Blogs

Maintaining a Vulnerability Scan Remediation Report

By David Oxley posted 07-20-2021
Be the first person to like this post.
Please enjoy this blog post that was co-authored and posted on behalf of Marc Ohmann - President, CEO - Digital Solutions, Inc and Jamison Masters, Co-Founder, Verus Corporation . A vulnerability is a weakness in a covered device that can be exploited by attackers to gain unauthorized access to covered data. A vulnerability assessment and remediation program is critical to the effective prevention of exploits through detection and remediation in a timely manner. By proactively managing vulnerabilities on covered devices, an organization can effectively reduce or eliminate the potential for exploitation and ultimately save on resources. As vulnerabilities ...
0 comments

No Cloud is an Island

By David Roden posted 09-17-2014
1 person like s this.
In the classic movie Jaws, there is a scene where Chief of Police Brody informs the scientist (Hooper) that he doesn't know how to swim. Hooper: "You live on an island and you don't know how to swim?" Brody: 'It's only an island if you look at it from the water." I was reminded of this during one of the sessions at the recent ILTA conference. I heard someone say, "I don't want anything to do with the Cloud. I don't trust it". Hmm. if your firm's network is connected to the Internet, even if all you're doing is receiving email, then not only do you have something 'to do with the Cloud', but, in reality, you are part of it. I understand that most ...
0 comments

Connect the Data Points for the Big Picture

By Karen Campbell posted 06-26-2014
Be the first person to like this post.
Ever had a conversation with someone where you are sharing your viewpoints and it seems the other person is just not getting it? They seem to be stuck on the facts, but not getting the overall big picture or the spirit of what you’re trying to convey. Do you really know whether IT is having that lopsided conversation within your firm, whereby the firm is trying to tell a story and IT is just not getting it? IT captures many data points from threshold alerts, critical indicators, monitoring tools, activity reports, logs, logs, and more logs. We are awash in data points, but are we getting the big picture? So bandwidth utilization crested at 90% and has ...
0 comments

A New Microsoft?

By David Roden posted 05-14-2014
1 person like s this.
A New Microsoft? Companies are always trying to re-invent themselves. When all else fails, they shuffle the deck and see if something new falls out of it. In the recent past Microsoft has done quite a bit of shuffling and finally, it seems that good things are happening. The old, traditional Microsoft that most of us grew up with has historically lived by one driving philosophy: Windows now, forever, and only. When Windows ruled the Earth, Microsoft held sway over much of the IT industry. Windows is primarily a desktop OS, and by late last year, as the undeniable truth became obvious to all, that the importance of desktops and their OS’s was receding, Microsoft ...
0 comments

Vulnerability Management - Proactive Approaches

By Jamie Herman posted 05-13-2014
1 person like s this.
We’ve had some fun recent fire drills around zero-days and major encryption vulnerabilities of late, and hopefully we’ve taken steps to not only better understand the potential for the seemingly simplest of vulnerabilities to become a significant incident, but also ways we can become better at responding and handling the treatment of these risks. If you don’t currently have a formal vulnerability management program in place, then you rely more heavily on the announcement of these Heartbleed type vulnerabilities, and take a reactive approach to the mitigation of these risks as they exist in your environment. Of course nothing is a sure thing with security, ...
0 comments

Security and Privacy at LegalTech 2014

By David Roden posted 03-10-2014
Be the first person to like this post.
Last month I had the privilege to once again travel to New York to visit the LegalTech Conference. I attended my first LegalTech in the early 90s. In those days, it was very common to stroll through the exhibit hall and find coffee vendors and car services alongside software vendors. For the most part, that is no longer the case. In fact, this year something like 77% of the vendors in the exhibit hall were focused in a single product category: e-discovery. For those of you that have never been, LegalTech is quite different from the ILTA annual conference. Despite its name, LegalTech is more about the lawyer than the tech. Still, despite the abundance of ...
0 comments

ISO in three easy steps

By Karen Campbell posted 02-25-2014
1 person like s this.
There is much buzz and so many articles that attempt to describe ISO and what’s involved, why it should or should not be done, how time consuming and expensive an undertaking it is, debates about the value, and on and on. It sounds like a monstrous undertaking, but lay all panic aside. It’s not painful. Some background; ISO is a non-governmental organization made up of a network of national standards institute of 160 countries that coordinates the system. My best interpretation of the ISO standards taken from ISO/IEC 27001:2013 is: the ISO standards provide a model for implementing, operating, monitoring, reviewing, maintaining, and improving an organization’s ...
0 comments

