Author Archives: Matt Torrens

Matt Torrens

About Matt Torrens

Matt enables law firms & barristers' chambers to achieve competitive advantage & peace of mind, through innovative use of best-of-breed technology, award winning services and obsession with service excellence.

Mobile device management – keeping your critical data secure

January 1, 2018

We hold our entire lives in our hands every day. Mobile devices offer tremendous value to the legal sector; offering instant access to any information you may need, and allowing you to keep in contact with your colleagues and clients on the go.

In Bring Your Own Device (BYOD) workplaces especially, everything from your employee’s personal logins and social media to critical case and private client information is accessible anywhere to a connected device.

If this describes the set-up in your practice or chambers, it’s important to device policies to control access to information and the encryption of information, especially with the era of GDPR fast approaching.

 

MDM in and out of the workplace

Mobile Device Management (MDM) deploys software known as an “MDM agent” on colleagues’ device. This, along with an MDM server, governs how mobile devices can be used when connected to your firm’s IT systems.

Your IT administrator programs the behaviours of both the MDM software and MDM server to comply with your firm’s policies. From this point, you are in control of the exchange and encryption of data passing between your central server and individual mobile devices. You can also use your MDM server to install applications and patches directly onto connected devices.

Mobile Device Management software was first introduced to businesses in the early 2000s. It offered a way to secure and control PDAs and the then relatively new smartphones. The launch of the iPhone in 2007 inspired the Bring Your Own Device trend. Connecting non-company-owned terminals to company-owned services created an urgent demand for an effective, affordable, and customisable device management system.

Since then, MDM software has been extended to support a variety of tablets, Windows 10 computers, macOS computers, and other devices. Manufacturers and developers of mobile devices are able to control what MDM software can and cannot do through operating system updates.

As a result of this, MDM, like HTML, has become a manipulable platform allowing vendors to implement similar sets of core capabilities that are compatible across different devices.

Some of the most popular features of MDM software include:

  • Device inventory and tracking,
  • Policy and app distribution across all connected devices,
  • App blacklisting,
  • Remote data wipe,
  • Password enforcement, and
  • Data encryption.

The software allows employers to have control over what company information teams can access while on the go.

You can whitelist and blacklist certain apps to protect data from outside breaches. MDM gives a clear vision of all of the devices within your business, lowering the risk of data loss and providing an effective way to enforce policies for remote workers.

 

Sprout IT’s top tips for effective MDM

Your data is critical. Now more than ever, your firm will likely rely on mobile devices so that partners and colleagues can stay connected whether in court, the office, or with clients. Your staff need to be able to access their sensitive data securely from anywhere, without the risk of information falling into the wrong hands.

Implementing MDM into partners and colleagues’ connected mobile devices allows you to make certain that all critical business data is secure. Once you have deployed it, ensure you follow these simple steps for optimal security within your law firm.

 

  1. Set passwords and auto-lock on all devices

All smartphones will have password and passkey protection built in. Make sure this is enabled on all of your employees’ devices, and that all passcodes meet certain guidelines in length and complexity.

You should also enforce regular password changes as well as strict retry and timeout restrictions. All it takes is a few moments for someone to steal vital information from a device. Auto-lock on devices is an additional layer of security for company data that your firm cannot afford to live without.

  1. Disable auto-complete

Auto-complete can be a great time-saving feature on a personal device but, when devices can access systems holding sensitive information, it is a threat.

Disabling auto-complete on all of your devices may mean staff spend a little longer filling in their names and passwords manually, but it’ll stop any unauthorised people skipping through your login pages.

 

  1. Antivirus, signed apps and certificates

MDM technology screens each employee’s devices for suspicious apps before they’re allowed to access company email and shielded networks like Wi-Fi and VPN.

You should also install antivirus software on your smartphones and tablets to further protect your tech from cybercriminals.

 

  1. Take advantage of the cloud

Many firms prefer to keep all of their important data in the cloud rather than store them locally on each device. If a phone or tablet is stolen, company information would not be lost or compromised.

Cloud technology means you can access the files on a range of devices from anywhere. Make sure you back up the data regularly.

 

  1. Require full compliance with specifications

In a BYOD firm, there are many risks to company information. Setting minimum guidelines for all operating systems and platforms ensures the safe use of employee devices.

