Results 1 to 10 of 10
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    West Nyack, NY
    Posts
    23
    Thanks
    0
    Thanked 0 Times in 0 Posts

    2-person law office - do I need more protection than a modem/router?

    I am supporting a two-person law office, which uses a FIOS modem/router to connect to the Internet. I was asked whether they should add a firewall for additional protection. Does this router offer sufficient protection? If not, would a software firewall such as that in Norton Internet Security add additional security, or should I recommend a (more expensive) firewall appliance? Would this be overkill or would it offer even more protection? And if so, is there a hardware firewall that is inexpensive and relatively simple to manage? Thanks in advance for your comments.

  2. #2
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,625
    Thanks
    161
    Thanked 931 Times in 852 Posts
    A lot depends on your version of Windows. XP for example has a one way firewall, that is sufficient in most cases, included with the OS. Starting with Vista, the firewall included with Windows provided two way protection (inbound and outbound).

    Each new version of Windows became more secure than the last. For example Win 8 includes a default AV/AM app (Windows Defender). This app is an updated version of MS Security Essentials. Many choose to add a different free or paid AV/AM app, others are perfectly happy with this AV/AM protection.

    Many are choosing to add additional Malware protection in the form of MalwareBytes Antimalware. The free version does strictly manual scanning whereas the paid version provides real time protection that works very well, and plays very well with AV/AM apps.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  3. #3
    Platinum Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,626
    Thanks
    7
    Thanked 231 Times in 219 Posts
    From the blurb I can find a FIOS router is a standard firewall / router and will prevent the standard attacks, as will Windows firewall. Your client is more likely to click on an dodgy link and then answer Yes to the run request, installing a virus on their PC. Make sure they keep whatever AV they have up to date and scan regularly, preferably with an email to you if a virus is detected. I suggest they actually spend money on an AV product that prevents removal without a password and allows emails on virus detect.

    cheers, Paul

  4. #4
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,162
    Thanks
    205
    Thanked 210 Times in 202 Posts
    Because you are a law office and have highly confidential information, I wouldn't depend on any free A/V product. And yes, you definitely need a firewall. You can get a complete Internet Security package, such as Norton or Webroot. Those two programs are at the top of the lists of people who rate A/V programs.

    I have Windows 8 and I was depending on Windows Defender. I got some malware. I have since installed Vipre (not the best, but I have an active subscription with them), and I haven't had any problems since.
    Last edited by mrjimphelps; 2013-06-19 at 12:09.

  5. #5
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    10,308
    Thanks
    130
    Thanked 1,159 Times in 1,067 Posts
    I advocate using not only two way firewalls, but full HIPS apps. My choice of HIPS (which includes a top-rated two way firewall) is Online Armor. I couple that with a top rated antimalware app from the same manufacturer - Emsisoft Antimalware (two distinct engines, includes behavioral blocking). I use this in all my personal and family computers and I would run them in any other configuration where security was a concern, which seems to be your case.

    In my opinion, security today must be achieved through a multi-tier strategy, so that the diverse threats you face these days, will be stopped by, at least, some of the layers. Even paid options are relatively cheap (you can have the combo I use for about $30 or $50/year for 3 PCs).

    Of course, this adds to the protection they get from the router, but most relevant attack vectors depend on the user, these days, so the router offers very little protection against most common attacks.
    Rui
    -------
    R4

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Location
    West Nyack, NY
    Posts
    23
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks for all comments -- I will be installing Norton Internet Security on all (two) workstations. I have a second question about another security issue. If the attorney wants to remotely access her office computer while on the road, which method offers the most secure method of access -- Remote Desktop or VPN (or is there a third option I haven't thought of)? Do any of these options provide enough security to be able to use them on a public wi-fi, such as at Starbucks or MacDonalds?

  7. #7
    Platinum Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,626
    Thanks
    7
    Thanked 231 Times in 219 Posts
    Teamviewer is good, but make sure you have the security set up correctly.

    cheers, Paul

  8. #8
    Star Lounger
    Join Date
    Feb 2010
    Location
    near Ottawa, Ontario, Canada
    Posts
    57
    Thanks
    65
    Thanked 12 Times in 11 Posts
    Hi Geistman,

    I am a little surprised that no one else mentioned this, but maybe because it's normally not looked at as another anti-virus/anti-malware layer.

    If you are "the" IT support for this office you should ensure that hard-drive backups are taking place.
    I'd recommend full drive images that are kept off-site. This will protect against drive failures, fires and floods, etc.

    But I also see it as the "last-ditch" layer for a nasty virus infection.
    With the backup image, you can restore a PC back to exactly where it was at the last backup.
    Be sure that the backup schedule fits the data churn and critical-ness.
    Removing a virus infection and fixing the damage done could take days.
    Restoring an image should take a few hours.

    Also, since it's a law office with likely very private info being stored, drive encryption would help protect the data in case of computer theft.
    Perhaps it's more critical on the device used to remotely access the office; the traveling laptop that may be easily stolen.

    Good Luck!
    brino
    Last edited by brino; 2013-08-16 at 22:22.

  9. #9
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    6,235
    Thanks
    202
    Thanked 796 Times in 729 Posts
    Geistman,

    You might also want to have your clients, since they are lawyers, look into what LEGAL requirements they are saddled with, including but not limited to, Sarbanes/Oxley and HIPA since I'm sure they will have clients which will fall under these rules. HTH
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  10. #10
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,162
    Thanks
    205
    Thanked 210 Times in 202 Posts
    Quote Originally Posted by geistman View Post
    Thanks for all comments -- I will be installing Norton Internet Security on all (two) workstations. I have a second question about another security issue. If the attorney wants to remotely access her office computer while on the road, which method offers the most secure method of access -- Remote Desktop or VPN (or is there a third option I haven't thought of)? Do any of these options provide enough security to be able to use them on a public wi-fi, such as at Starbucks or MacDonalds?
    For confidential stuff, I wouldn't log onto a public wifi. You should get your own wifi hotspot with a cell phone company.

    You're probably ok if you're in a name-brand hotel, using their wifi (or wired connection in your room). But I wouldn't use one of the public computers that many hotels make available to their guests. All the ones I have seen have been chock full of ad-ware.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •