Keeping Your Remote Workforce Secure With Security-as-a-Service From Braintrace

Posted on April 3, 2020 by Greg Spicer

BraintraceWe recently had a chance to speak with Greg Spicer, the CRO at Braintrace, to discuss the firm's newest service offering, which they introducted in response to the dramatic shift in the business environment, as IT departments everywhere suddenly found themselves scrambling to support a remote workforce that mushroomed overnight.  

* * * * *

PinHawk:  Who is this Security-as-a-Service designed for and what problem are you solving for your clients?

Greg Spicer:   We developed this new service to address the needs of law firms and law departments of all sizes, as they found themselves struggling to adapt to a new operating environment that basically emerged overnight.  All of a sudden almost all of their employees were working from home and many of our clients found themselves under-resourced in order to provide truly secure connectivity to support them.  There were only so many firm laptops to go around and too many folks working remotely were connecting from their personal home devices that didn’t provide a safe VPN connection.

We monitor network traffic for many of our clients and right away we could see how vulnerable they had become.  To contend with all the remote traffic, many IT departments simply responded by exposing RDP over the internet.  In fact, over the last month we saw an increase of 7,000% in port 3389 sessions for firms going out over the internet.  A few other IT departments seem to have opted instead to expose RDP to non-standard ports in the mistaken belief that this would somehow keep them safer.  Both these methods are highly vulnerable to attack.

Our new Security-as-a-Service offering solves this problem. We can provide data security for all firm employees who need remote access, no matter what sort of home device they are working on.

PinHawk:  What do clients receive through your Security-as-a-Service offering?    

Greg Spicer:  We protect all remote access to the firm’s network that’s not otherwise connecting through a VPN.  We describe this as an Enterprise Firewall-as-a-Service.  Traffic from an employee’s home network streams through Briantrace’s enterprise-grade UTM firewalls.  This allows us to ensure protection against the latest threat actors by establishing all rules for firewall egress and ingress.  We block, filter and monitor for risky traffic and events and our security operation center analyzes all detected alerts.  Instead of exposing your RDP to bad actors, your remote workforce will have the benefit of a security blanket provided by Braintrace’s state-of-the-art control and monitoring services. 

There are a number of other key features included as part of the new offering:

  • Endpoint protection for the Home.  In addition to secure remote access, our service also provides an endpoint detection tool, which leverages next-generation AI-powered threat detection.
  • Vulnerability Scanning.  Braintrace will perform internal, unauthenticated and comprehensive vulnerability scans within the home network environment for your remote staff, in order to validate that updates and patches are current and not susceptible to attack.  
  • SIEM-as-a-Service.  We also provide managed SIEM and SIEM-as-a-Serivce for our clients.  We deploy IBM’s QRadar to monitor your log data and perform real-time analysis in order to provide round-the-clock protection against cyber-attacks.
  • Managed Network Traffic Analysis (MNTA).  The team in our Security Operations Center monitors, investigates and triages all alerts triggered by Braintrace’s NTA tool.  Utilizing advanced analytic tools and rule-based alerts, our team proactively tracks and hunts threats, event-triggered PCAP data, encrypted payload fingerprints, and anomalous threats to validate in real-time all incidents and reports.

PinHawk:  How does Braintrace’s Security-as-a-Service offering compare in cost to other options that might be available to IT departments looking to provide a secure connection for the remote workforce?

Greg Spicer:   From the outset we had two business objectives as we put together this new offering.  We realized it had to be provided on an SaaS basis – an outsourced solution that clients could implement immediately.  And we wanted it to be highly cost-effective and much cheaper than the alternative of providing firm hardware or VPNs for everyone working remotely. 

The bottom line is that by leveraging Braintrace’s state of the art platform, we can provide our clients with real peace of mind in a highly efficient, money-saving way    




Five Essential Steps to Secure Videoconferencing and Prevent Corporate Espionage 

Posted on March 31, 2020 by Frank Flores

A remote work environment may seem ideal for employees, but it can create a number of creative loopholes that hackers can exploit.  Chief among areas of potential vulnerability is video conferencing, which has become an essential part of the toolset for employees working from but which hackers are now actively targeting! Here are give key steps employers should be taking to secure their videoconferencing systems.

