Seu escritório já recebeu um QUESTIONÁRIO AVALIAÇÃO DE SEGURANÇA DA INFORMAÇÃO, enviado por clientes?
Escritórios jurídicos, assim como todos nós, estão vulneráveis a ataques de hackers tentando lucrar com os dados roubados. Quem nunca recebeu um fishing por e-mail, SMS ou Whatsapp, contendo links que são verdadeiras armadilhas.
Nos escritórios jurídicos as coisas são mais graves por dois principais motivos: em seus arquivos estão dados sensíveis de seus clientes e os escritórios possuem muitos colaboradores com computadores, tablets, celulares etc., que são portas abertas por onde esses fichings poderão entrar.
A verdade é que a segurança depende de muitas ações conjuntas, e essa é a especialidade da ATS. Nós temos um SOC (CENTRO DE OPERAÇÕES DE SEGURANÇA COM SERVIÇOS GERENCIADOS) onde são tomadas todas as ações necessárias para o plano de segurança de nossos clientes com todas as ferramentas para a gestão constante do aparato de segurança e treinamento dos colaboradores. A segurança da informação deve ser a cultura do Escritório.
Quer entender melhor este serviço da ATS? Teremos muito prazer em te contar.
The year 2020 revealed the vulnerability of companies in relation to the protection of their data. 3194-bb3b-136bad5cf58d_ 3195c-9 bb3b-136bad5cf58d_Two themes stood out as responsible for showing the size of the problem in most corporate systems, the pandemic and the approval of the LGPD (General Data Protection Law).
The LGPD and remote work opened up how much companies need to invest in protection actions to ensure the treatment, integrity, confidentiality and authenticity of data.
If 2020 was the year of revealing weaknesses, the next few years will certainly be one of action and investment in Cybersecurity. Regardless of the size of your business, information security is vital.
All work processes must be reviewed from a cybersecurity perspective with the aim of strengthening systems and employee behavior. It is essential to adopt a multidisciplinary approach to cyber security to ensure the protection of the corporate environment from cyber-attacks and cyber crimes that are increasingly practiced, even with the great mobility and remote work, according to the 2020 Global Network Trends Report. .
Is your company's IT infrastructure on-premises?
We live in an increasingly digitized and connected society. Most processes and work relationships take place through digital means, exponentially increasing the value of networks. Research indicates that home office and hybrid work are trends that will remain even after the pandemic. Therefore, networks and everything around them are essential for the continuity of your business.
Is your network local? Does it support all your team's mobility? Is it possible to quickly adjust your network to new working conditions such as an increase or decrease in people or processes?
It is important that the IT infrastructure can be adjusted to the new needs of new services, processes and models. This requires highly specialized professionals and technological resources. Transferring your infrastructure to the Cloud is the fastest and most secure solution.
A CLOUD environment will bring security, mobility and elasticity to your network with an investment equal to or less than your local network requires.
Do you already have a PCN (Business Continuity Plan)?
Failures happen all the time and for everyone, but it is the response time that makes the difference. Having a plan to “work around” a crisis situation is mandatory to respond satisfactorily to your internal customers and external sources and to guarantee the continuity of its operation.
Have you mapped what are the main threats that can affect your business and what are the recommended attitudes for disaster recovery with your IT?
We can use the home office forced by Covid as an example. From one day to the next we were prevented from accessing our workplace. How was it for your company? Was everyone aware of what to do? Has the work been interrupted in whole or in part? How soon was the routine reestablished?
There is an instrument to be used in these moments. It's the Business Continuity Plan , or BCP. A plan that establishes the actions to be taken in situations where business operations are interrupted due to the connection to the local infrastructure.
The PCN must be periodically tested and revised and made known to everyone on the team.
Basically it should describe the actions to:
crisis management: includes the first actions to overcome the problem;
maintenance of operational continuity: it is the process of carrying out routines to ensure the operation of services;
service recovery: handling affected items such as crashed devices and corrupted data.
With the implementation of a Business Continuity Plan, your company will have a set of strategies and action plans to ensure that essential services are properly identified and preserved after the occurrence of an incident that totally or partially interrupts its operations.
Despite not being a new topic, most organizations still do not have a PCN in place. In this way, when a company implements a PCN, it acquires an important competitive advantage.
The COVID-19 emergency anticipated several trends mapped to the “future of work” and the home office was the most evident.
Recent research shows that the migration to remote work is definitive for many companies that have seen a drop in fixed expenses and an improvement in the productivity of their team.
The home office is not just working from home, it's "taking your business home". It is a process that demands a lot from your Information Security team .
The new working conditions shifted the centralization of the structure fully controlled by the IT teams to the decentralization of professionals who use different equipment and applications to access and transfer information and data.
How to manage this new environment? How to face the challenge of securing large-scale remote work teams?
It is important to extend existing security measures in the office to the home of each employee. It is necessary to have visibility into the behavior of people and the operations of the business to create a Cybersecurity policy that is easy to understand and apply .