In 2017, the American Bar Association wrote “Security breaches are becoming so prevalent that there is a new mantra in cybersecurity today: “It’s when not if,” a law firm or other entity will suffer a breach.”
Building on this quote, law firms need to be vigilant and prepared by exploring Worldox Backup options in the event of a security breach or disaster, and the Why, When and How to address this critical topic.
First let’s address the Why – we have assisted clients in the past that have experienced worst case scenarios such as the following:
- Server Failure – Research shows that failure rates begin increasing significantly as servers age. Where a four-year-old server has an 11 percent annual failure frequency, the rate of failure in a server's first year sits at 5 percent.
- Data Corruption – Both SQL databases and Non SQL databases are prone to corruption. This can happen when there are mismatches in database version numbers or when the system suddenly shuts down during an operation or there’s a bug in the SQL server.
- Hardware Theft – In many ways, it’s easier for a thief to physically steal a company’s server than it is to hack into the company’s network for the same purpose. Most companies give a lot of attention to internet-based security, but less attention is typically paid to the individuals who have physical access to the same information.
- Hacking – Cybersecurity issues are becoming a day-to-day struggle for businesses. Trends show a huge increase in hacked and breached data from sources that are increasingly common in the workplace, like mobile and IoT devices.
How is the next critical piece to surviving a security breach. The key is to make sure your organization has answers on How your organization would deal with any of the above listed changes. That means taking the time and effort to prepare a response plan now, before a breach occurs. Preparations like identifying servers that are at risk, backing up servers regularly, making a server replacement plan, thoroughly vetting those with access to hardware and elevating cybersecurity processes and solutions to one of your firm's highest priority investment are just a few of the ways to be ready.
Lastly, When? The answer is now. This means your organization needs to have a plan in place, and schedule full disaster recovery practice sessions regularly. Make sure you test recovering from your backup media onto your backup infrastructure. The time to discover you can't recover is not AFTER you need to recover.
What follows is an example of the complications that can result from an incomplete or insufficient backup and recovery plan. This scenario unfortunately occurs more often than we’d like to see because many of the popular backup solutions do not automatically include the vital Worldox system files. Most IT folks only select the actual documents, and the Worldox application folder for backup.
This isn’t enough!
Imagine the worst possible scenario - you are a victim of a break-in, in which your file server housing all of your Worldox documents and all other firm data is stolen. In addition, your dedicated Worldox Indexer machine and several user workstations are also stolen.
In working with the Firm’s IT contractor, we discover that due to an oversight in the configuration of a very popular cloud-based backup solution, none of your Worldox System configuration files, nor any of your Worldox Distributed Database (XNAME) files have been selected to be backed up.
As a result, we must use alternate disaster recovery methods which will take a significant amount of time (and cost) to painstakingly recreate document profiles and metadata by manual data extraction from audit trail information stored (and thankfully recoverable) in the incomplete cloud backup.
Ultimately, we can recover most of the document’s metadata, but at great cost and many hours of work by Affinity and the firm.
To avoid this situation, your IT person or contractor who configures your organization’s data backup must absolutely consult with the Worldox specifications or Affinity to be sure that they are selecting ALL the right files when configuring the backup! It is NOT enough to just backup the documents.
If you have any questions about security and Worldox or suggestions about preparing for disasters like the ones listed above, Affinity can help. Just reach out to us any time by calling us at 877-676-5492 or request a consultation.
