to Increase Security in DR Environments

Large corporations typically spend millions of dollars each year securing their production environments. Yet, secondary sites don’t receive the same attention, which leaves them vulnerable to cybersecurity breaches. In fact, cyber criminals have caught wind of this, and may now view DR environments – which house a law firm’s most critical data – as low-hanging fruit.

DR originally emerged to help organizations get running again after apocalyptic weather-related events, but tornadoes and floods are no longer the main causes of downtime. As a result, the focus has shifted to mitigate against these new threats, threats which demand a more proactive approach. Security events are increasingly being considered "disasters," and law firms are taking additional steps to avoid reputation and revenue fallout.

To beef up your DR environment, start by making sure that everything is current, from firewalls to patching levels on devices where you’re landing your data. Your storage should be encrypted, and so should the data while in transit.

Consider who has access to the data, not just in terms of virtual access, but in physical access as well. Do you keep a log of who enters your datacenter and when? How about at your DR site? Do a time-based sign-in and sign-out at the entrance. All DR environments, especially those with an active/active setup, should be as fortified as your production hosting.

For tape-based copies of data, it’s important to store these backups in a secure location. Use an offsite vault at a reputable firm. There should be a clear audit trail of what tapes were picked up when and by who, both going to the vault and being retrieved from the vault.

Uses of DR for Security Incidents

It’s not all “doom and gloom” when it comes to DR. In fact, there can be several benefits when you take those “doom and gloom” scenarios and turn them around with proactivity. Yes, this is about using DR as a mitigation strategy for security breaches.

This is best illustrated in the instance of ransomware, where DR can be a tool for empowerment. When a cybercriminal infects your IT systems and locks you out, you have two choices: Pay the hostage fee or put your foot down. If more law firms refused to pay these hostage fees, the ransomware industry would crumble. So, let’s kill it.

With a robust DR strategy, your IT team can respond quickly to affected components and invoke the aid of your most recent data copies. Having physical backups disconnected from the internet for this scenario is a great strategy. But if these copies aren’t easily accessible or haven’t been performed recently, then you could risk losing critical changes or case information.

For this reason, pair your physical backups with another form of recovery, called replication. Replication provides continuous protection with potential data loss measured in seconds or minutes, instead of days or weeks. Because replication takes place at the machine level, servers can be restored in minutes, without the need to rebuild them prior to restoring backups.

Keep Your DR Plan Updated

While there may be no complete safeguard against security incidents, with a solid DR plan, law firms can better ensure business continuity in the face of threats. While all of these suggestions might seem commonsense to some, many firms still aren’t taking the right measures for robust protection – perhaps because it might not occur to them, or because they simply lack the necessary resources. It’s crucial to be vigilant. After all, protecting your client’s data and your firms reputation takes a well-balanced approach of prevention, detection, and, as you’ve seen here, restoration.

For more information, visit


#cyberthreatintelligence #DRBCTechnologies