Small, Midsized Firms Take No Frills, Budget-Friendly Approach to Remote Work
Caught off guard by the change to remote working, many midsized and small firms are now adopting low-cost solutions to meet the new cybersecurity demands of this new business reality.
May 20, 2020 at 12:00 PM
3 minute read
The ongoing stay-at-home mandates have quickly made remote working a reality for many law firms. But initially, some smaller and midsized firms were caught flat-footed by the government orders.
"Smaller to midsize firms have had to respond and weren't prepared for this on scale," said Mark Sangster, vice president and industry security strategist at managed detection and response provider eSentire.
Over the past few months, midsized firms and boutiques had to readjust their cybersecurity practices and lean more on third-party tech experts to meet the new cybersecurity challenges of work spaces spread outside the office.
Many of these firms shifted from a central office model to a dispersed workforce by investing in VPNs and remote access technology and leveraging multifactor authentication, Sangster said.
He added that midsized firms also began investing in endpoint security, while many midsized and small firms began deploying administrative tactics to curve cyber risk, including addressing employees' Wi-Fi security.
"Now that we're working from home, we have internet routers that are consumer-grade, and they don't have the same price point and security [as the firm's internet connection]. It's far more easily exploited," he explained.
In response, small and midsized firms often tell employees and lawyers to change their routers' default password and set their Wi-Fi to private.
"This is where the firm and employee have to step up and beef up their technology with the tools they have. People aren't going to buy six-figure firewalls for their home, and most law firms won't [buy it for them] either. Perhaps you may do that for particular rainmakers, but not your entire employee base," Sangster said.
Law firms are learning how to adjust their cybersecurity tactics primarily from third parties, said Ken Jenkins, principal and founder of cybersecurity provider EmberSec.
"I haven't seen an uptick in more sophisticated software and products per se, but the advisory is definitely blowing up, helping them understand their threats as they have a remote workforce," he said.
Pennsylvania midsized firm McNees Wallace & Nurick, for instance, has brought in vendors to audit its security settings and it added more multifactor authentication protections, said Stephen Sobotta, the firm's chief information officer.
McNees Wallace also encouraged greater cyber awareness by leveraging a vendor that sends phishing alerts and messages to test staffers and attorneys. "If we can increase our user awareness their increased awareness adds to our depth of security and that's as important as adding additional layers of software, if you can stop an incident at the user," Sobotta said.
Not all firms are hiring extra expertise, however. Some are instead leveraging available resources.
Nicole Gueron, founding partner of 11-lawyer Clarick Gueron Reisbaum, for example, said she and her lawyers participated in CLE remote arbitration and Zoom training to meet the demands of working remotely. Additionally, while she's previously used an on-demand IT provider, as the firm works remotely "we've leaned on him harder to advise us" on cybersecurity best practices, she said.
Gueron said she wasn't sure what new tech-based steps she would take if mandates and safety concerns kept her staff out of its New York City-based offices for six or more months.
"Right now we are not intending on spending more, but if we've learned one thing from this situation, it's thinking we know what to expect in the future can be dead wrong."
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrending Stories
- 1Hochul Vetoes 'Grieving Families' Bill, Faulting a Lack of Changes to Suit Her Concerns
- 2Life, Liberty, and the Pursuit of Customers: Developments on ‘Conquesting’ from the Ninth Circuit
- 3Biden commutes sentences for 37 of 40 federal death row inmates, including two convicted of California murders
- 4Avoiding Franchisor Failures: Be Cautious and Do Your Research
- 5De-Mystifying the Ethics of the Attorney Transition Process, Part 1
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250