The Open Mobile Alliance Device Management Working Group have set out protocols for the management of mobile devices, service access and software on all connected devices. Refer to this when setting your policies, and make sure you restrict or revoke access to devices that fail to comply.

More so in the legal sector than arguably any other industry, the protection of sensitive information is a business continuity imperative.

Safe and effective Mobile Device Management is an effective solution for any law firm’s mobile workforce.

 

How to fix the flaw in macOS High Sierra that leaves your Mac vulnerable

November 29, 2017

Attention, Mac users! There is a serious security glitch in the latest macOS by Apple that allows strangers to access your computer’s data and security settings without requiring a password.

The Issue 

According to the public post by Turkish software developer Lemi Orhan Ergin, the flaw lets anyone using a Mac running macOS 10.13 High Sierra get authenticated into a “System Administrator” account, giving them access to all sorts of private files and even to change passwords. The issue is even more serious than other system flaws as it can be exploited by literally anyone, not just hackers and software developers. An Apple spokesperson since has confirmed the critical flaw and said Apple was working on a fix.

How to fix it 

In the meantime, there are things you can do and as this is a critical security flaw you shouldn’t ignore and if you’re a Mac owner and user, you should start working on the fix immediately.

To protect your computer, you’ll need to create a root password. To do this, follow these steps:

Go to System Preferences > Users & Groups > Login Options > Join (next to Network Account Server) > Open Directory Utility > Edit.

Then select “Change Root Password…” and choose a strong password, something with many letters and characters that can’t be guessed.

This method fixes the vulnerability.

UPDATE

This issue has now been fixed by Apple.

The issue was originally published on The Daily Dot.

The Human Firewall For Your Practice Or Chambers

November 21, 2017

What makes a good prison? High perimeter fencing? The very latest in 4K night-surveillance CCTV cameras? Guards trained in restraint techniques to keep prisoners in order?

No. What makes a good prison is that people don’t escape from it.

Timothy Rouse, a man convicted and sent to jail multiple times for burglary, robbery, theft, and assault in Kentucky, USA, hatched upon a daring escape plan back in 1997 and as reported in the Guardian at the time.

One of his friends went to a nearby grocery store and sent a fax to the prison in which he was incarcerated demanding his release. The fax had no letterhead but claimed it was from the state’s highest court. It was strewn with grammatical errors and typos.

You can guess what happened next. He walked straight out of prison.

The design of prisons has evolved over time to make escape more difficult. But that didn’t stop an Australian convict smuggling laxatives into prison so he could slip through his cell bars and jimmy out of a crack he chiselled in the wall with a butter knife. It also didn’t stop Bosnian Muradif Hasabegovic constructing himself a parcel and mailing himself out of an Austrian jail.

All the technology and design elements employed by a prison doesn’t make it a good prison if the guards aren’t trained to be diligent and observant.

And it’s exactly the same with your practice or chambers.

Think of the technology that you use to keep sensitive business and client information secret to your organisation. Around the world, in the way that convicts are always concocting new ways to break out of prison, cybercriminals are employed in the same arms race against firms like yours trying to break in through your firewall.

On your computers, stored away in dozens of folders and integrated into countless databases, is gold for cybercriminals. Within your practice or chambers, you and your colleagues are the prison guards and you can’t afford to get caught out. Someone at the top of your firm has to take responsibility for erecting the best defence of all, your “human firewall”.

The human firewall is you, your fellow partners, your IT staff, and the rest of your employees taking responsibility for the security of data in your firm. It’s every person within your practice or chambers recognising that it’s just as much their responsibility to be cybersecure as it is anyone else’s.

Cybersecurity must be a culture within your firm and everyone in it must know the consequences of it going badly wrong.

For example, your human firewall goes above and beyond to check what that unusual activity from that unknown source on your network is. Is someone trying to infiltrate the email server to intercept communications between your firm’s conveyancing department and the clients you’re representing?

We all know the dangers of being caught out by conveyancing fraud with brand damage and the removal from lenders’ panels being the ultimate sanctions. Is your email server really as secure as you think? Is there a rogue Wi-Fi connection somewhere on your network with little or no security that cybercriminals could connect to?

Are your files encrypted? Even the most determined hacker can’t break the latest encryption algorithms.

Could someone use removable media to download significant amounts of data from a desktop terminal or a server computer?

Are there tried and tested robust communications systems between staff members to stop your practice or chambers falling victim to CEO fraud?

Getting your human firewall right is about understanding each staff member’s current level of knowledge not only on your firm’s technology but in the ways that those with malicious intent try to circumvent your existing protections.

If cybersecurity and data security is to work well, the technical side of it is crucial – many of you already employ us to do that for you.

But as we’ve seen with escaped prisoners, it only takes someone in your firm not being able to understand or interpret a situation they find themselves in that means sensitive client data is lost which could destroy your reputation and, in the era of GDPR, mean that the Information Commissioner will be asking some very awkward questions.

We reported in October 2016 that “threats to the UK Legal sector are a near certainty, especially considering the valuable information held by law firms” and there has been nothing that has happened since to change our opinion.

Contact us to find out about Sprout CyberAware, the legal practice learning program on cybercrime, and ask about our 30-day trial. Call 020 7036 8530 or email support@sproutit.co.uk

Wi-Fi KRACK, How to Protect Yourself

October 16, 2017

If you use WiFi then you are likely to be at risk – read on!

WPA2 networks have been the norm since 2004 and pretty much the right option for most networks.

As seems to be the way these days, a clever spark has discovered that WPA2 is vulnerable to cryptographic attack.

THE TECH

This BBC Technology video gives an excellent overview:

http://www.bbc.co.uk/news/av/technology-41641814/krack-wi-fi-security-flaw-explained

THE USERS (that’s you!)

Perhaps you’re more interested in what you should do NOW, as opposed to the technicality behind the bad-handshake.

  1. Android users – be particularly aware, since KRACK is currently focussed heavily towards your devices.
  2. Install updates for as many of your devices as possible as soon as they come out.
  3. Be CERTAIN you only share sensitive data on sites that use HTTPS encryption
  4. Avoid untrusted (e.g. public) WiFi networks for anything sensitive.
  5. Consider a wired (Ethernet) connection, or even 4G, as alternatives to WiFI.
  6. Keep an eye on how KRACK progresses – pay special attention to updates released by the manufacturers/vendors of your products and devices.

As WPA2 is so widespread in its use, there is no accurate way to estimate a time-to-fix.  Different manufacturers and vendors patch with different regularities – and not all of those patches will be easy to apply, for a ‘non-techie’.

THE GOOD NEWS
  1. For now, you should still use WPA2. Its protections are still worth the risk that someone might be exploiting KRACK somewhere near you.
  2. There’s currently no known public attack code to exploit this vulnerability.
  3. Any hacker would need to have close proximity to your network and be highly skilled.
  4. Windows and and Apple iOS devices (running current versions) and not currently effective targets – yet! This may change.
  5. Review the list above, stay safe and check back for updates.

For your business, the key to security is designing (and maintaining!) networks with multiple layers of protection, so data security doesn’t hinge on any one standard – or person.  This is a good time for your IT Team to be double checking Firewall logs, that all Patches are up to date and that Anti-Virus is installed and working, for example.

 

What should law firms do about ransomware?

June 28, 2017

One of the biggest law firms in the world has been hit by the huge ransomware attack (Petya) that is currently sweeping the globe.  DLA Piper has confirmed that its computer systems and phones have been taken out by the mass hacking.

LegalT Today have published Matt Torrens’ article entitled “What should law firms do about ransomware?

What better time, to have a read?

 

WARNING – New Ransomware Cyber Attacks

June 27, 2017

News is coming in today of Ransomware Cyber Attacks across the world

According to recent news reports, there have been more wide spread cyber attacks.  It is reported that this new strain, main be aiming at the same exploit used by  – get patched, NOW!

