Embed Size (px)
Citation preview
8 Security Strategies Your Mac-Based Practice Must
Implement Today
TomLambotteCEO,GlobalMacITwww.GlobalMacIT.com
HowToAvoidBeingASittingDuckToCybercriminalsAndProtectEverything
You’veWorkedSoHardToAchieve
Ultimately We’re Going To Cover…
A Quick Overview Of The Sophistication And Proliferation Of The
Cybercrime Business
The Evolution of Crime
The Digital Underground’s Thriving Black Market
Anyonecaneasilybuytraining,toolsandservicesforcommittingfraud,hackingsystems,buyingstolencreditcards,settingupfakewebsites,etc.
• Avgestimatedpriceforstolencredit&debitcards(US):$5-$30
• BanklogincredentialsandstealthfuntransferstoUSbanks:$1,200fora$20,000accountbalance
• Hotelloyaltyprogramsandonlineauctionaccounts:$20to$1,400
• OnlinepremiumcontentservicessuchasNetflix:aslittleas$0.55
• Cardcloners:$200-$300
• FakeATMs:$35,000
“But We’re Small...Nobody Would Bother To Hack Us, Right?”
Wrong!• Cisco’s2015AnnualSecurityReportnamedlawfirmsasthe7thhighesttargetforcybercriminalslastyear,indicatinganearly50%year-over-yearincrease.
• Lawfirmsareconsideredbyattackerstobe"onestopshops"forattackersbecausetheyhavehighvalueinformationthatiswellorganized,oftenwithweakersecuritythanclients.
Email!
So How DO You Protect Yourself?
8 things you MUST do to minimize the risk to your law practice
1: Use Full Disk Encryption
Respondents in the 2015 ABA TechSurvey reported an overall use of full drive encryption of only 20% with only 14% for solos.
Enable FileVault on all Macs with ANY firm data.
FileVault encrypts the entire contents of a device at disk level, rendering it impossible for anyone without the login password to access the data on the computer.
1: Use Full Disk Encryption
Encrypt ALL external backups:
1. Time Machine2. Bootable backups
2: Secure Your Backups
Encrypt ALL external backups.
Has a detailed guide.
Does NOT have a detailed guide.
2: Secure Your Backups
3: Use Secure Passwords and a Password Manager
• Stop using the same 3 passwords for everything.
• For password strength, go for length
• Use 1Password
3: Use Secure Passwords and a Password Manager
3: Passwords •Use multi-factor authentication aka two-factor authentication or 2FA
4: Use a Next Generation Firewall1st layer of security on your network:create a wall of protection around the perimeter by implementing a firewall.
5: Use a cloud-delivered network security service
Umbrella blocks malware, botnets and phishing over any port, protocol or app. It also detects and contains advanced attacks before they can cause damage, by using big data analytics and machine learning to automate protection against known and emergent threats.
6: Malware softwareProtect yo’self.
6: Malware software
Protect yourself.1. ClamXAV to identify and quarantine mostly Windows malware.
2. MalwareBytes for persistent installed Adware, Trojans
https://www.malwarebytes.com/antimalware/mac/
https://www.clamxav.com
7: Mobile Device Management• If anyone other than you has data on a mobile device (laptops included) you need MDM.
•Changing the password is not enough.
•and you need a MDM policy in place
8: Proper policies in placeAcceptable Use Policy
Only 19% of solos report having a computer acceptable use policy and 32% of firms with 2-9 attorneys.
Bottom Line:YouNeedToGetSerious AboutProtectingYourLawPracticeAgainstCybercrime!
(sorryforyelling)
