Post Covid-19, can law firms have it all?

1st June 2020

Security, performance, transformation: Solving the legal conundrum with a software-defined SASE foundation for the future

No law firm worth its salt is going to risk its reputation by failing to protect confidential and client information from the risk of a cyber-attack. To limit the risk, the temptation may be to keep your IT and networking infrastructure locked down — but that approach tends to be incompatible with the way the law firms operate today, and certainly not aligned to the post-Covid shift to long term remote working and a paperless offices.

Although protecting your firm and its information is a top priority, you’re doubtless trying to balance that requirement against an array of competing imperatives, such as rapid global expansion, rising M&A activity, mobile working and the digital transformation of your business, which inevitably involves an accelerating shift towards cloud-based apps and services.

If your current infrastructure is holding you back from achieving those aims — because of insufficient bandwidth, lack of flexibility, or out-of-date approaches to security — it’s clearly time for a rethink. If you’ve put in a series of fast fixes in recent months, VPN roll-outs for example, now is the time to rethink whether they’re suitable for the long haul.

Is your infrastructure fit for the future?

To assess whether your existing networking and security infrastructure is right for your firm now, and ready to support it into the future, ask yourself a few key questions:

  • Can your firm’s network keep pace with escalating demand for speed, performance, rapid post-M&A integrations, and global connectivity?
  • Are your security systems properly equipped to detect and manage new security threats as they emerge, in particular those created by remote working??
  • Are you concerned that allowing access to cloud-based apps via your network could leave your firm exposed to security threats?
  • Is the way you manage identity and access control holding back transformation by making it difficult to roll out new applications and services?

If the answers to those questions don’t fill you with confidence, you could do what other law firms are doing: consider an alternative, coherent and cloud-based approach to networking, security and identity.

What’s the best way forward? 

The best way forward resides at the intersection of three key technology areas: software-defined networking, cloud security and identity management – Mid 2019 Gartner coined the term ‘Secure Access Service Edge’, or SASE, bringing cloud security and edge computing together reflecting the importance of these technologies as organisations accelerate their cloud journeys. Skilfully designed around your firm’s operations and business priorities, this combination can accelerate your digital transformation agenda while delivering the agility you need to grow, and the security capabilities you need for effective protection against attacks and threats.

Software-defined networking: underpinning transformation

Compared with the traditional MPLS WANs that have served many firms well over the past decade or so, a software-defined WAN (SD-WAN) offers many benefits that help to accelerate transformation, including:

  • High performance. The network quality and availability you need in every location, to handle casework, billings and 24/7 operations for example.
  • Unrestricted bandwidth. Easily meet new demands for access to cloud apps, video and collaboration tools.
  • Extreme flexibility. Extend or adapt your network in minutes and hours rather than days and weeks — without leaving your desk.
  • Cost reductions. Go from pricey, static MPLS connections to lower-cost, flexible SD-WAN technology. Switch from capex to opex at the same time.
  • Multi-carrier strategy. Take the opportunity to adopt a multi-carrier strategy that lets you optimise your choice of carriers for performance and cost all over the world.
  • Network visibility. Visibility across physical networks, virtual environments and the cloud enables close monitoring of network health and rapid decision-making.

Zero Trust: reduce cyber risk and simplify compliance

Traditional security models assume that everything inside your firm’s network can be trusted. But the sophistication of modern attacks and insider threats means this is no longer the case. For a security posture that’s fit for a cloud-enabled firm, consider a cloud-based, software-defined approach to managing your security perimeter.

The software-defined perimeter (SDP) goes beyond perimeter protection by supporting the zero-trust approach of ‘never trust, always verify’ — but without the cost and complexity of multiple firewalls, and without compromising the user experience. In addition, it integrates seamlessly with SD-WAN, protecting your firm all the way from your sites to the public internet.

In addition to SDP, law firms are embedding security intelligence and event monitoring (SIEM) solutions into their overall network security approach. By automating network threat identification, SIEM lets you switch your focus from detection to remediation. As well as helping you reduce the impact of any attack, SIEM allows you to comply with relevant industry and audit requirements.

Identity and access management: access made easy and secure

As your firm migrates towards the cloud, lawyers will increasingly expect secure, straightforward access to apps and information from any device or location. New starters need access to be productive quickly; equally, access for leavers needs to be promptly revoked to reduce the potential for fraud or data loss. Your challenge is to protect identities both within and beyond the firewall.

A cloud-based identity and access management system will help you do this efficiently and effectively by taking each employee’s unique identity as its foundation. Your firm will also benefit from:

  • Better user experience with single sign-on and reduced reliance on passwords.
  • Easier rollout of cloud apps through the use of intelligent role- or location-based access rules linked to your existing identity management system (such as Active Directory).
  • Shorter time to productivity and value post-M&A, by using identity as the key to provide access to critical apps, instead of having to wait months — or even years — for the move to a single network.
  • Unrivalled visibility into who has access, where and when — a major enhancement from a security and management information viewpoint.

Enhance security, accelerate transformation

With SD-WAN connecting your locations and providing dynamic bandwidth, cloud security simplifying secure app access via the internet, and identity management ensuring that individuals accessing apps are authorised to do so, your firm can confidently pursue its digital transformation, safe in the knowledge that its information — and therefore its reputation — are protected.

Because these solutions are designed for the cloud, they bring the benefits of flexibility, affordability, performance, speed and remote operation. In addition, they can work with your existing infrastructure in hybrid or full cloud scenarios. So rapid post-merger integration and cross-firm case collaboration are simplified, and the billability of your lawyers is maximised. And as all three technologies work together, they can be integrated into a seamless solution designed around your firm’s needs and ambitions.

Ready for the future? To find our more, or to request an exploratory meeting, email us at hello@xalient.com n +44 (0)207 096 3100.