 

*******UPDATE**************UPDATE**************UPDATE**************

UPDATE: 28.06.17 – for Sprout Clients:

  1. FIREWALLS – Managed Firewall customers have been protected from this threat or over a year. Ourcombination of the SonicWall Capture Threat Network and SonicWall Capture ATP sandboxing provides the best defense against newly emerging hybrid attacks such as Petya.
  2. EMAIL – This new malware appears to arrive via a Microsoft Word document in an email and is then able to spread rapidly to other machines on the network using the same ExternalBlue exploit used by WannaCry last month. Mimecast Targeted Threat Protection – Attachment Protect can help detect and block the infected Word document email attachment, thereby preventing any infection by this ransomware via email. For customers without Targeted Threat Protection, the anti-virus engines in Mimecast’s Secure Email Gateway have signatures to detect this current variant of Petya.

*******UPDATE**************UPDATE**************UPDATE**************

According to the FT “Companies attacked include WPP, Rosneft, Maersk, US pharmaceutical company Merck and DLA Piper, the law firm, among those that had confirmed they had been hit by Tuesday afternoon.”

Do not open or forward any suspicious emails. If you have any queries, or concerns, please contact us via support@sproutit.co.uk or call; 0207 036 8530

 

Here are 5 quick wins, which will instantly make your practice safer and more resilient.

  1. Software Patching
    1. Automate your patching and cover as many vendors as possible. This time it sounds like a Microsoft vulnerability, but often it is Java or Adobe.
    2. Install patches regularly, as soon after release.
  2. Email Security
    1. Employ email security to scan inbound URLs (web addresses). This technology keeps you safe regardless of the device or location, from which you access emails, and click on any links.
  3. Web Security
    1. Configure your perimeter security, to analyse your web traffic in real time. If you accidentally visit a nefarious website, this technology will detect, and drop, and malicious payloads.  A well configured firewall, will also prevent your machine from ‘calling home’ back out to the internet, should you somehow get infected.
  4. Backup
    1. Have a robust, and well tested, backup process. If the worst happens and you are ‘ransomwared’, you can simply recover your data from a backup.  Still painful, but much less costly!
  5. Train, Train, Train
    1. People don’t like to hear it, but we are the weakest links – the humans. Train yourself and your colleagues, to spot threats and avoid traps.  The Bar Council and the ICO tell us we should all complete annual awareness training – start now, and you will also be ticking a GDPR

Sprout article featured in The Bar Marketing newsletter

June 26, 2017

Matt Torrens’s article ‘ Social media and the ever increasing risks of being online’ has been featured in the June edition of Bar Marketing newsletter. Read the full article below:

The impact of social media on the workplace and on individuals outside of work, is increasing at a disturbingly high rate. When referring to ‘social media’, it is the broad term used to describe internet-based tools that are used on Desktop PCs, laptops, tablets and smart phones. The world is constantly, more than ever, connecting and interacting via social media and many of us are online more than we are asleep! Facebook now has over 1.19 billion accounts registered, LinkedIn over 259 million and twitter over 232 million that’s not without mentioning Instagram, SnapChat, Whatsapp and many of the other social media platforms and online forums – the list is endless.

The risks of being online are enormous. A social media account can be hacked, money and identities stolen and invasions of privacy all can happen in a matter of seconds, without any warning. This is fraudulent, serious crime, but because it’s online, it’s often hard to think logically about what has happened. However, so many individuals are not protecting themselves from online crimes. Many of the risks come from groups of people interacting in un-moderated forums or by being naïve or ignorant about the amount of issues that could arise.

The effects of social media activity can be immense and the boundaries between work and home can often become very distorted.

‘What goes online, Stays online’ should be considered at all times.

The enormous challenge for organisations is how to promote and control their reputations. Considering how colleagues interact with one another online and how the lines often get blurred or crossed when connecting online should be a concern at all levels of a business.
The many risks include;

  • Confidential information being disclosed, often innocently.
  • Intentional disclosure of confidential information
  • Accessing inappropriate content via links
  • Phishing emails encouraging visits fraudulent or inappropriate websites.
  • Identity thieves or fraudsters hacking into or hijacking your account or page.
  • Accessing inappropriate content via links
  • Online abuse in the form of bullying, stalking, trolling or other
  • Malware contained within message attachments or photographs.

Responsible social media use should be promoted at all time. Organizations can avoid these risks by following best practice guidelines for cyber-security.