Office365 Considerations

By David Roden posted 01-10-2014
Be the first person to like this post.
Our firm is currently looking at Office365. We've done a lot of investigating and honestly, it's hard to imagine we won't make the jump. We're still on Office 2007 and Exchange 2007, the hardware supporting our Exchange environment is more than 5 years old and storage is tight, so we're upgrading / migrating one way or another this year. We're already a cloud-friendly firm: we've been scanning and filtering email in the cloud since 1999, we've been using online backup services since 2002, and for the past 7 years we've been on Netdocuments. There are a lot of ways to analyze the move to Office365: Financial - Does the move to a subscription ...
0 comments

Serve & Secure: Data Center Workload Mobility and Disaster Recovery

By Carlos Rodriguez posted 05-02-2013
Be the first person to like this post.
Over the past several most we have seen a lot of discussion on the eGroups and in our networks centering around the future of law firm Data Centers. Discussions have been along the lines of how can a data center and its workload be extended over geographically dispersed facilities dynamically, effectively and efficiently; or even if we should consider moving everything to the "cloud". Our good friends Down Under at King & Wood Mallesons in Brisbane, Australia led by Paul O’Leary, Infrastructure Specialist at the firm tell us about their experience rolling out Cisco OTV, VMware SRM and EMC RecoverPoint in their successful journey to extending their data ...
0 comments

Serve & Secure: How to Effectively Evaluate Other SaaS Solutions to Replace Postini

By Oliver Rebollido posted 04-17-2013
Be the first person to like this post.
As we have observed in the E-Groups over the last several weeks, all Postini customers by now should have received a notice from Google Apps that they are replacing Postini with Google Apps. More info on the transition is on their website: http://www.google.com/postini/ . While transitioning to Google Apps is acceptable for some, others may want to explore other SaaS solution providers. In this blog, I won’t mention or recommend other SaaS solution providers, but I will show you at a high level, a way to effectively evaluate other SaaS solution providers to compare their offerings with Google Apps. I’ve actually gone through this process twice now ...
0 comments

Serve & Secure: Anatomy of a VOIP System Selection - Part 3

By Mark Brophy posted 08-17-2012
Be the first person to like this post.
--- EPISODE III, Revenge of the SIP--- First, thanks to everyone who has read the first two installments of this blogs. I really appreciated all of your feedback. Many of you had asked for me to write about the final phase of the phone project – rollout and conversion. As a result, I put something together and brought this project, and blog, to a close. So, let’s thrown a quarter into the jukebox, queue up the music, and finish this thing. Just a small town girl, livin' in a lonely world First, the overall project can be rated as nothing less than a success. We had zero day one issues after conversion in any of the four offices. We are ...
0 comments

Serve & Secure: ILTA Conference 2012 - SOSPG Lineup

By Mark Brophy posted 07-26-2012
Be the first person to like this post.
Hello ILTA Fans! We're about a month away from another Conference with phenomenal sessions planned by The Server Operations & Security Peer Group. Our sessions are so good, that most of them are on Monday where we know we’ll have your full participation and attendance. Ok, that’s not why they are on Monday, but you should make Monday your SOSPG day and attend the sessions. Let’s see what’s going on. To back up a bit, on Sunday afternoon there will be a Community of Interest gathering for the LegalSEC crowd. This is a great time to have informal discussions and connecting opportunities in anticipation of the big LegalSEC session later in the week. All ...
0 comments

Serve & Secure: Upgrading 1000v Before vSphere 5 Upgrade

By Kevin Moore posted 07-10-2012
Be the first person to like this post.
Lathrop & Gage like many other firms, is getting ready to make the jump to vSphere 5 and developing a detailed plan with many pre-requisites which are very important in order to complete a smooth and successful upgrade. Todd Russell, Network Engineer at Lathrop & Gage, put together such plan and has been executing it over the last few weeks. He put a great deal of effort in making sure that the Cisco 1000v upgrade went smooth and one of the road blocks he hit was finding the proper documentation to complete this upgrade. According to Todd "There seems to be this disconnect still between Cisco and VMware in certain areas of the 1000v support. Most of ...
0 comments

Serve & Secure: LegalSEC™: Secure Your Law Firm Assets!

