On demand video, how to prepare a cyber security strategy for your law firm

I’ve just published an on demand video of a semi-regular webinar that I deliver on how to prepare a cyber security strategy for law firms. See the video here.

How mature is your law firm’s cyber security?

There are many security standards when it comes to cyber security. Unfortunately the standards can be overwhelming to understand. This means many law firms can not easily assess their level of cyber security maturity. For this reason, we created the below chart. We think it provides a simple method for any law firm to quickly determine their cyber security readiness. Read more

Why your IT projects cost more and take longer

There’s an interesting article posted by the Society of Computers and Law about the challenge of getting realistic IT project estimates on cost and time. The author, Michael Bywell, a Partner at Arnold & Porter Kaye Scholer, asks two questions;

  1. How do we explain the tendency of planners to routinely underestimate costs and over-estimate benefits?
  2. Why do projects get the go-ahead when it is (or at least should be) obvious that they are bound to overrun?

Read more

Cyber Security Toolkit book review

The Cyber Security Toolkit, by Peter Wright, and published by the Law Society is the most comprehensive guide I have seen focused on law firms. It nicely expands and pulls together Law Society practice notes covering various areas of cyber security including: cloud; phishing; outsourcing. Read more

What the three little pigs can teach law firms about IT strategy

Three little pigs and IT strategy

Cleary the nursery rhyme about the three little pigs has nothing to do with IT strategy, however, it still provides a nice analogy on the difficult situations a law firm, or any business, can find with their IT systems.

For those a bit rusty on the details, three pigs each built a house: one of straw; one of sticks; and, one of bricks. A wolf easily blows down the straw and stick houses and eats the pigs. The wolf can’t blow down the brick house and the pig eats the wolf (various versions of the rhyme exist, I have gone with the original).

Keep reading to find out what the little pigs can teach law firms about IT strategy. Read more

How encryption on the Internet works, explained using Lego!


Have you ever wondered what it is about the fancy “padlock” symbols in your web browser that actually make your connection secure? Read more

Nine habits of highly effective password management


Passwords remain the primary method of people gaining access to computer systems, thus they are an obvious target for malicious activities. I personally have close to 50 passwords that are used on a monthly basis covering online storage, website services, social network accounts, email accounts, and local WiFi and Internet access.  Managing these passwords is critical to maintaining security in any business. Here is my list of the habits of highly effective password management that I think any business would benefit from adopting: Read more

The default Office 365 spam and malware policies, and how to change them

Recently I reviewed the Office 365 default policies for spam and malware and was pleasantly surprised by the spam control options available, but shocked by the default malware policy provided. Read more

First impressions, Unitrends Free backup appliance


Unitrends provides backup and disaster recovery solutions to businesses of all sizes. One solution it provides is called Unitrends Free. As the name implies this is a free solution, and is aimed at small businesses with 1TB or less data to backup. The solution is deployed as a virtual Linux appliance on either Hyper-V or ESX. Read more

Enabling auditing on mailboxes in Exchange Online

Microsofts provides a business class email service called Exchange Online which is part of their Office 365 suite of services.

Exchange Online is hosted by Microsoft and accessed via the Internet. Thus, anyone who knows (or who can guess) the mailbox password can access the mailbox. This is a reason to have a strong password, and to not re-use passwords. With that said, if you suspect your password has been exposed, it is reasonable to be worried that your email account has been exposed.

One approach to validate the access to your mailbox is to enable mailbox audit logs. Once enabled, Exchange Online logs are kept for 90 days, and refreshed every 24 hours with new events.

This post provides a short overview on how to enable mailbox logging in Exchange Online. The process is technical and is only suitable for users who are familiar with PowerShell (if you don’t know what PowerShell is, ask your IT Professional to complete these steps for you!). Read more

Page 1 of 41234