Categories
Blog File Server Security

Information Security in Law Firms

Paralegals work in a wide variety of working environments that are determined by the size and structure of the firm. Also dependent on the law firm’s size is the number of people that paralegals work with, internally and externally. Working and sharing information with a large number of people, including business partners and clients as part of your job, leave open chances of confidential data being compromised.

As firms move more towards a paperless office (although we probably won’t see a paper-FREE office being adopted any time soon due to the nature of our legal system where hard copies of documents are necessary for certain procedures), paralegals must be more conscious about how their digital information is stored. Many offices have adopted a file server for a more convenient way to organize, file, and share work information because let’s face it, legal departments and firms generate tons of documents and finding a document stored digitally is exponentially easier than finding a hard copy document in a file room. Based on the size of the firm, most computers on a site are usually networked to the server, allowing convenient access to information when needed.

Lawyers and their partners indeed generate a lot of paperwork-paperwork that comes with every step of a legal proceeding and correspondence. These need to be stored in a cloud computing server or a file server with access control so that only you and your partners can view or take out the files with written authorization, while allowing limited server rights to your staff and support personnel. A lot of solo practitioners nowadays seem to already have a file server networked to most of the computers in their office and worry about remote access for their new setup. I mean, it’s understandable because nowadays, everyone’s on the move and working while on the road. So, easily accessible documents whether on a mobile phone or laptop works best for a lot of smaller law firms. For larger firms, VPN is usually applied to allow secure remote access for offices around the world while keeping the convenience. However, what many of the practitioners don’t realize is that although the convenience is great, the bare minimum security to meet legal requirements is not enough to protect your firm from disaster.

But you’re a small firm and you don’t think you’ll be directly targeted? All the more reasons to be worried. According to the American Bar Association, “on November 1st, 2009, the FBI issued an advisory warning to law firms that they were specifically being targeted by hackers.” While smaller firms may think that this does not apply to them, according to Matt Kesner, CIO of Fenwick and West LLP, “China is often responsible for state sponsored hacking —and that the country doesn’t waste its “A” squads on law firms because their security is so dreadful. The rookies on the “C” squads are good enough to penetrate most law firms.” This is exactly what the situation still is today- law firms (large and small) in its current state are easily breached and many may not even know that they have been.

As many law firms make the transition to digital, the need to upgrade and apply stronger yet practical and efficient information security solutions are absolutely necessary. Aside from securing the physical location of the file server, the data stored inside must be protected as well. Password protection, access management, and a monitoring system can make the difference in keeping confidential files safe from accidental or malicious leaks.

Related: Is Your File Server Is Secure Enough?

Categories
Blog File Server Security NEWS News Letter Press Release

SECUDRIVE File Server CAD Released

Brainzsquare announces the release of SECUDRIVE File Server CAD, a copy protection solution for design file storage servers into the market. This solution is specifically designed to bring the strongest copy protection for CAD files and is compatible with various CAD applications such as AutoCAD, Adobe Suite, and more. Designers can now securely store their important designs on file servers SECUDRIVE File Server CAD.

Sunnyvale, CA-October 14, 2013- Brainzsquare announces the release of SECUDRIVE File Server CAD, a copy protection solution for design file storage servers into the market. This solution is specifically designed to bring the strongest copy protection for CAD files and is compatible with various CAD applications such as AutoCAD, Adobe Suite, and more.

Design is an immense part of our growing society, and new innovations are what push us forward. Such designs are kept highly confidential within the company and designers are kept under a strict non-disclosure agreement until the release date. But what if the design files are leaked by an employee? Internal data leakage can severely damage a company’s business and reputation and companies need to be warier of how their design files are used and by whom.

SECUDRIVE File Server CAD is designed to prevent internal data leakage with a strong copy protection system for file servers. By applying this solution to the file server, data stored in the shared folder of the file server cannot be copied to the local disk or removable disk unless allowed by the administrator, preventing unauthorized copy. Other copy and paste functions such as Clipboard copy and paste, Save As function, and screen capture tools are disabled when the file is accessed. Administrators can also disable printing or customize printing with watermarks.

This solution also provides user identification and authentication feature. Only the users who have the client program installed on the PC are able to access the file server. With a detailed event log recording the time, date, user, file accessed, and action taken, administrators can monitor the status of their design files in real time. Files that are copied out with permission from the administrator are automatically backed up for security auditing purposes.

“SECUDRIVE File Server CAD is specifically designed to securely store design files and prevent unauthorized copying and leakage within a company. With copy protection, access authentication, detailed logs, and a manager program, company administrators can easily protect their important design files from internal leakage,” said Simon Kang, CEO of Brainzsquare.

If you have any questions or inquiries about this article or its contents, please contact us.

Categories
Blog Device Control File Server Security

How to Prevent an Edward Snowden in Your Organization

By now, Edward Snowden is a name that has been heard all around the world. The confidential government documents that Snowden leaked have had a devastating effect on the government and the Obama administration. How Snowden had access to government documents is very blurred in the media, however, one thing is certain; once Snowden did get to the documents he stored them on a normal thumb drive and carried it out of the building.

