Cybersecurity for Macs

Transcript

Digital Detectives

Cybersecurity for Macs

05/19/2017

[Music]

Intro: Welcome to Digital Detectives, reports from the battlefront. We will discuss computer forensics, electronic discovery and information security issues and what’s really happening in the trenches, not theory, but practical information that you can use in your law practice, right here on the Legal Talk Network.

Sharon D. Nelson: Welcome to the 79th edition of Digital Detectives. We are glad to have you with us. I am Sharon Nelson, President of Sensei Enterprises.

John W. Simek: And I am John Simek, Vice President of Sensei Enterprises. Today on Digital Detectives our topic is Cybersecurity for Macs.

Sharon D. Nelson: Before we get started I would like to thank our sponsors.

We would like to thank our sponsor SiteLock, the global leader in website security solutions. Learn more at  HYPERLINK “http://www.sitelock.com/legal/digitaldetectives” sitelock.com/legal/digitaldetectives.

We would also like to thank our sponsor PInow.com, if you need a private investigator you can trust, visit  HYPERLINK “http://www.pinow.com” pinow.com to learn more.

John W. Simek: We’re delighted to welcome as today’s guest Tom Lambotte. Tom is the CEO of GlobalMac IT, a national managed service provider that provides complete end-to-end legal technology services to Mac based law firms. Their services provide leadership and direction to transform law firm operations and boost profits by leveraging technology.

Tom is the author of ‘Hassle Free Mac IT Support for Law Firms’ and ‘Legal Boost: Big Profits Through an IT Transformation’. He also has a forthcoming book being published by the ABA Law Practice Division titled Macs in Law. It’s great to have you with us today Tom.

Tom Lambotte: Thanks for having me.

Sharon D. Nelson: Well Tom let’s get started, John and I have frequently noted that Mac users have a false sense of security. Why do you think that is?

Tom Lambotte: This is something I preach and preach and preach some more. What I found I think it’s because Macs have always been touted as they don’t get viruses, And so because of that I found that most Mac users are far too lackadaisical in their approach towards security based upon that old notion which is oh, Macs don’t get viruses therefore they think they’re safe.

John W. Simek: But in fact they do, right Tom.

Tom Lambotte: They do. They don’t get viruses but they get Trojans, malware and adware. We run software for all of our clients and we find items on a weekly basis that need to be removed. Most common are adware and malware, Java and Flash have also had exploits that have been common and Apple has even had a few security vulnerabilities in the past year alone.

In doing this for just about ten years, this is our tenth year now, about 20 to 80% of the Macs when we first take over service for our clients have some kind of malware or adware on the computer. So it’s a lot higher than most people realize.

Sharon D. Nelson: Oh it absolutely is and of course as Apple’s market has expanded, it’s become more vulnerable because now it’s a better target for the bad guys.

Tom Lambotte: Absolutely. And law firms are definitely a target worth attacking. They have all the good stuff.

Sharon D. Nelson: They surely do, like data, data which is black gold it’s the new oil today. How has the evolution of cybercrime increased the security threats to Mac users?

Tom Lambotte: Well in the old days cybercrime business was pretty simple, right? We’re going back 100, 200 years and so you bought a gun or a knife, you’d hide in an alley, you’d say stick them up when someone walks by and you take their money. Startup costs were low, it was pretty easy to get started. Like any business owners they wanted to expand, how can I grow my business?

Trains came along and instead of robbing one person at a time they could rob 200 or 300 people at once. So it’s far more lucrative. And today thanks to advancements in technology and an ever increasing trend of storing financial and personal information on third-party cloud platforms the new train robberies are cybercrime related.

All they need to do now is hack into a single large platform they can use advanced technology to rob millions. The data breaches make daily headlines, people almost are desensitized to them I would say. Yahoo had a billion accounts just a couple years ago here and in that tying in the Mac users again the big security threat to Mac users is that mentality that hey I don’t have to worry about security because I’m on a Mac.

And so it’s all of — it’s — the cybercrime has evolved in so many different read this now that the viruses they are only a tiny slice of the pie. There’re so many other things out there that they need to be concerned with.

John W. Simek: So Tom what would you consider to be one of the biggest threat to a to a Mac user?

Tom Lambotte: I would say just I mean when you look at software as-a-service again, the threats have shifted from an insecure server that might be in your closet next to the water cooler to cloud-based services where all the data is stored.

(00:04:54)

If that data is only protected by weak passwords and badly trained end users, that are easily susceptible to phishing attacks then it does – those types of cases don’t care if you are on a Mac or Windows computer.

So that’s what they need to look at is again where is data being stored, what has changed, how are my users using the computers. So it goes far deeper than well, we got a Mac so we don’t have to worry about viruses therefore we are safe.

