Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
The amount of money American businesses are losing to cybercrime on an annual basis has tripled over the past five years. It’s concerning to law enforcement, government officials, corporate executives, and members of the public. If your livelihood depends upon any business’ ability to protect highly sensitive information, this trend should worry you—and this includes attorneys working in firms of all sizes. Whether you’re a solo practitioner, you’re employed by a law firm large or small, or you work in some other aspect of the legal profession, today’s cyberattacks have the potential to destroy your professional reputation and cost your firm hundreds of millions of dollars.
Law firms are stewards of veritable treasure troves of sensitive personal, legal, and financial information, as cybercriminals are well aware. A recent string of ransomware attacks has specifically targeted them as victims, with criminals threatening to publish confidential client records online—and leak them onto Russian hacker forums—if a million dollar payment isn’t quickly delivered. It makes sense: law firms have a strong incentive to protect this data and are reputed to have the financial means to cover the extortionate ransom payments.
“Employ reasonable efforts” to protect data: your professional obligation
According to the American Bar Association’s (ABA) 2019 Legal Technology Survey Report, 26% of lawyers work for a firm that experienced a cybersecurity breach within the past year. Roughly 36% had their systems infected with viruses, spyware, or other forms of malware. Even more troubling, however, is that 19% of respondents simply had no idea whether or not their firms had been impacted by cybercriminal activities.
Advocates within the ABA are fighting to raise awareness of the prevalence and danger of cyberattacks within the legal profession. And, the ABA is working to strengthen law firms’ professional imperative to provide robust protection for sensitive client data housed on employee devices, networks, and computer systems. Law firms who don’t take “reasonable steps” to prevent data breaches and promptly notify clients whose information might have been affected can be held liable for damages related to the disclosure. Firms are also obligated to “keep abreast of changes in the law and its practice, including the risks and benefits associated with relevant technology.”
Attorneys who don’t maintain an awareness of the ever-changing cybersecurity threat landscape and how it may impact the practice of law are falling short of their professional obligations; firms who fail to protect client information and communications risk major financial losses, reputational damage, fines, malpractice suits, disciplinary actions, and regulatory investigations.
Stepping up to the challenge: contain all unknown files on endpoint devices
To meet the imperative to protect sensitive and confidential client data, law firms can take no risks when it comes to managing the endpoint devices that lawyers and firm employees use to access the firm’s IT resources and client data. A single unknown file, once permitted to execute on a network-connected device, could easily become the source of an infection that spreads laterally across the network and leads to a full-scale data breach.
The vast majority of endpoint security solutions cannot entirely protect against these threats. Even so-called “advanced” endpoint security platforms relying on behavioral analytics still allow unknown files to execute in order to observe their behavior and then determine whether or not they’re malicious. Of course, as soon as any unknown file is permitted to execute, you’re exposing your law firm to a certain degree of risk.
Look for a truly comprehensive solution that isolates 100% of unknown files in a virtualized sandbox environment where they won’t be able to access or damage stored files or system resources. Such solutions—including the Comodo Advanced Endpoint Protection platform—aren’t the industry norm, but they do offer the best-possible protection for client data and are able to do so without impacting endpoint device performance.
Data Loss Prevention: enhanced security for bring-your-own-device and remote workers
Like the majority of today’s businesses, law firms are being asked to allow employees to work remotely or using their own personal devices. Naturally, permitting lawyers to access client information anywhere and everywhere can enhance their productivity and improve job satisfaction, but it also increases security risks. What if an attorney’s laptop computer or USB drive gets lost or stolen? What if a lawyer directs her web browser to malicious sites when she’s not working?
A centralized endpoint security management platform that includes data loss prevention (DLP) capabilities can mitigate these risks. DLP systems can identify all files containing sensitive data on a firm’s network, allowing their admins to create policies which protect that data in use, in motion, and at rest. Centralized device management provides control over every device that interacts with the company’s network or corporate data. Should an employee-owned device be lost or stolen, the solution can automatically delete any sensitive data it houses—enabling you to enforce strict data security standards that will protect your clients’ confidentiality and your firm’s reputation at all times.
Want to learn more about how Comodo’s Threat Containment and Data Loss Prevention solution can help you protect the sensitive client data your firm has been entrusted with? Contact us to schedule a free demonstration today.
By, Dawn Blizard
Related ResourcesRemote Desktop Connection Manager
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP