2019 New Year Preparation: What Every Law Firm IT Professional Needs to Know
As the new year begins, it's time to make sure that all of your policies and systems are up to date. Now is the perfect time to review and update or add any necessary systems and policies to ensure your data is secure.
January 18, 2019 at 07:00 AM
6 minute read
A new year is upon us, and as the calendar flips over, many people take time to assess where they are and where they want to be in the coming year. The same exercise can be a useful one for law firms, particularly in the areas of technology and security.
As we head into 2019, law firm IT professionals should take the time to define the firm's goals in the next year and determine how the firm can set itself up for success and security in the IT realm. In order to best prepare for the new year, your focus should be on making sure that your systems are secure and up to date, your data is backed up, and your users know how to spot potential security threats.
Is Your Data Secure?
While that may sound like a simple enough question, there are many policies and procedures that go into securing data in a law firm IT environment. As the new year begins, it's time to make sure that all of your policies and systems are up to date. Now is the perfect time to review and update or add any necessary systems and policies to ensure your data is secure.
While IT environments vary from firm to firm, there are some things that all law firms should be reviewing now in order to set themselves up for success in the coming year.
Security Training: All employees should be required to complete annual user security awareness training. Even if such requirements are in place, it's important to make sure that they are actually met. Review your training records—whoever hasn't taken the training in the past year should be first in line to take it this year. All employees should be scheduled to retake the training at some point over the year. After all, your first line of defense against threats is your users, their ability to think critically and to spot phishing and malware threats before they become problems.
Network Policies: Your users may be your first line of defense, but they can also be a weakness if they're opening your system to threats, even unintentionally. To help curb that possibility, you should review your network policies, update them as necessary, and make sure that your users fully understand them.
Passwords: Passwords are the most direct means of accessing data, and therefore they should be changed regularly to ensure that only those who should have access actually do. Administrative, user, and services passwords should be changed system-wide for the new year. Going forward, they should be changed on a regular basis. If you don't already have a password-change policy, you should implement one in the new year, ideally requiring that passwords be changed every 90 days and are comprised of complex characters.
Wireless: The same notion goes for your wireless network. If your network has a shared password, consider changing it for the new year and resetting it on a regular basis going forward.
Administrative Accounts: In addition to changing passwords, you need to make sure that your administrative accounts are active and that only necessary accounts are enabled. On the flip side, be sure that only active users and employees have access to your systems. An HR review of user accounts can easily identify valid and active employees, which is useful, because IT departments are not always informed of personnel changes.
Upgrades: Software and systems need to be regularly upgraded in order to take remain protected from the latest security threats and take advantage of available functionalities. If your systems and software are not up to date, schedule an upgrade now. Going forward, you should consider implementing a schedule for software upgrades, ideally every month or as critical patches become available.
Equipment Review: Just like your software, you want your hardware to be up to date. As the new year begins, do a review of your physical equipment to create a current inventory of what you have. Once you have that, you can discard equipment that is old or unused, and make better decisions about your infrastructure needs going forward.
Backup Systems: Adequately backing up your data is crucial to security. You may have backup systems or disaster recovery plans in place, but when is the last time you checked to see if they actually work? The new year is the perfect opportunity to do an audit to ensure that your systems and critical data are, in fact, backed up and can be recovered if necessary. The best time to test a business continuity disaster recovery plan in place is before you actually need it and before your clients ask for it.
Anti-Virus Measures: Many firms rely on software to help keep out intruders and stop malicious attacks. Going into the new year, review the various anti-virus solutions, firewall systems, and host intrusion prevention systems that you have in place to make sure that they are not just up to date, but performing the tasks you need to meet your security objectives.
Mobile Devices: When it comes to law firm IT, few areas have changed as drastically in the last decade as the expanded use of mobile devices. Chances are, your users are using lots of them, and have probably changed the mobile devices they use in the past year. Run a review of the mobile devices that have connected to your system, and delete or purge those that have not connected in a while. Mobile device management starts with active monitoring of exactly which devices are being used to access your systems and data.
Physical Security: While law firm IT departments typically devote most of their time to security systems and the firm's virtual presence, it's important not to forget your physical environment. The new year is a good time to test things like your smoke alarms, UPS (uninterrupted power supply), and security cameras.
