Insider Threat Driving Security-led DMS Adoption

A recent piece of research shows that 42% of IT security incidents are caused by employee actions and 74% originate from the extended enterprise – i.e. customers, suppliers, etc. Furthermore, it is noteworthy that 40% of businesses are seeing security incidents rising since 2015, with hacker threat down to 26% in 2017 – from 33% in 2015.

This growth of insider threat and its recognition is reflected in the legal market too. With recent breaches such as the Paradise Papers and other leaks, preventing and mitigating insider threat in its many guises, is making its way up to the top of the Board agenda. After all, the repercussions are too severe to ignore. Over the last six months, in almost every new deal, law firms have asked us for security functionality that expressly addresses this issue. It would not be far-fetched to say that in fact one of the key drivers for document management systems (DMS) adoption today is capability to securely manage and protect data from internal and external threats. Modern DMSs today offer such capability to an advanced level.

For instance, a DMS enables firms to implement ‘need to know’ security based on the organisation’s security policy – i.e. only authorised individuals can gain access to respective information residing in the DMS. Firms are also able to segment data in the DMS – in the event of a breach, exposure to documents is thus limited to only those records that are accessible to the individual whose credentials have been compromised.

The sophisticated DMSs of today use a combination of behavioural modelling and machine learning to continuously monitor the data residing in the DMS for irregular behaviour in terms of how information is accessed by individuals. For example, if a lawyer in the family practice is accessing corporate M&A data, it would flag up to the IT department who can investigate if the behaviour is legitimate. In fact, such capability is very valuable to law firms as it allows them to establish effective and secure ‘Chinese Walls’ for matters where there might potentially be conflict of interest between practice areas and geographies. In fact, many firms now are also connecting this kind of active threat management functionality to their existing security stack, such as SIEM tools.

Alongside insider threat, law firms are looking to consolidate data in order to comply with the fast approaching GDPR deadline. Security-rich document management functionality is key to such initiatives. With the help of reports, graphs and other visualisation tools, firm can demonstrate to both clients and regulators that the necessary controls are in place to protect confidential and personal information, both internally in the organisation and from cyber criminals.

The reality is that in today’s technology driven business environment – mostly inadvertently, but sometimes deliberately – employees pose a security risk to their organisation. Technology such as DMSs facilitate best practice-led, near fool-proof safeguards to protect the organisation’s crown jewels – i.e. data.