Three Essential Cloud Security Techniques for Law Firms
As I mentioned in an earlier post, law firms have become more frequent targets for external attackers, but that doesn’t necessarily mean that they are limited to on-premises data management strategies. By combining a cloud provider’s security expertise and practices with additional security measures, businesses can gain the cost and efficiency advantages of the cloud while also:
- Preventing accidental transmission of sensitive data to cloud services
- Segregating duties and protecting data that is intentionally stored in the cloud
- Tightly governing how cloud applications are used
Preventing Accidental Data Leakage
As the use of cloud applications grows at law firms, it’s important for IT security teams to delineate between applications that are approved destinations for sensitive data and those that are not. Even when this occurs, it is often unrealistic to expect busy professionals to recognize and remember the difference.
Vaultive can implement automated policy controls to prevent this type of data leakage by inspecting content transmitted to specific cloud services in real-time. These controls can block files from going to the cloud based on data matches and selectively redact text entered into particular fields, as needed. Restrictions can include simple matching against content classification trigger words (e.g., “Client Confidential”) or exact matching against data sets, such as a hashed list of client names.
Segregating Duties and Protecting Sensitive Data
As the sanctioned use of cloud applications expands, law firms will intentionally store certain types of sensitive data in the cloud which will require additional security measures.
The theoretical ability of a cloud provider to access data stored in its systems is enough to give many law firms pause, but it is possible to isolate cloud-hosted data from the cloud provider using encryption with customer-held keys.
Vaultive makes this practical through a patented technique that encrypts data while preserving key functionality such as searching and sorting. Combining the ability to encrypt and preserve application functionality assures firms that unauthorized access to a cloud provider’s infrastructure will not compromise their data while also maintaining the productivity of their legal professionals.
Governing Cloud Application Usage
Even when data is protected through encryption and other measures, the flexible and collaborative nature of cloud applications can bring an increased risk of human error. For example, there have been numerous recent examples of misconfigured Amazon Web Services storage buckets leaving sensitive information accessible on the public internet.
The nimble and elastic nature of cloud services can cause usage expansion to outpace security practices. It’s also easy for new insider threats to emerge, such as the ability for cloud service administrators to unnecessarily access large quantities of sensitive documents and executive email accounts.
Law firms can mitigate these types of risks by using the Vaultive platform to implement cloud privilege management policies that can selectively apply additional security to high-sensitivity workflows. Examples might include:
- Throttling the number of new cloud resources a user can spin up per day
- Inserting management approval workflows for certain sensitive actions (e.g., accessing a firm partner’s mailbox)
- Requiring step-up authentication for specific cloud application workflows (e.g., bulk export of records)
While law firms often have the resources to maintain on-premises IT infrastructure, it’s no longer a necessity for them to forgo the efficiency and cost benefits of cloud services. With the right tools and practices in place, migration to the cloud can even result in a stronger security posture.
Are you interested in learning more about how your law firm can use the cloud securely? A short introductory conversation and demo with the Vaultive team is a great place to start.
The post Three Essential Cloud Security Techniques for Law Firms appeared first on Vaultive.