In an organization as complex and with as many moving parts as a law firm, there are countless factors that go into securing data. By starting with the measures outlined above, law firm IT departments can ensure that they are in a good position going into 2019 to accomplish their security goals for the coming year.
If your firm's IT department institutes the right changes and upgrades now, you'll look back on 2019 as a success as it relates to data security.
Eli Nussbaum is a managing director at Keno Kozie Associates. He joined the firm in 1998 as part of its Y2K audit team. Eli then became a full-time engineer and has held every position within the department. During his tenure with Keno Kozie, he has focused on physical, virtual and cloud infrastructure design and implementation for both client and desktop environments.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrending Stories
- 1John Deere Annual Meeting Offers Peek Into DEI Strife That Looms for Companies Nationwide
- 2Why Associates in This Growing Legal Market Are Leaving Their Firms
- 3Visa's Defense of DOJ Antitrust Case Suffers Setback After Court Denies Motion to Dismiss
- 4Greenberg Traurig Combines Digital Infrastructure and Real Estate Groups, Anticipating Uptick in Demand
- 5Trump Administration Faces Legal Challenge Over EO Impacting Federal Workers
Who Got The Work
J. Brugh Lower of Gibbons has entered an appearance for industrial equipment supplier Devco Corporation in a pending trademark infringement lawsuit. The suit, accusing the defendant of selling knock-off Graco products, was filed Dec. 18 in New Jersey District Court by Rivkin Radler on behalf of Graco Inc. and Graco Minnesota. The case, assigned to U.S. District Judge Zahid N. Quraishi, is 3:24-cv-11294, Graco Inc. et al v. Devco Corporation.
Who Got The Work
Rebecca Maller-Stein and Kent A. Yalowitz of Arnold & Porter Kaye Scholer have entered their appearances for Hanaco Venture Capital and its executives, Lior Prosor and David Frankel, in a pending securities lawsuit. The action, filed on Dec. 24 in New York Southern District Court by Zell, Aron & Co. on behalf of Goldeneye Advisors, accuses the defendants of negligently and fraudulently managing the plaintiff's $1 million investment. The case, assigned to U.S. District Judge Vernon S. Broderick, is 1:24-cv-09918, Goldeneye Advisors, LLC v. Hanaco Venture Capital, Ltd. et al.
Who Got The Work
Attorneys from A&O Shearman has stepped in as defense counsel for Toronto-Dominion Bank and other defendants in a pending securities class action. The suit, filed Dec. 11 in New York Southern District Court by Bleichmar Fonti & Auld, accuses the defendants of concealing the bank's 'pervasive' deficiencies in regards to its compliance with the Bank Secrecy Act and the quality of its anti-money laundering controls. The case, assigned to U.S. District Judge Arun Subramanian, is 1:24-cv-09445, Gonzalez v. The Toronto-Dominion Bank et al.
Who Got The Work
Crown Castle International, a Pennsylvania company providing shared communications infrastructure, has turned to Luke D. Wolf of Gordon Rees Scully Mansukhani to fend off a pending breach-of-contract lawsuit. The court action, filed Nov. 25 in Michigan Eastern District Court by Hooper Hathaway PC on behalf of The Town Residences LLC, accuses Crown Castle of failing to transfer approximately $30,000 in utility payments from T-Mobile in breach of a roof-top lease and assignment agreement. The case, assigned to U.S. District Judge Susan K. Declercq, is 2:24-cv-13131, The Town Residences LLC v. T-Mobile US, Inc. et al.
Who Got The Work
Wilfred P. Coronato and Daniel M. Schwartz of McCarter & English have stepped in as defense counsel to Electrolux Home Products Inc. in a pending product liability lawsuit. The court action, filed Nov. 26 in New York Eastern District Court by Poulos Lopiccolo PC and Nagel Rice LLP on behalf of David Stern, alleges that the defendant's refrigerators’ drawers and shelving repeatedly break and fall apart within months after purchase. The case, assigned to U.S. District Judge Joan M. Azrack, is 2:24-cv-08204, Stern v. Electrolux Home Products, Inc.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