By Carlos Rodriguez posted 05-16-2012
1 person like s this.
"Several years ago, while serving as the national counterintelligence executive, I sat with colleagues discussing how we would plan an espionage attack against an American business. And then a lightbulb went on: the law firms! Of course: A company’s outside intellectual property lawyers have its technical secrets, and their corporate law colleagues are privy to strategic business plans. And lawyers don’t like taking instructions from anybody, particularly their less well paid underlings who are responsible for network security. They’re impatient. In some firms the rainmakers have nixed even simple steps, like requiring a password on mobile devices that connect ...
0 comments

Data Center Move: the Good, the Bad, and the Ugly

By Kevin Moore posted 04-16-2012
1 person like s this.
We are seeing a lot of questions and discussion on the ILTA ListServ's lately centering around the future of law firm Data Centers. Discussions have been along the lines of does a law firm build a new, remodel an existing, externally host at a co-location or consider moving everything to the " cloud ". I believe this latest blog entry written by Roland Hundley, IT Director at McAngus, Goudelock & Courie, LLC is a great overview of a Data Center move project. Roland covers the Good, the Bad and the Ugly of his Data Center Move project and contains a Top 10 list of items to remember to integrate into your project plan. Hope you enjoy this ...
0 comments

Serve & Secure: "Archiving Lessons Learned - Hope Eternal"

By Kevin Moore posted 03-28-2012
Be the first person to like this post.
Serve & Secure: "Archiving Lessons Learned - Hope Eternal" Over the years in IT, I have been amazed at a reoccurring theme that occurs when dealing with the implementation of products. I could ramble on and on and on describing my thoughts and experiences but was introduced to a blog post written by Scott Rolf, Director of Technology at Tucker Elllis LLP (bio available at this link). Scott describes the issues or as he calls them "Ouch's" that were encountered during his firm's migration of email archiving products and provides a bullet list of all the lessons that were learned from this project. Scott has graciously permitted me ...
0 comments

Serve & Secure: ILTA Distinguished Peer Awards Top 10 reasons to nominate your peers and/or yourself

By Carlos Rodriguez posted 03-19-2012
Be the first person to like this post.
This is the third year of ILTA's Distinguished Peer Awards and I wanted to highlight why you should consider to be recognize by your industry peers and nominate someone or even yourself. While our Peer Group is looking for nominnees for the Servers Operations & Security (SOSPG) Champion, there are other areas where you can be recognized individually or as a team so I encourage you to look at those as well. The SOSPG Champion provides value to their organization in managing or administering any or all of the following: Data centers, LAN and WAN equipment, NAS/SAN, Ethernet switching, Firewalls, Malware detection and prevention, ...
0 comments

Security in a Virtualized or Cloud Infrastructure

By Kevin Moore posted 02-06-2012
2 people like this.
We have all heard the terms Virtualization and Cloud. Yet we don't necessarily equate either of those two words with a very important term, Security. In some respects the phrase “Cloud Security” or “Virtualization Security” generates an oxymoron, i.e., an incongruity. Each one of us involved in law firm IT is very aware of what types of information could potentially be held on the firm’s computing resources. Examples include, but are not limited to, the end users’ "smart-phone" and SAN infrastructure contained in your physically secure data centers. The data may consist of everything from employee/client Personally Identifiable Information (PII), firm ...
0 comments

Serve & Secure: A look at the 2011 ILTA Technology Survey 2

By Carlos Rodriguez posted 12-08-2011
Be the first person to like this post.
Last month Jim McCue analyzed the results of the ILTA’s 2011 Technology Survey from the Server Operations and Data Center point of view in his Serve & Secure blog post . Our PG and blog does cover more ground and today I’ll try to disseminate and understand what the Security side of the survey tells us. And since Jim already covered all the disclaimers, I’ll just refer you to his post for that and get right into it. Email Security I’ll start with the no brainier; with over 51% SaaS solutions such as Postini dominate the email security and spam gateway, as it should in my opinion. In fact, almighty Cisco has started to completely fall ...
0 comments

Serve & Secure: A look at the 2011 ILTA Technology Survey

By Jim McCue posted 11-29-2011
3 people like this.
Hi, my name is Jim McCue and I serve as one of the Local Programming Liaisons for the Server Operations and Security Peer Group. I spent some time reading through ILTA’s 2011 Technology Survey Results and took a filtered view of the survey from the Server Operations point of view. I see some interesting trends, changes and challenges. Please don’t take this blog entry as a substitute for reading the Survey. There’s great info in there, and reading can be fun! At least so I’ve heard; I seem to get paper cuts every time I pick up paper these days. All opinions below are only my own and not reflective of ILTA’s or any of my colleagues. Do not step out of ...
0 comments