Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back

Post-Coronavirus Information Security: How Should You Reopen Your Firm?

Written by: Cameron G. Shilling

Published in NH Bar News (7/15/2020)

While our attention has been focused on coronavirus, cyber criminals have concentrated on infecting us with different viruses. As we rapidly transitioned to remote work, hackers capitalized on weaknesses like (a) insecure Wi-Fi, (b) employee personal computers used to access firm networks, (c) video conferencing that does not prevent downloading of malware, (d) infected external drives used to store firm information, and (e) compromised/weak passwords used to access email and other primary business systems.

As firms reopen, the return of employees presents not only a risk of transmission of Covid-19, but also a spread to firm networks of cyber viruses. Indeed, many firms are unaware that hackers have already infected their systems via remote access applications used during the pandemic, and are waiting for a return to normal activity before paralyzing firms with ransomware or stealing funds.

To avoid becoming a victim, firms should take as much care when returning employees to their networks as they do returning employees to their offices. The following are a few steps to help ensure information security.

  1. Before returning employees to the network, conduct an ad hoc risk assessment with an experienced information security professional to identify risks to your firm.
  2. Scan all laptops with advanced security software before permitting them to be reconnected to the network. Normal anti-virus/anti-malware is often insufficient to detect the malware, ransomware, and “zero-day” viruses created during the pandemic.
  3. Scan the network with such advanced software before permitting employees to reconnect, to ensure that any malicious application is removed before it can spread.
  4. Require employees to change their passwords before or at the time they reconnect, and ensure that passwords are truly complex.
  5. Implement multi-factor authentication for all primary systems, both on premises and in the cloud.
  6. Ensure all operating systems and applications are updated and patched.
  7. Disable USB ports on firm computers, or ensure that external drives are scanned by the advanced security software whenever connected.
  8. If employees were permitted to access the network using personal computers, terminate such access, recover all firm information, and ensure that such information is permanently erased from those computers.

 

While we are all eager to return to more normal operations and financial stability, rushing to do so without proper preparation may result in a security incident that is as time-consuming, costly, and as damaging as the coronavirus shut-down. Following the steps above will both diminish the risks that firms face when reopening, as well as create businesses with stronger information security controls for the long term.

Cam Shilling chairs McLane Middleton’s Information Privacy and Security Practice Group. Founded in 2009, the firm’s team of three attorneys and one technology paralegal assist businesses and private clients to improve their information privacy and security compliance, and address any security incident or breach that may arise

Integrity and trust

At McLane Middleton we establish and maintain long-standing relationships with our clients to help us better achieve their unique goals over time. This approach to building trust requires that our esteemed lawyers and professionals use their broad, in-depth knowledge and work together with integrity to ascertain sound resolutions to legal matters for their clients.

Strength in numbers

McLane Middleton is made up of more than 105 attorneys who represent a broad range of clients throughout the region, delivering customized solutions. As a firm we are recognized as having the highest legal ability rating. The firm is rated Preeminent by Martindale Hubbell and is recognized as one of the nation's leading law firms in Chambers USA. Our attorneys are distinguished leaders in their respective practice areas.

Meet Our People

Commitment and collaboration

McLane Middleton's versatile group of attorneys and paralegals become trusted authorities on each case through collaboration. We work with our clients to learn their individual needs first and foremost and, together, we develop comprehensive solutions to their specific legal matters. This approach helps us exceed our clients' expectations efficiently and effectively, client by client, case by case.

Practice Areas

A history of excellence

McLane Middleton was established in 1919 in New Hampshire, and has five offices across two states. However, deep historical roots don't allow you to become innate. Our firm is organized, technological, and knowledgeable. Our history means we are recognized. But our reputation is built on the highest quality of service and experience in very specific areas of law.

The Firm

Intelligence paired with action

Our team continuously seeks opportunities to enhance their professional development and put key learnings to action. The pursuit of further insight guides us to volunteer service opportunities, speaking engagements, and teaching roles. Our lawyers are sought after thought leaders across their industries, and recipients of leadership awards throughout the region.