How Our State-of-the-Art Defenses Deter Cyber Threats
By Wayne Nitti
Remember last year’s Equifax debacle, when hackers stole the Social Security numbers and other personal data belonging to 148 million US consumers? Condemned at the time as the biggest corporate security failure ever, it might have signaled a watershed moment in how businesses and professional services firms protect customer and client records. Instead, it’s become part of a menacing trend, including hacks on law firms.
According to BreachLevelIndex, in the first half of 2018, security lapses jumped by 72 percent over the same period in 2017. While the greatest volume of attacks involved social media and consumer platforms, the Index also found increasing vulnerabilities in the professional services sector, which accounted for seven percent of 550 reported incidents within the US.
In this hostile environment, I’m gratified that Case Anywhere’s multi-tiered security structure vigilantly protects our litigation and arbitration clients’ data from an incursion. I’m committed to maintaining a security scheme that distinguishes us from others in the online legal case management space and treats data protection as a priority and not an afterthought. We adhere to the rigorous, five-pronged cybersecurity framework developed by the National Institute of Standards and Technology. We follow the industry-preferred protocol for concealing communications within encrypted links. And we’ve been market leaders in adopting two-factor authentication that bars bogus logins.
Mindful of our obligations to stay on top of the benefits and risks of emerging technologies, we have layered in additional security features:
- Our proprietary software creates a secure, private space for every case. It also enables users to designate who may access specific documents within a single case or group of coordinated or related cases. Whether you’re serving a sensitive discovery request or uploading documents related to a private arbitration, Case Anywhere’s software enables you to file, serve and share documents according to your preference. Designate an organization, a group that includes select co-counsel and opposing counsel, or—at the most granular level—lock down access to only one person. As appropriate, users can grant or deny access to case file documents to court personnel, judicial referees and mediators. In an effort to ensure that documents and service records don’t go unnoticed, we’ve also created a feature that notifies a designated person’s team members that a document has been served, while at the same time restricting their access to the actual record.
- We personally manage all case files to ensure confidentiality. As I discussed in an earlier post, we are a team of seasoned legal and arbitration case management professionals. We manage each case internally and we never outsource customer support. No matter how trivial the issue, including matters requiring technical support, Case Anywhere clients interface exclusively with one of us. Members of our team are on call to provide swift solutions.
- We backup everything, hourly, and at multiple locations. In the unlikely event that our primary data center were to be wiped out, we have a second secure space where all our hosted case files are continually updated and backed up. We’re prepared to quickly restore all users’ access.
- We use best-of-breed tools and analytics to detect and stop threats. Experienced and certified security analysts monitor all our data, 24/7/365. Our services and infrastructure meet the strictest requirements for protecting both privacy and content. We also deploy scanning technologies designed to detect vulnerabilities in real time.
I know that online security is a subject lawyers prefer not to think about. It’s costly, and often perceived as not worth the trouble. Besides, the argument goes, it’s so easy to communicate via email. That’s a dangerous mindset. In addition to stepped-up client demands for law firm security audits, a recent American Bar Association ethics opinion suggests attorneys should double down to protect client data sent via digital communications.
Ethical concerns have driven many of the business decisions I’ve made since launching Case Anywhere in 2006. Beyond ensuring client confidentiality, I see it as our duty to ensure that all data transmitted to our system remains secure and uncorrupted. We’re not immune to cyber threats, but our multi-tier security scheme has proven successful in managing cases for thousands of lawyers and arbitration professionals. We also continually evaluate emerging security issues.
Find out how our online case management system can help your firm exceed client expectations for state-of-the-art security. Request a demonstration or email our support team. We’re committed to your security and your success.