SECURITY & COMPLIANCE

Secure Your Firm with Enterprise Level Security & HIPAA Compliant Solutions

Law firm clientele can span across many different industries requiring industry specific security. Offering compliant solutions that secure data for medical, financial, & government entities is the Rekall standard.

Security & Compliance Services

Web Content Filtering

Category based web filtering service that automatically blocks unapproved websites based on firm management guidelines. Websites can be blocked by category such as gaming, or sports, and can also be blocked by specified website. HIPAA compliance dictates that all file transfer sites must be automatically blocked to combat against data leaks.

Antivirus & Anti-Spam

These security services can be applied to law firm workstations & servers off of the cloud as well as cloud servers. The same security services can be applied via Rekall’s enterprise level spam filter, stopping viruses & malware that may be traveling through email. These security services stop viruses and spyware before they reach your inbox and are automatically quarantined.

Anti-Ransomware

Ransomware is an application that runs behind a familiar file type such as .doc or .zip. When executed it encrypts all data located on your workstation, neighboring workstations and even servers. Ransomware encrypts data making it unreadable. Decryption is possible for a ransom of roughly $2,000 – $3,000. Alternatively, Rekall’s anti-ransomware solution can help your firm to avoid this nightmare.

Rouge Device Management

Rouge access to a firm’s network can come from varying location including the firm’s WiFi network, as well as a workstations, laptops, or mobile devices that travel with firm users. This service not only authorizes pre-approved firm devices for network access, but also looks for non-approved rouge devices that may be residing on the network, blocks their connectivity, and notifies IT staff with text and email alerts in real-time.

Mobile Device Encryption

Whether your mobile devices are firm or employee owned, your firm email resides on mobile devices that must be encrypted according to HIPAA compliance guidelines. With mobile device encryption comes with the ability to remotely wipe, reset, and lock devices over the air. In & outbound call & text logs can be accessed remotely as well among many other functions.

TLS & Email Encryption

Many industries require email encryption as it is the safest form of email transmission to date. Automatically encrypted emails are sent out via your mailbox may it be from Google, Outlook, Android or iPhone. Recipients receive an email notification with a link to view the message on a secure server and securely log in to view your message.

Data Loss Prevention – DLP

Data Loss Prevention (DLP) solutions are designed to detect potential data breaches. These data exfiltration transmissions are prevented by monitoring, detecting & blocking access to sensitive data while in-use by the firm, in-motion by firm software or encryption services, and at-rest while data is not active and residing on a storage device. Those three factors must be fully satisfied for a firm to be compliant.

Penetration Testing Services

Firms that must operate within HIPAA guidelines must have regular penetration tests done by a pre-authorized third-party penetration testing company. Penetration testing consists of ethical hacking whereby access to firm data is tested from outside and inside the firm network. Post-test reporting & recommendations are offered to firms based on test results in order to strengthen & secure firm networks.

Multi-Factor Authentication

Category based web filtering service that automatically blocks unapproved websites based on firm management guidelines. Websites can be blocked by category such as gaming, or sports, and can also be blocked by specified website. HIPAA compliance dictates that all file transfer sites must be automatically blocked to combat against data leaks.

Privileged-Level Based Access

Compliance standards dictate that a firm must have a user hierarchy in accordance with data access. This means user-groups specifying different levels of access to files and folders. Both traditional IT based law firms and law firms who work in the cloud with Rekall receive these services as part of the server build-out / data migration process.

Mobile Media Encryption

Policy based mobile media encryption is a must for law firms who need to stay in compliance. This service not only limits access to mobile media devices such as USB storage devices, but also blocks CD replication hardware residing on workstations. For specified users who have been pre-approved to use these data transfer methods, this service automatically encrypts storage media when data copy jobs are completed. This service can be considered another type of data leak protection.

“Whole” Disk Encryption

While many services stop the transfer of data from one point to another to avoid data theft, this service literally encrypts an entire server, workstation or laptop hard-drive in an attempt to make the device useless if it were to be lost or stolen. Encrypted passwords are required on device boot-up to ensure that authorized personnel is attempting to access said hardware. Consistent failed login attempts result in an automatic enterprise level format of the device, destroying all data in the process.

Get in touch and let Rekall start solving your problems today!