The 3 Pillars of Law Firm Tech Security & You Probably Don’t Have 1!
When we come onsite to a new client, we have an agenda. The big question is, “how secure is the network?” We often find networks with no security. These networks generally have a free antivirus like AVG, Microsoft Security Essentials or Avast!. These crappy AV (Antivirus) solutions are usually accompanied by an $80 Linksys router. The icing on the cake is that the users are using AOL as their corporate email solution. You may ask, dude, where do the 3 Pillars come in, well, I’ve already explained what they are. The 3 Pillars of security consist of a gateway firewall, inbound spam filtering for all email, & a solid antivirus. The first two do the heavy lifting why the third is there just in case. Please remember, there is no silver bullet with virus protection, no one piece of software will protect you from every virus out there, this is why we have 3 pillars instead of 1.
Firewalls – Protect Your Network
Firewalls do what routers do, but they also have protection. A Linksys router that you buy from Best Buy or Staples has NO virus, malware or hacking protection. They are for home use only and I am starting to think that they are not even good for that! A router simply splits up your internet connection so that it can be shared throughout a home or office. A firewall does this as well but has added features. The firewall we work with can monitor web usage for all users and generate reports by username on a daily, weekly or monthly basis. Our firewall also has the ability to block sites. We are often asked to block facebook and twitter due to employees constantly spending office time on these sites. We also have the ability to block chat software like AIM and Skype. One of the most important features that our firewall has is a dual antivirus filtering service. Internet comes from your ISP (Internet Service Provider). From the magic ISP building, internet goes to your modem in your office. From there, our firewall is connected to that modem. Every website, every piece of mail, every spec of data is scrubbed, washed and checked for any trace of malware, spyware, and viruses before it hits your office network. This is what a firewall does, it filters the bad stuff like a sifter and leaves the good stuff to pass through.
Not all firewalls are built the same, in fact most are crap. We deal with a very high end firewall which is why the cost is higher than normal. We would rather not sell firewalls than sell $250 paper weights. Sonicwall is crap, Firebox is crap, Checkpoint is crap, Cisco is not bad, Watchguard is crap. You get what you pay for with firewalls so don’t cheap out! If your a small doctor or a dentist’s office, you cant afford not to get a good firewall. You can loose your practice if you are cheap, it’s as simple as that. God forbid a trojan bot came though on your medical data server and started uploading data back to the origin server. This does happen, and if it didn’t, there wouldn’t be firewalls, think about it. Our firewalls also enables secure SSL VPN remote access to your network instead of opening port 3389 on your server, basically opening the door to hackers. We have clients who run SBS Servers who have no choice but to keep port 3389 open so they can remote in, and they also have over 1300 attempted logins each and every night. A good firewall can do it all if your willing to spend the money, and if your not, then your simply a target waiting to be manipulated. It’s a very black and white thing, no gray area here.
Spam Filtering – Protect Your Privacy & Reputation
Spam filtering is another pillar that clients simply do not take seriously. A spamfilter works like this, I email you, it floats to the internet and finds your domain, travels the domain highway to your spamfilter service or device, here it is scrubbed and checked for viruses and spam which if present are removed. The email then hits your server and jogs into your inbox, clean and safe to open. People sometimes think AOL & Verizon email accounts are acceptable email solutions. Please, STOP USING THESE ACCOUNTS. Do you have any idea the lack of security on AOL, Verizon, Yahoo, MSN accounts? Did you ever get a funky email from your friend that didn’t look right? I get them all the time from my friends with crappy Yahoo accounts when their accounts are hacked. The hackers then send crap mail out to all the people in their contact list. Those users on the list who don’t have any mail security get hacked some more. It’s a cycle of hacking and poor security. Can you imagine your AOL account gets hacked and every client in your contact list gets an email with porn pics in the body of the text? I would be mortified! This is why we have corporate email solutions #1, and #2 we have spam filtering services. A corporate email solution is Exchange, Google apps for Businesses, or a hosted email solution with your own domain. Gmail has their own spam filtering service and it is bundled with their email package. They didn’t create a spam filter from scratch, all they did was BUY THE MOST HIGHLY RATED SPAM FILTER COMPANY AND CALL IT THEIR OWN. So yea, if you pay for Google apps for business, you are covered. For exchange and pop users, you are not covered. You must invest in a smarthost spamfilter service or device. Some are cheap, some are expensive, again, you get what you pay for. Messagelabs is badass, and so is Appriver, Barracuda is overpriced and they give you hardware ewww. You don’t want to start housing hardware with a spamfilter host. If you don’t want to pay monthly for a smarthost spamfilter, you can always buy our firewall, yea, our firewall filters your email too, it also does a badass job at it.
Antivirus – Last Line of Protection
Antivirus is very important but let me rephrase that, free antivirus is crap and must not be used in an office with critical client data. Good antivirus is worth the money anywhere between $300 and $550 for 10 users sounds about right. Don’t be cheap here, if your spam filter didn’t see it, and your firewall didn’t catch it, your AV is your last line of defense. If the first two didn’t get it, you can bet all your future earnings that the free version of AVG sitting on your desktop like a bump on a log will NOT detect squat. For AV, we use Kaspersky & Symantec. Our firewall already uses Kaspersky AV filtering for all incoming data which is why we like to switch it up with Symantec. In this way, we get 2 different virus databases working to protect your network. Personally, McAffe has never shown me anything worthwhile and I can say the same for Trend Micro, they are both crap pieces of software. They stop nothing, their real-time protection is a joke. The monitor pops up after a virus outbreak, completely useless.
Usbman’s Final Thoughts…
If you’ve read carefully, you should notice a trend. In case you didn’t pick it up, let me spell it out for you, DON’T CHEAP OUT WHEN IT COMES TO SECURITY! In this world you get what you pay for, bargain hunters can stop looking right now, there are no bargains here, just crappy solutions. There are no bargains with security software, and why take the gamble anyway? Think about this for a sec . . . for a 10 person office, why gamble your entire office data, your firm, your practice and your lively hood, the money machine that feeds your family and pays your mortgage, why gamble a major attack, downtime, lost data, privacy violations, insurance nightmares, why gamble all this to not spend $2000 on securing your network. Yes, you can spend less and get less for it, but I am here to tell you that this is the number for a business who take security seriously. You pay for home owners insurance, car insurance, life insurance, business insurance, liability insurance, it’s about time that people understand the importance of insuring their business data and their company. 60% of companies who loose their data go out of business within 5 months. Don’t add to that stat, cover yourself with 3 Pillars of Security.
