Risk & Compliance
By Fiona Hamilton, head of client services, Sprout IT
Given the highly sensitive nature of the data held on individuals and companies by legal firms, solicitors’ practices and barristers’ chambers often find themselves disproportionately targeted by cybercriminals keen to access their systems, download their data, and sell it to the highest bidder.
What are Sprout IT’s top 8 easy-to-follow rules for firms looking to protect themselves, their clients, and their staff?
1. Don’t use obvious passwords
This article was written by Thomas Crabtree, head of service development and learning at Ten10
Testing is all about providing information to stakeholders about the quality of a system. There are a number of different types of testing that can be used to explore and test a system. The type of testing typically depends on what is actually being tested and the approach that is used to perform the testing.
The number one cause of data breaches worldwide is human error. A notoriously difficult thing to prevent, simple mistakes like addressing an email to the wrong person can end up causing serious reputational damage to a business. cleanDocs is a powerful line of defense against data leaks through email since it asks users to check and confirm the email recipient before it leaves their outbox.
Pinnacle has announced the official release of its client due diligence (CDD) solution following successful pilots in two top 20 law firms over the summer.
CDD has been designed to help global firms manage the myriad stringent requirements more efficiently, in particular catering for the subtle differences in client due diligence that exist in the UK, Netherlands, Belgium and the US.
Every document scanning project needs a roadmap to ensure its success. Here are several guidelines to follow when digitising your documents:
Without a plan, a project scope can expand endlessly or fizzle out before the goal is reached. Know your workflow objectives, file activity levels, and retention requirements before you start scanning.
When confronted with unexpected business disruptions, alternative investment firms must react swiftly, methodically and successfully or else risk significant financial loss. This level of response requires extensive business continuity planning to ensure all aspects of a firm’s business are evaluated and protected.
Effective business continuity planning (BCP) can help minimize financial loss and the negative effects of disruptions on an investment firm’s strategic plans, market position, operations, and reputation.
When a cybersecurity incident happens, it is critical to act fast to minimize any inherent risk to your firm. That said, being able to act swiftly requires firms to have an Incident Response Plan in place.
Please join us on Thursday, October 18th to hear from Matt Donahue and Jeremy Ross, business continuity consultants at Eze Castle Integration to learn the steps to create a plan for before, during and after a cyber incident, including sample incidents and appropriate response steps.
In today's changing regulatory and investor landscape, Information Security Plans are critical for alternative investment management firms to comply with SEC regulations, due diligence requests and state laws.
Please join us on Thursday, October 4th to hear from Matt Donahue, business continuity consultant and Steve Banda, senior product manager from Eze Castle Integration to learn:
- What is an information security plan and why it is necessary to have a formal plan in place?
- What are the nine steps to create an information security plan?
Since 2003, October has been recognised as Cybersecurity Awareness Month. It encourages businesses around the world to be vigilant and share tips on digital security and protection. With the spotlight on security awareness, now is the perfect time for law firms to assess and update any defence practices in place, to ensure their network remains bulletproof in an ever-changing threat landscape.
Hackers continue to be successful, which is why finding the right expertise to secure your firm is a must. But that has often proven to be very costly, with many additional costs including cancellation fees and extra for reporting.