Keeping data safe and avoiding cyber attacks is a priority for businesses of all shapes and sizes. But for the legal industry, the stakes can be even higher.
With law firms regularly overseeing multi-million pound business transactions and property sales, the potential bounty for hackers smart enough to infiltrate security systems is huge.
And with the nature of a solicitor’s work meaning they often hold sensitive information on clients, ensuring the data doesn’t fall into the wrong hands is vital.
Regional law firm Trethowans has found working in close partnership with its IT provider, Taylor Made Computer Solutions, at the very highest level has helped it lead the way in IT best practice.
Finance director Andy Duckworth said: “Without any doubt IT has to be a priority at board level. It plays such a vital part in every element of the business that it can’t be looked at as something you keep at arm’s length and manage separately.
“IT downtime, a cyber attack or loss of data could have huge implications for our business, both financially and reputationally, so we take it incredibly seriously. IT always has a regular slot at our board meetings.”
Trethowans recognises the importance of strategy when it comes to IT and tasked Taylor Made to create an IT strategy document that would help steer its actions – and IT investment – over the coming years.
The IT strategy, which ties directly into the business plan, allows the company to plan ahead, something that Duckworthsays is particularly useful to him in his financial role. “As an FD it’s handy for me to have that long-term view of what investment is needed so we can plan accordingly.”
It’s an approach that has come in useful as Trethowans goes through a period of high growth. In the past three years it has opened a trio of new offices and Taylor Made was able to advise well in advance what would be needed to make the growth seamless.
Sam McCarthy, account manager at Taylor Made, said: “We always recommend infrastructure based onwhere people are planning to be, not where they are now. Having that early insight into Trethowans’ growth plans really helped us hone our recommendations, based on its three to five-year business goals.”
Duckworth added: “You get much better results by involving partners in your business. If you have a relationship based on trust you can share information that will pay dividends.
Simply having an IT strategy isn’t enough in today’s fast-moving world, Duckworth said. He regularly reviews the document alongside Taylor Made’s technical director, Matt Faulkner to prioritise actions and adapt to changing circumstances.
“There’s no point in having an IT strategy if you leave it in a drawer and don’t take action,” Faulkner said. “Trethowans is a great example of a business using best practice and regularly reviewing its strategy and adapting where necessary.”
Cyber security forms a key part of Trethowans’ IT strategy and the firm places huge emphasis on keeping clients’ data safe.
The firm employs multiple levels of protection, which are incorporated into its ‘secure by design’ philosophy. The measures include a secure email solution, crypto blockers, enhanced two-factor authentication and a
secure off-site backup facility through Taylor Made’s backup and recovery service, Securo. Critically, these security measures are each proactively managed to ensure that the Trethowans platform is, and remains, safe to use.
Educating its staff on the potential risks of cybercrime – and how to avoid them – is also key. It runs regular training for all staff on how to detect a potential cyber threat and recognises that employees are often the ‘front line defence’ against cyber-attacks.
Duckworth said: “Our staff are really responsible and often pick up threats. The great thing about the training is that they can use that in their personal lives too; it’s helping to keep them safe at home.”
Trethowans is one of a growing number of companies undertaking vulnerability testing, where it enlists a trusted IT company to simulate a cyber attack and assess how it’s dealt with. “It’s the only way you can truly hammer it home and test your systems,” Duckworth said. “We were impressed with the results and thinking of taking it to the next level with regular cyber security tests for staff.”
Looking ahead, Duckworth has no doubt that IT will have a big part to play in supporting Trethowans’ rapid growth.
“We may be more than 150 years old but we’re as ambitious as we were on day one,” he said. “Taking a strategic view of our IT and linking that to our business plan will help us to grow even more in the coming years.”