X
etsos

Free trial Sign-up

Please leave your name and email and we'll be in contact shortly.

Name

Company

Contact Number

Email

Please complete the sum:        
8 + 6 =

Guidance for Law Firms reviewing email and cybercrime security

16th December 2015

Law firms need to tighten up their email security and revisit their cybercrime prevention strategies as there has been a significant increase in the number of attacks against law firms.

According to the Solicitors Regulation Authority (SRA), Cyber criminals have caused “substantial losses” to 50 law firms this year, ranging from £50,000 to £2m, and a further 20 firms had fallen victim to e-mail redirection scams, involving “very substantial” amounts of money. All businesses must take email security much more seriously as this is expected to become a much bigger issue of focus in 2016 as scammers become increasingly more sophisticated.

The vast majority of scams have been phishing emails sent to members of the public in the name of particular firms or individuals at firms and attempted to obtain bank account details or money.  There have also been warnings issued about a specific email scam targeting conveyancing firms, which invites the reader to click on links that are suspected to contain hostile and intrusive software, including viruses and other malicious programmes. The most popular virus is the Crypto Locker virus. It effectively removes files from systems, demanding payment for their return – usually in Bitcoin payment – which can’t be traced back to the hacker.

As a matter of urgency, law firms should be reviewing their cybercrime prevention strategies and email security. Firms could be subject to reputational issues if clients and/or client information is affected as a result of cybercrime. They could also face reprimand by the SRA and the Information Commissioner’s Office (ICO) with potential costs if they breach the SRA’s strict Code of Conduct or the ICO’s data protection rules.

To manage cybercrime risks, Converge Technology Specialists advises law firms to:

  • Put in place a risk management committee to review and manage the risks. This governing body should be connected to the board.
  • Establish ownership for data protection and information security and make it responsible for reporting to the risk committee.
  • Put in place some simple but effective data access policies and controls to systems and key data, and detail who should have access to what.
  • Understand your data. Where is your business data and your client data? Design a data strategy or, at least, start with a workable retention policy which covers both paper and electronic material.
  • Ensure password policies are implemented across the business.
  • Train staff to be aware of potential threats including bogus emails and suspicious requests for information.
  • Take advice from a specialist and review your IT security position to ensure you have a reasonable level of defences against external attacks and malware, as well as ensuring penetration tests on your systems are a regular event.
  • Use double verification (2-factor) security to access your IT system and files and limit the potential for hackers to access all parts of your IT systems and files.
  • Diarise regular penetration tests on your systems and enlist the help of ethical hackers who will be able to identify the weak spots in your IT. Implement all (or as many) of the recommendations as soon as possible.
  • Take an honest view of your capability and consider moving data and applications to a competent cloud operator. Cloud operators of substance make security a centrepiece of their proposition and commit more money to the matter than you could possibly do.

 

Converge Technology Specialists, the UK’s only cloud provider dedicated to law firms, is offering a Free Email and Cyber Security Assessment.  You’ll receive a full report with expert advice and recommendations to help you minimise risk and increase security.  To find out more please contact Converge TS on 0345 872 4400 or email: info@convergets.co.uk

The client and experts view...

  • thumb1
Latest newsspeech Bubble

Government Confirms New Regulations and Qualifications for Estate Agents Will Happen

The government has accepted the proposals of the Regulation of Property Agents (RoPA) with wide-spread consequences for estate and letting agents.

The proposals reach right into the heart of the industry to affect regulation, training and licensing.

 

(more…)

Fears of Tougher Regulations and Unjust Costs Mount Ahead of Government Announcement

Estate Agents are waiting for the big reveal on Monday after Lord Best has admitted some firms could close when the regulation of property agents (ROPA) makes its recommendations to the Government early next week.

Lord Best, the chair of ROPA, has already outlined the working group’s desire for more regulation.

(more…)

[NEWSFLASH] Agent Charged DOUBLE Over AML Registration Mistake

Property Industry Eye (PIE) has highlighted the case of an estate agent who has fallen foul of HMRC and been charged double.

On 4th April, with plenty of time to spare, Hayman-Joyce renewed their annual HMRC registration. They paid the fee and thought they’d ticked all the boxes.

(more…)

Compliance in a Box: The Natural Remedy for Your AML Headache

Estate agents around the country are realising that the new 5th AML Directive goes deep. There’s a lot of work involved in becoming compliant. And the penalties for non-compliance, either deliberately or through confusion, are severe. (more…)

AML Checks: Guide to Uploading the Passport.

The campaign against money laundering has seen the HMRC issue £2.5m of penalty notices since June 2017.

Making sure you’re compliant is vital.

When it comes to carrying out your checks, we supply AML reports as part of our Compliance in a Box service. (more…)

divider
newsletter sign-up

Sign up for our e-newsletter

Name
Company
Email Address
trialTop

trial sign-up

Click the Apply button opposite to use our software on a trial basis...

trialBottom
  • etsosnews

  • etsosnews

  • Linkedin Twitter Facebook
    This site uses cookies. Find out more about this site’s cookies.