In a recent interview, CIO of Brown Rudnick, Jim Darsigny, discussed the growing adoption of cloud storage and overall technological advancements within the legal industry. Brown Rudnick, an international law firm with 230+ lawyers is no exception to the ubiquitous concerns of cloud security that weighs heavy upon the industry as a whole. As cloud options become more attractive, security concerns rise. Security and convenience are inversely proportional which creates key decision points when making cloud decisions.
I like how Darsigny describes cloud security, “Security and convenience are antithetical. The more convenience you want for your users and your clients, the harder it is to apply strong security to it. The stronger the security around any tools or portals you offer, that affects the convenience…”
Common examples of this imbalance include:
Security control: Implementing password expiration policies
Inconvenience: Users must remember ever-changing passwords
Security control: Implementing network policies that automatically lock a PC once maximum idle time has been reached
Inconvenience: Users must consistently log back into their computer
Security control: Implementing corporate policies to ensure laptops are safely secured and locked at all times
Inconvenience: Users on-the-go must lock their laptops in their car trunk and/or bring them home each night
When asked about his concerns over the threat of a security breach, Darsigny stated that he hadn’t heard of a specific legal case but acknowledged that law firms are a primary target. I recently wrote about the security between online and on-prem and read that over 80% of the largest law firms HAVE experienced some sort of security breach, according to the COO at Digital Guardian. So why hasn’t Darsigny heard of a specific case? This is common. Even special agent in charge of the Cyber and Special Operations Division for the FBI’s New York office, Leo Taddeo, states he also has not heard of any law firms affected; he says, “Either the firms have perfect security, have been hacked and don’t know, or they’ve been hacked and don’t tell.”
You can read the full interview with Brown Rudnick here.
What questions should you ask your cloud provider? Click here
How secure is your on-prem environment? Click here