This week, case management software company TrialWorks was reportedly hit by a ransomware attack that shut down its platform Sunday morning and locked some clients out of their case files for days. Ransomware, which is frequently delivered through spear-phishing emails, is a type of malicious software that blocks users from accessing critical systems and data until a ransom is paid.
Attacks like these leave lawyers, accountants, and other stewards of critical client data uneasy. How soon until their own systems are compromised? What can they do to prevent becoming the victim of a ransomware attack?
There are three critical steps firms can take to protect their businesses and their clients.
1. Find a trusted hosting provider
It is important to review your cloud hosting provider’s ability to secure data. For example, do they offer a full-spectrum electronic protected health information (ePHI) and HIPAA compliance-ready solution technology? Are their data centers in compliance, and are their data centers geographically dispersed?
Abacus Private Cloud is a full-spectrum ePHI and HIPAA compliance-ready solution certified at the highest levels. Automatic data backups are geographically dispersed to ensure your data's available even in a catastrophe, while continuous threat monitoring keeps your practice secure 24/7. Our friendly, expert support staff will be there with you every step of the way and even help you migrate to our system, potentially at no cost.
2. Educate staff
Cyberattacks are constantly evolving, so it’s crucial to keep your staff up to date on the latest threats. Schedule regular security trainings and educational emails reminding employees how to spot spear-phishing attempts, email scams, and other cyberthreats. As an extra step, you can use faux phishing campaigns as opportunities to educate employees on email security best practices.
3. Have an incident response plan
Firms are required by law to take reasonable measures to safeguard their clients’ information. So, it’s important to have an action plan in place that outlines the steps your firm would take in the event of an attack. Learn more about how to develop your firm’s disaster recovery plan in Legal Technology Today’s article, “The Growing Threat of Ransomware: How to Protect Your Firm,” authored by AbacusNext’s Tomas Suros.
In today’s cybersecurity landscape, ransomware poses a serious risk to every business. Taking a proactive approach is the key to reducing your risk. You can learn more about disaster recovery planning and reliable backup solutions by consulting a technology partner who understands your organization’s unique needs. Contact an Abacus Private Cloud technology consultant to determine your current risk profile.