Read More

Essential Cybersecurity Tips for Working at Home 

Posted on March 22, 2020 by Braintrace

Due to COVID-19, many of us are forced to work at home. The Braintrace team came together to bring to you tips to stay secure while away from the office. We created this article for our IT professional clients to share with their colleagues.  Follow these steps to create a secure home office.


Read More

Protecting Your Domain From Back Door Risk 

Posted on February 20, 2020 by Greg Spicer

Domain protectionEvery website domain has hundreds, if not thousands, of permutations.  Most of these permutated domains are completely harmless, involving a simply typographical variation on the original domain name. However, every now and again a fraudster will create a domain based on one of these permutations with bad intentions, hoping to compromise the security of the original domain.  It’s important to understand and take reasonable steps to mitigate this risk, so you can better protect your vital business domains.

Read More

Waiting for Stuxnet: 8 things a security engineer can do to stay ahead of emerging security threats 

Posted on January 28, 2020 by Frank Flores

A list of 8 essential tips on how to enhance your law firm's cyber security from the Director of Security Operations for Braintrace.  These are all critical practices that should be incorporated into your security routine in order to stay 3 or 5 steps ahead of the bad actors who are out there now, probing and waiting for the chance to compromise your law firm’s security.

Read More

Most Popular Tech Stories in 2019 

Posted on January 7, 2020 by

In keeping with the time-honored tradition of publishing best of lists to celebrate the New Year, here is our list of the ten most popular stories that appeared in Law Technology Digest in 2019.  What do you suppose it says about the pace of technological change last year that the top story provides 18 euphemisms for “I haven’t got a f*cking clue”?

Read More

Hitting the Sweet Spot for Law Firm Management with Zola Suite 

Posted on December 5, 2019 by Joseph Lamport

In the first part of this series, I wrote about how the platform business model is one of the defining features of our current state of technological and economic development, evident in such business success stories as Uber and Airbnb.  A platform business is one that creates value by facilitating exchanges, of either information, good or services, among otherwise independent groups and individuals via the platform it creates.  I also explained how the platform business model is of growing importance in the legal market, not so much for connecting lawyers to clients but as a means of more effectively connecting the lawyers within a firm and thereby enabling a much more efficient and far more integrated work-flow.

In this second part of the series I’m going to take a closer look at Zola Suite, part of the new generation of cloud-based law practice platforms now available on the market.   Zola Suite formally launched in 2015, after a few years in development, but in fairly short order it has emerged as a market leading solution for mid-sized and larger law firms. This positions Zola in notable contrast to its better-known cloud-based provider, Clio, which has attracted a large number of solos and small firm clients to its platform.

Read More

The Law Practice Platform 

Posted on November 12, 2019 by Joseph Lamport

In the past, law firms were held together primarily by their partnership agreements, which laid out the rules for how firm-wide decisions got made and how the spoils of collective labor would be divvied up.  Law firms of the future – whether they are organized as partnerships, LLCs or some other alternative business structure – will most certainly be far more dependent on whatever practice platform they choose to adopt.  It will be the practice platform, much more than the partnership agreement, that provides the insight, controls and coherence that holds the firm together.  

Read More

Casetext Launches CARA Patent That Provides Users AI-Powered Patent Law Research 

Posted on October 23, 2019 by Joseph Lamport

Casetext keeps leading the way by introducing powerful new applications of AI in the legal research market.  This week they announced the roll out of CARA Patent, a new product that leverages the power of AI technology to transform patent law research.

Read More

Incident Response: What Every Law Firm Needs to Know 

Posted on October 17, 2019 by Katherine Riley, CISA, CISM

One recent study estimated that a cyber-attack occurs every 39 seconds, which underscores the need of every business in America to be prepared for the possibility that their network security will eventually be tested if not breached.  For law firms, the risk is even more severe.  As of 2017, around 20% of all U.S. based law firms had been hacked.  By early 2019, that percentage had risen to an alarming 25%. 

And yet severe as the risk of security breach is, fewer than half of all law firms in the US have an adequate incident response plan in place, and less than a third of those firms with plans have undertaken any testing to ensure their preparedness in case of an attack.  The lack of planning and testing only increases the dangers law firms face.