What if Snowden was an employee at your company? If you handle confidential data that, if leaked could damage the company’s reputation of trust and security, it’s important to apply security to confidential documents on the client’s side before storing them on the server. Hypothetically, if the government or any other companies that fear internal data leakage had SECUDRIVE File Server and SECUDRIVE Device control installed, the incident could have been prevented.

SECUDRIVE provides simple, easy to use data security software that could help businesses protect themselves and their reputation. SECUDRIVE File Server provides copy protection with user authentication, which would only allow authorized and registered users to have access to the server and prevent users from copying or sending documents via email. Administrators would also be able to control which applications are authorized to open documents on the shared folder. Detailed event logs are also provided, which record details such as file activity (read, write, rename, change, create, delete, copy, paste), time, date, and user name in real-time. So if Snowden had tried to take the documents out of the server, he wouldn’t be able to because of the administrator’s security settings. With real-time event logs recorded, administrators would have been able to see when and what Snowden was trying to do with the documents on the server.

With SECUDRIVE Device Control, Snowden would not have been able to connect his thumb drive onto the server in the first place. In a government building, thumb drives are not allowed but in an office, it’s an everyday utility. SECUDRIVE Device Control provides controls of various ports and devices, which can prevent devices from connecting without authorization via USB port, Wireless LAN, CD-RW, DVD-RW, IEEE1394, Bluetooth, Parallel port, Serial port, and IrDA port. The smartphone too can be restricted to the only function as a removable storage device, or only allow it to use MTP, PTP, or tethering connections instead. It also records a detailed event log of when and which devices were connected and used and file activity. Companies can prevent the use of unauthorized devices within and outside of company grounds on employee computers.

Using SECUDRIVE File Server and SECUDRIVE Device Control together can prevent internal data leakages and possibly could have prevented the government’s documents from being leaked. Protect your company today.

Categories
Blog Data Erasure Device Control File Server Security Insider threats USB Copy Protection USB Sescurity

The Other Side of Edward Snowden Case

Thanks to the whistleblower case of Edward Snowden, the public is now aware of the level of private information gathering that has been performed by the U.S. government through agencies such as the NSA. Snowden release of top-secret NSA materials was referred to as “the most significant leak in US history according to the Daniel Ellsberg a former U.S. military analyst who is most famous for leaking the Pentagon Papers in 1971. What was most shocking was the degree of how much private information had been gathered in which case had brought back the fears and insecurities of when the Patriot Act was legislated in order to indiscriminately collect information under the banner of anti-terrorism.

Many journalists and information security specialists who have criticized the indiscriminate collection of private information have suggested that individuals should use client-side encryption solutions for private information, especially since storage solutions such as the cloud were becoming ever more popular. Since the Snowden case, however, public cloud services have been negatively impacted due to the heightened awareness of the lack of privacy of personal information.

In regards to information security, the Snowden case provides us, the public, with another large implication. Snowden worked for the NSA and its affiliated organization which has arguably one of the strongest internal information control systems in the world. Yet, he was able to gain access to highly confidential information that had the potential to impede national interests as well as the organization’s interests. Snowden was then able to copy the confidential information onto a USB flash drive and take it out of the office. For an organization such as the NSA and the affiliated organizations who are supposed to have a sound security infrastructure, this was a huge breach of their internal information security system, thus, making it clear that they had failed in managing internal information access and assessing the user’s ability to handle such information.

This case brings us to think more about the current situation of internal information security management systems of many U.S. organizations. A study conducted by Forrester stated that only 25 percent of data breach cases are from external attackers, meaning 75 percent of attacks are from within an organization. Even so, many organizations cannot easily integrate an internal information leakage prevention system because it often puts a damper on work efficiency. In some organizations, the management argues that it is almost impossible to prevent internal information leakage by utilizing a technological security solution and instead, they relieve themselves by getting employees’ to agree to a non-disclosure agreement and take some rudimentary education on information security. Though this is still needed, it is a much too passive solution.

It has become acceptable for workers to bring their own private devices such as laptops, tablets, and smartphones to their office to work. They store a lot of the organization’s confidential information onto the devices and are now taking the private information with them when they bring their laptop or tablet to a Starbucks, or pretty much everywhere when they bring around their smartphone. This is a huge security risk and it is important to be responsible for the security of the device as well as the information itself.

Now with cloud storage systems becoming more widely used, when companies decide to send designs for a new product, that their company spent a lot of time and money developing, through the cloud to an employee that is offsite, the company no longer has any ability to control the usage of the design. In this situation, all the organization can do is hope that nothing happens by fully trusting the non-disclosure agreement, information security education program, and their employees. Though it is good to have trust in your employees, blindly trusting them is plain idiocy. Without some sort of security system set in place, if a top-secret document is lost by employee carelessness, robbery, or even leaked by an employee with malicious intent, the organization may never find out who did it, where it happened, or even how it happened. Even if they do know the “who”, “what”, and “how”, the damage that follows often cannot simply be compensated by the dismissal of an employee or civil and criminal actions.

