The Impact of Security & Data Governance Strategies in a Covid-19 World

When:  Jul 29, 2020 from 13:00 to 14:00 (ET)

Description

A webinar that covers the impact of the COVID pandemic as it relates to Document Management System Strategies and what other full cloud solutions like Microsoft Teams mean to security and data governance strategies.

Outline

Luckily, most firms acted swiftly to implement work from home policies to ensure the health of their attorneys, staff, and the community at large. Learning from what we are going through reveals opportunities to:
Improve access and productivity Improve client communications
Improve data governance and security Improve infrastructure resilience
Improve corporate resilience and preparedness
Moving to the Full Cloud

As the number of attorneys and paralegals requesting documents and trying to access content remotely, systems may get overloaded, causing disconnects, versioning issues, and other agita. How you connect to your technology resources from remote locations dictates realistic performance expectations and capabilities. Within the realm of any given connection type, how the technical components are configured affects end-user performance. The following scenarios are illustrative of this principle. While cloud is not the only way to go, it is the easiest to scale and requires the least amount of ongoing maintenance to ensure resilience.

Scenario 1 - Citrix and Remote Desktop Server (RDS) Connections Firm ABC configured a single server to support all attorneys when working nights, weekends, at client sites, and on vacation. The expectation was that less than half of the attorneys would ever be using it simultaneously. When all attorneys and staff began working from home, everyone’s performance degraded. Firm ABC doubled the CPU resources available to middling, unsustainable success. Firm ABC then created a server farm to support a maximum of 10 connections per server to great success. Firm DEF configured a server farm with a maximum of 10 connections per server. The expectation was that all attorneys and staff could work simultaneously. When employees began working from home, they experienced normal performance and were productive day one.

Scenario 2 - VPN Connection Firm GHI allowed remote connections via a virtual private network. The expectation was that all attorneys could connect simultaneously. When staff were issued VPN clients and began working from home, everyone’s performance degraded. Firm GHI spent two days acquiring and configuring a new VPN appliance to integrate into the existing VPN for proper load handling. Firm JKL allowed remote connections via a virtual private network. The expectation was that all employees could connect simultaneously. When sent home, no one experienced performance degradation.

Scenario 3 - Cloud Connection Firm MNO transitioned to cloud services for on premise and remote connectivity. The expectation was that all employees could connect simultaneously from remote locations as they did from within the office. When sent home, no one experience performance degradation. Moving your document management system to the cloud has never been a better choice. Most on-premise solutions have cloud versions as well as tools to quickly help firms get their data into the cloud. Cloud access to client data improves attorney and staff ability to work from anywhere. The maturity of a firm’s data governance program directly correlates to the risk of data loss and exfiltration. Firms that properly and consistently use document management systems (DMS) for client data are better off than firms who have individual and groups of attorneys working outside the DMS. Without centralized data management, it is highly likely that client data resides on vulnerable home computers and laptops.

Cybersecurity Data:
security is a multifaceted balance of convenience and risk. Measures in place for primarily in-office work do not always ensure adequate security when working from home. What was a reasonable risk to take may no longer be with a remote workforce.

Mobile Device Management:
Mobile device management (MDM) validates all remote connections with certificates stored on the mobile devices. Firms without MDM have no way of verifying from where a connection is being made. Consequently, stolen credentials can be used with the iPhone Mail app and other mail apps to connect into the victim’s email account for purposes of theft and impersonation. While most often associated with smartphones and tablets, with a remote workforce, laptops must be brought into the fold. Laptops should require the same certification and control as other mobile devices.

Multi-factor Authentication:
Our existence in the office is a factor that grants us access to firm data. When out of the office, we lose that factor of authenticity. What’s left are only our usernames and passwords, both relatively easy to steal. Multi factor authentication is a way of validating one’s identity in real time based on something they have that has been given by the firm and cannot be stolen. With all or most connections being initiated remotely, firms without MFA are at exponentially more risk now. MFA should be in place for all systems to which you connect, including cloud services like Office365, and remote connectivity services like VPN, RDS, and Citrix.

Get Chatting:
Once the domain of chat for most people, collaboration tools including Teams, Cisco Jabber, WebEx, and Zoom provide capabilities critical to connecting people who are physically apart from each other. Seeing expressions makes communication more efficient. Being on-screen keeps people from distractions around them. Sharing screens is the new looking over one’s shoulder. Firms with an existing collaborative culture transitioned to remote working with little ramp-up time. They are also the ones readily extending themselves to their clients. This may be a Blackberry moment, in which, seemingly overnight, clients expect a new level of connectedness.

Stand by Me Firms:
with a culture of utilizing centralized helpdesk staff who remote-control to assist employees have transitioned well to working from home. These helpdesks provide an efficient way to troubleshoot and resolve problems experienced in remote locations.

As employees acclimate to working from home, firms can improve procurement efforts by prepackaging shopping lists for employees to use for hardware deliveries. Lists include video conferencing starter packs, new computer outfits, computer peripherals and second monitors, and printer, toner, paper sets.

In remote working scenarios, firms benefit from reducing the need for office and data center visits by firm engineers and consultants. There has never been a better time or reason to move services to the cloud. In addition to the end-user accessibility and performance benefits, cloud services replace firm infrastructure that requires on-going hands-on attention. If you have yet to move services to the cloud, data backup might be the right first step for your firm. Cloud data backup eliminates the need for scheduled pickup and delivery of backup tape media and enables rapid recovery from disruption.

Implement Information Governance:
Now The long term challenge that ideally is addressed while these changes are occurring is governance over all this data: new data types, cloud versus on-premise, and other challenges need the right architecture up front and a roadmap to facilitate healthy governance and ease of access for end-users. Firms must keep compliance issues front and center. The challenges of protecting private or sensitive information in the era of GDPR and CCPA hasn’t disappeared. Businesses will still be fined or worse for improper use of personally identifiable or sensitive data. Lawyers and staff storing documents outside of a document management system and other designated business systems expose the firm to multiple layers of risk—and these habits may have a greater risk of occurrence in a home office setting with unfamiliar workflows.

These are the challenges we face now. It would be unwise to write an article today (in late March) slated for publication much later that portends to offer the “answer.” What is undeniable is the resilience of law firms and the professionals who staff them as they rise to these challenges—and with these changes come great opportunities.

Speakers

Chris Zegers - Director of Consulting, IVIONICS
Paul Sperry - CEO, IVIONICS
Ken Jones - Chief Technologist from Tanenbaum Keale LLP

#Virtual
#ServerOperationsandSecurity

​​​
Event Image