ILTA Master Class: Conditional Access: Enhancing Policies to Protect Clients

Most large law firms already have Conditional Access policies in place. The real question is: when was the last time you revisited them? In the rush to minimize downtime and keep attorneys productive, policies are often left as-is, or rolled out with exclusions and shortcuts that reduce disruption in the moment but leave lasting gaps. On paper, the firm looks covered. In reality, attackers can still find their way in.

This session goes beyond theory and into the lived reality of Conditional Access in law firms. We’ll explore why missteps are so common, what they look like in practice, and how to strengthen policies without slowing attorneys down. A real-world case study will show how attackers bypassed MFA through overlooked conditions — and how stronger Conditional Access could have greatly reduced impact or stopped them completely.

You’ll learn how to: 

• Balance speed, stability, and security when rolling out policies 
• Identify and close common gaps created by exclusions or partial deployments 
• Strengthen Conditional Access without disrupting attorney productivity 
• Revisit and optimize policies so they keep pace with evolving threats 
• Conditional Access isn’t a checklist exercise. Done right, it protects your firm’s most sensitive work and gives IT leaders the peace of mind that hidden gaps aren’t putting the business at risk. 

Conditional Access isn’t a checklist exercise. Done right, it protects your firm’s most sensitive work and gives IT leaders the peace of mind that hidden gaps aren’t putting the business at risk.