Solicitors – Are you compliant?
Information security and cybercrime are a priority in the Solicitors Regulation Authority Risk Outlook Report 2015/16
The SRA have issued guidelines highlighting that protecting the confidentiality of client data is a key responsibility for regulated firms.
Microsoft support for Windows Server 2003 support has just been withdrawn in July 2015 and Windows XP support ended in April 2014. This means that no security or other updates will be issued. If you are still using these Windows versions your IT system could be vulnerable and possibly non compliant with SRA guidelines. Even if you are using a later version of Windows much of the guidelines still apply.
What are the options?
Upgrade to a new version of Windows 7, 8 or 10 (Just released)
- Barriers to upgrading include the minimum hardware requirements for the new version of Windows and obviously there is a cost involved. Your hardware could be many years old with obvious implications. There are ways to minimise the cost and we would always recommend the most effective option.
- Ensure that applications in use such as digital dictation software or time recording software are compatible with the upgrade.
Continue with Windows XP/Server 2003 (or later versions)
- This is still a valid option provided you ensure that any security risks are minimised and that the computers themselves are still performant and reliable. An audit and monitoring will help establish this.
Move to the Cloud
- Run Email and Office remotely using Microsoft Office 365. Minimises security issues and means you only need a web browser. Many or our clients are using Office 365 as this is a monthly/yearly cost rather than capital expenditure
SCS can assess any potential risks and offer a free health & compliance check on your IT system with no obligation. Just click here to contact us
Does the recent EU Court Safe Harbour ruling affect your firm ? Companies using cloud services (especially law firms and their clients) should consider how they continue to ensure EU DPA compliance. In the short term at least, they will need to turn to services that are solidly hosted within the EU with no transfers to the US
SRA – Risk of Online crime to legal business report http://www.sra.org.uk/risk/resources/online-crime-legal-business.page