Law Firms

Entrusted with their clients’ most sensitive business information, law firms must prevent the spread of breaches between matters and litigants, demonstrating that data in their custody and control is adequately protected and actively risk-mitigated.


Law firm IT teams manage critical client evidence in rolling data collections, host large volumes of data in deal rooms and review tools, maintain large document management systems to centralize work product and expertise, and support critical attorney work in protecting client privilege in review and production, as well as administer hybrid cloud applications across the world to support these activities.

Managing security across heterogeneous systems with accountability to segment data for multiple clients and matters poses several challenges, including:

  • Consistent policy to secure all data and systems. Policy must be applied consistently across on-premise, virtual, and public and private cloud systems in order to meet client standards, defend security postures during audits, and control lateral movement between matters and clients.
  • Defensible risk mitigation and accountability. Potential vulnerabilities and enforcement measures must be quantifiable, auditable, and easily mapped to demonstrate enforcement across systems.
  • Superior productivity and ease of use to support billable work. Moreover, this must be accomplished with an economy of resources and without disruption to the pressure of internal, client, and court deadlines.


Like attorneys, security professionals honor the principle of “least privilege” or allowing stakeholders access to information only for the most legitimate business purpose – also known as Zero Trust security. Cybersecurity best practices from the MITRE ATT&CK Framework assume that systems are actively compromised, and requires working proactively to stop the lateral movement of malicious actors. Attackers employ multiple techniques, often compromising a low value system via endpoints, public cloud, or authorized third parties to gain a beachhead before moving laterally to gain access to more high value assets.

To combat these threats, law firms must enable real-time visibility, understand their threat profile, and map out bad actors’ potential attack pathways, enhancing the organization’s ability to precisely scope compliance control regimes and execute a least privilege security posture.


Enable Zero Trust Security to Prevent the Spread of Breaches and Ensure Compliance

Zero Trust security has been adopted as a common framework by the world’s most highly-regulated businesses and serial litigants. Banks complying with industry security standards like PCI-DSS, the SWIFT Customer Security Program, and new regulations like the Payment Service Directive (PSD2) are setting new standards and accountability for supporting least privilege principles – postures also expected of their Counsel and other parties with custody of data.

Following the Zero Trust model, organizations determine how transactions flow across the entire business ecosystem and how users and other systems access applications, services, and data. They create micro-perimeters across dependent applications, services, and other resources, apply granular policies and control, and continuously monitor for any suspicious behavior or anomaly — the tell-tale signs of an intrusion.

The Adaptive Security Platform® (ASP) enables Zero Trust security by giving you:

  • Real-time application mapping. See how applications are communicating in real time with an application dependency map, then map control policies to secure data for you and your clients across systems and relationships. Auto-generate optimal micro-segmentation policies at a granular level – role, application, environment, or location. 
  • Defensible risk mitigation. See which applications are connecting into vulnerable ports in real time with vulnerability maps and get a numerical East-West exposure score based on how many workloads can potentially exploit the vulnerabilities on a given workload. This data can be used to prioritize patching to minimize the risk and reduce your score or, if patching isn’t possible, micro-segmentation can be applied to reduce risk exposure.
  • Accountability and reporting. Monitor, detect, quarantine, and investigate anomalous connections and failed connection attempts, and collect evidence data for compliance and audits using Explorer.
How to Secure Your Crown Jewel Applications



Take these steps to secure the information "crown jewels" inside your data center and public cloud.

Get the guide »