Read More

Nothing Compares With compareDocs 

Posted on October 15, 2019 by Kerry Carroll

Document comparison is an absolutely essential technology for law firms today.  It’s a critical productivity tool that most lawyers rely on every day and it plays a vital role in client service because it’s how your firm keeps clients fully informed about work-in-progress.  How does your current solution stack up against compareDocs - the leading document comparision tool on the market? 

Read More

Parsons Behle Lab: Ringing the Bell for Market Innovation 

Posted on October 9, 2019 by Joseph Lamport

Parsons Behle Lab has embarked on an ambitious tech development effort, which represents a striking departure from the way most law firms have approached similar innovation and tech development initiatives. They are in the process of building a new type of law practice platform, which is open for other law firms and lawyers to use, and which enables participating firms to expand the services they offer to their own clients.  It's a platform that seems laden with opportunity for all those who choose to get involved. 

Read More

Streamlining the Process of E-Filing: making good on the promise of technology 

Posted on September 23, 2019 by Joseph Lamport

One of the most frustrating tendencies of technology is to create new problems while trying to solve old ones.  It's reminiscent of the drinker who drinks to forget he’s drinking in the Little Prince, with the problem and solution forever chasing each other in circular fashion.

Read More

Law Firms & Ecosystems 

Posted on September 9, 2019 by Anders Spile

For decades, law firms have upheld strong boundaries between the firm and the society in which they operate. The law firm maintains itself as a sturdy fortress, within which hierarchy, culture and tradition go unchallenged. The career path remains clear; associates and junior lawyers execute repetitive work in an attempt to get to the promised land of the equity partner with the result being that billable hours are silently killing all innovative efforts happening lawyer-to-lawyer.

Read More

Interview with Greg Spicer 

Posted on August 16, 2019 by Joseph Lamport

Editor’s Note:  We recently had a chance to sit down with Greg Spicer, the CRO at Braintrace, to talk about the growing importance of information security management and the option for registration under ISO 27001 for law firms today.  Braintrace is one of the top cybersecurity consulting firms in the country serving the legal, financial and government markets. 

Read More

Most Recent Issue

Opting for choice "c"

Choice is good. In this post Ron Friedmann talks with Ed Walters, co-founder and CEO at Fastcase about choices for legal research. The good news is that there is more than the duopoly of RELX LexisNexis or Thomson Reuters Westlaw. If you are tired of just the big two, be sure to read more at Prism Legal: Fastcase Gains Share in Big Law

- o/|oo|\o -

Out of the frying pan and into the fire

Sharon D. Nelson was not surprised by the results of Morrison & Foerster's COVID-19 Impact Survey. "...of the 110 in-house leaders at global companies who took part in the survey, only 29% cited data security as being a major risk, while just 18% said privacy was among their top priorities." Sharon concludes, "The survey results make logical sense - but those results may put businesses at greater risk of a successful cyber-attack." I believe that would be referred to as out of the frying pan and into the fire. Read more at {ride the lightning}: Survey: General Counsels Too Busy With COVID-19 to Focus on Cybersecurity

- o/|oo|\o -

Plan B (not from outer space)

Jared Spataro, Corporate Vice President for Microsoft 365, lays out the reasons why Teams should be the solution for you. If you aren't already a Temas user, maybe should consider it. Or maybe it makes a great Plan B? Read more at Microsoft 365 Blog: For IT professionals: Privacy and security in Microsoft Teams

- o/|oo|\o -

Jeffrey Brandt, Editor

Connect with me on LinkedIn Jeffrey Brandt
Follow me on Twitter @jeffrey_brandt
Follow all the PinHawk highlights @PinHawkHappens | Blog:

Founding Circle, Association of Legal Technologists (ALT)
Member, ILTA Program Planning Council
Advisory Board Member, Lexpo'19
Chair, The 2019 Legal AI Forum
Judge, Litera Microsystems 2019 Changing Lawyer Awards

Welcome to our newest "pinions" from Minnesota, Massachusetts, Italy and parts unknown!

There are other PinHawk newsletters that your colleagues and coworkers may be interested in. Pass along the links to the daily PinHawk Legal Administrator Daily, PinHawk Librarian News Digest two weeklys, PinHawk Law Firm Marketing Brief, PinHawk Leading Law Departments and now the COVIDS-19 Daily Alert.

All content Copyright © 2020 PinHawk LLC. All Rights Reserved.