Ultimately, it comes down to the need for change: A need to restructure the way internal information leakage prevention systems are viewed and utilize preemptive security solutions. In order for organizations to prevent cases such as Snowden, there needs to be a push towards preemptive security solutions that can be used with existing technologies such as encryption, which only focuses on preventing leakage when the device is lost or stolen. It’s because many chose to be oblivious the fact that those that are authorized to use the data are possibly the biggest threat in terms of information leakage.

A possible solution to the prevention of internal information leakage, are storage devices that utilize features such as copy protection. Secudrive (www.secudrives.com) provides solutions that even small and medium companies can easily integrate into their security policy. They provide products that can prevent unauthorized copy of A/V files, office files and even CAD files, supporting various storage devices such as USB flash drives, file servers, and public cloud storage systems. Alongside their copy protection products, Secudrive also provides device control products that allow only registered devices, such as USB flash drives, tablets, and smartphones, to be able to access a port of a registered PC.

Categories
Blog File Server Security

A Way to Prevent Insider Threats

With the growing number of BYOD (Bring Your Own Device) policies being implemented at work, companies are now more concerned about their data security than ever before. As much as a company can trust their employees and coworkers (and we realize that Non-Disclosure Agreements exist for a reason), no company should ever go without data leakage prevention measures. Have you ever worried about accidental or worse, malicious internal data leakages? Once it spreads, it is an arduous task to find the source of the leakage and can lead to inefficiently containing it. This can ruin a company’s reputation for a long time.

Especially those companies that share their important confidential data via file servers throughout the company. Yes, there are benefits to using file servers such as efficient data sharing, collaboration, and the works. However, file servers today come with little too inefficient monitoring capabilities, security, and protection. There are solutions to these current issues that have been brought up in multiple IT discussions such as file encryption, physical isolation of the file server, and antivirus vaccination software.

But these solutions can only curb the dangers from accidental data leakage. How can a company know when a malicious data threat is on the way before it happens? The key is to be prepared and prevent potential data threats. A new copy protection software for file server has been released into the market by Brainzsquare called SECUDRIVE File Server.

Copy Protection to prevent files from being copied and leaked
By applying copy protection to the file server connected to the network drive, administrators can prevent registered users from copying the file to the local disk drive, or other outside sources. Prevention of screen capturing and printing is also included. So even if there was a malicious attempt or accidental cause to copy the data out of the file server and distribute it without authorization, you’d be covered.

A simple User Interface that detects and keeps current file server settings
Don’t fear, file server administrators! By installing SECUDRIVE File Server onto the file server, fill out the file server information and it will automatically detect your current file server settings (users, shared folders, etc.) and keep them when setting up. Registering new users, or new shared folders and setting sharing policies and copy protection policies for each user is simple with SECUDRIVE File Server.

Brainzsquare offers 30-day trial versions of SECUDRIVE File Server on their website.

Categories
Blog File Server Security NEWS News Letter Press Release

Secudrive File Server Released

Brainzsquare releases a new file server security solution with copy protection technology, Secudrive File server. SECUDRIVE File Server makes it possible to prevent files from leaving the file server due to unauthorized copying, as well as audit how the files are handled by utilizing a detailed event log. The software runs after installation and opens in the existing windows file server while keeping the current file server settings.

San Jose, CA- June 12th, 2013– Brainzsquare releases a new file server security solution with copy protection technology, Secudrive File Server (SDFS). SDFS makes it possible to prevent files from leaving the file server due to unauthorized copying and audit how the files are handled by utilizing a detailed event log, while keeping the easiness of file sharing among users. The software runs after installation and opens in the existing windows file server while keeping the current file server settings. SDFS supports Windows local and AD accounts.

A specific user who installs the client program of SDFS can get access to a shared folder on the file server only if the administrator allows the user to handle files in the folder. Copy protection functions of SDFS includes disabling of the copy to local disk function and printing (or allowing printing with a watermark), screen capture prevention, disabling network transfer via email and messenger programs, and disabling copy to CD and USB flash drives. If an administrator allows a certain user to copy a file stored on the file server, a copy of the copied file can be securely backed up onto the file server to use for auditing purposes using the backup file function of the SDFS.

The file log records usage, date, time, file server, and the users that accessed the files, for easy file management by administrators. SDFS gathers only useful file logs relating to the users’ actions by eliminating logs that do not relate to the user. For example, the file log does not record temporary files that are created when an application program reads a file, therefore administrators can audit and track the route of leakage quickly and efficiently.

“Many organizations are storing their important and confidential files in file servers to share the files with internal and external coworkers. But the level of security for file servers is generally pretty weak. SDFS has strong security functions that is easily installable and can be used with ease. I expect SDFS to become one of the most popular file server security solutions to contribute to secure file sharing and cooperation of TFT teams and SMBs,” says Simon Kang, CEO of Brainzsquare.

About Brainzsquare: 
Founded in 2000, Brainzsquare has been serving specialized and innovative data security solutions in the market. In 2006, with the launch of the SECUDRIVE product line, Brainzsquare provides products ranging from secure USB flash drives and data erasure products to copy protection software, device control, and file server security for corporate customers and content publishers.

If you have any questions or inquiries about this article or its contents, please contact us.