  • Ensure there is an up to date social media policy for the organization and include the training for this in every induction.
  • Train all staff in cyber-awareness. Give them the empowerment to stay in control and limit their risk both individually and when representing the organization.
  • Only give social media account access to employees who need access and who have been trained. Ensure there is an audit trail of who can access accounts. Make sure that any employees who leave are not allowed access.
  • Ensure strong passwords, correct privacy settings and two factor authentication
  • Make it policy that confidential information is not included in any social media posts and that any announcements are signed off first.
  • Monitor what customers, employees and competitors are saying about your organization.
  • Set up on-going simple training to help staff to be vigilant at all times

Sprout CyberAware, powered by AXELOS, is a best practice Cyber Resilience Training programme. It is a portfolio of learning products which includes; certified training, awareness learning for all staff, leadership insight and a maturity assessment tool that enables good and timely decision making on all aspects information security.

Download Sprout IT’s free report titled ‘Cyber Resilience in the UK Legal Sector’.

To get in touch with Sprout IT about security and other IT-related queries, please email AskTheExpert@sproutit.co.uk or visit www.sproutit.co.uk.

 

WannaCry – could your Firewall have helped?

May 24, 2017

Yes, it could and should have done!

Summary:

The attack hit over 100 countries across the world with an untold number of victims. WannaCry is a combination of a Trojan/ransomware and a worm that leverages an SMB file sharing protocol exploit named EternalBlue. The Shadow Brokers leaked EternalBlue in April 2017 as part of a bigger dump of NSA developed exploits. This exploit affects various versions of Microsoft Windows operating systems, including a number of versions that are in end-of-life status. Although Microsoft released a large number of patches on March 14 to address this vulnerability, the attack remains dangerous as many organisations have not applied the patch.

What we know:

So WE KNOW that you NEED THE PATCH and WE KNOW people are BAD AT PATCHING.

And this is where a well managed firewall, would have helped you.

Sprout fully managed firewalls have been protecting your network from WannaCry ransomware and the worm that spreads it since 17 April, 2017.  

The WannaCry attack started on Friday 12th May.

Since the release of the first version of the block code, our security provider has identified several new variants and have released additional counter measures. As new signatures are released, this additional protection is automatically rolled out to our customers’ firewalls.

What we should do:

  1. Get a managed firewall / security provider.  Gone are the days when you can install a firewall and leave it alone, until you replace it in 5 years.  You need to be proactive about cyber security.
  2. Patch, Patch, Patch.  Patches are released with good reason.  Sometimes, to fix and issue or close a vulnerability.  Some patches even improve user experience!
  3. OK, this list could get pretty long; train your users, backup your data, improve your email security etc etc.  In short, if you are not pretty certain (at Board level) that your business is doing the right things, then go and find someone who can help you.  The need for Cyber Resilience, in business, is not going to go away any time soon.

LPMA Lunchtime Briefing: Making Chambers GDPR Compliant

May 11, 2017

The General Data Protection Regulation (GDPR) is intended to strengthen data protection within the EU. The GDPR will apply in the UK from 25 May 2018. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.

The GDPR imposes new and substantial obligations (and potential penalties for failure to comply) on data controllers and processors beyond those of the UK’s Data Protection Act 1998, and these will affect all sets of chambers and self-employed barristers.

Chambers need to be acting now to identify what steps are necessary to ensure that they and their members are fully compliant by the implementation date.  LPMA members are encouraged to attend the lunchtime seminar Making Chambers GDPR Compliant on Thursday 15th June, hosted by 3VB.  The seminar will be presented by Matt Torrens, MD of SproutIT, who has ten years of practical data protection experience in chambers and is also EU GDPR Foundation & Practitioner certified.

Source: http://www.lpma.org.uk/events-153

Citrix Certification WINS!

May 10, 2017

Our Partnership with Citrix, and our determination to blend world leading technology into SproutCloud®, allows us to deliver services that make a real difference, both to the security of client data as well as user experience.

We’ve worked hard to become certified in the following Citrix technologies:

SproutCloud® is built on leading hardware platforms, boasting flash array SANs and guaranteed UK data storage and processing.

SproutIT enable law firms & barristers’ chambers to achieve competitive advantage & peace of mind, through our innovative use of best-of-breed technology, award winning services and obsession with service excellence.

To see how SproutCloud® would work for you, watch this 2 minute video or get in touch.