Sharon Nelson: Well they certainly think they are and I know we hear that all the time from solo and small firms, say, 10 or less people there, users there, they really don’t think they need to worry about it, are they wrong?

Tom Lambotte: Yes, yeah absolutely. The common, again, it keeps coming back to mindset and the mindset here is, hey, we are small, no one is going to bother to hack us, right? We’re just a small real estate law firm. We’re just a small whatever it is. They just think that they are too small and that hackers just go for the big ones. But law firms are considered to be one stop shops because they have all that high value information in a well organized manner often with much a weaker security than their clients.

You know, they might be doing work for a large company who might maybe has a 1000 people on staff for 500 and they have the really advanced security protocols in place, but they might need to hire this law firm for some specific legal work and the law firm often when they are smaller, you know the smaller the firm the more relaxed they are in their security measures. So it’s an easy place to shop.

John W. Simek: Well, Tom I think most users, computer users anyway they are pretty much up to speed or they know about this whole virus thing and all that. They have taken precautions around that, but can you kind of share what are thoughts about a security threat that most Mac users just aren’t even really considering or even aware of?

Tom Lambotte: So one that’s been happening, we have had multiple instances just in the past, just in the past quarter is hacked email. We have all received spam message from friend’s account, then we kind of roll our eyes and we go, oh, their yahoo account got hacked, right, the tell tale sign and we get offers for ten million dollars for overseas accounts. So that’s what most people think of when they think of someone’s email being hacked.

What’s frightening though is that the more sophisticated hackers now-a-days they don’t log in and send spam email, they don’t even leave any clues that they are inside and reading your email, so they sit there and they watch and they read and they wait for their opportunity. When a sophisticated hacker gets in your email they can learn so much about your life, spending a week through reading someone’s email history you can learn about their banking, investing, childcare, business and shopping habits, not to mention personal messages between friends and family members.

And if this gives listeners the creeps, that’s good, it should. You know I want to splash some cold wet water on your faces and go, whoa I hadn’t thought of that. So, you know, my goal is that maybe you go and check that password that’s password 1234! And pick something little better than that.

John W. Simek: I think a large degree of the problem to those folks who are using the same one over and over, right?

Tom Lambotte: Oh yeah, oh yeah.

John W. Simek: So that hurts you. And the other, you know I know its not just Yahoo either, when we get involved in folks and hear about folks with hacked emails, AOL seems to be pretty high in the list too?

Tom Lambotte: Absolutely, AOL and even just their email accounts, you know we have had clients in their law firm, have their email accounts hacked and then send emails to their existing clients and you know it’s scary. We have had a couple of close calls where they get a request for a bank transfer along with some routing numbers and if they didn’t have the extra measure to verify the routing numbers before transferring money, the money would have gone.

Fortunately it hasn’t happened to our clients, but I have heard of cases of other CEOs I know of MSPs, I am sure you guys might have heard some existing stories where – if that happens, your money is gone. There is no one due, the bank doesn’t protect you from that. It’s done.

Sharon Nelson: An amazing number of law firms have had problems like that, so they do need to be weary of it.

John W. Simek: Well before we move on to our next segment let’s take a quick commercial break.

Sharon Nelson: At least 80 of the 100 biggest law firms in the country had been hacked since 2011. Protect your firm and your clients from cyber attacks with SiteLaw. Their industry leading, cloud based suite of website security solutions includes website scanning, web application firewall including DDoS mitigation, and 24X7 365 US based costumer support. Give your firm and your clients piece of mind knowing their information is secure. Learn more at sitelaw.com/legal/digitaldetectives.

(00:10:03)

Advertiser: Does your law firm need an investigator for a background check, civil investigation or other type of investigation, pinow.com is a one of a kind resource for locating investigators anywhere in the US and worldwide. The professionals listed on PInow understand the legal constraints of an investigation, are up to date on the latest technology and have extensive experience in many types of investigation including workers’ compensation and surveillance. Find a prescreened private investigator today. Visit  HYPERLINK “http://www.pinow.com” www.pinow.com.

Advertiser: I bet you didn’t think about running a business when you were in law school, but now that you have your own practice you are constantly looking for tips on marketing, accounting, practice management and so much more. I am Christopher Anderson and you can get expert business advise on my podcast the Un-Billable Hour found on legaltalknetwork.com, iTunes or wherever you listen to podcasts.

Sharon Nelson: Welcome back to Digital Detectives on the Legal Talk Network. Today our topic is cyber security for Macs. Our guest is Tom Lambotte, the CEO of Global Mac IT, a national managed service provider that provides complete end-to-end legal technology services to Mac based law firms. So Tom talk with me about mobile device management. I think that there is a perception that Mac users believe with their iPhones and iPad they are secure enough with the touch ID and then just changing email passwords if employees leave, what’s wrong with that?

Tom Lambotte: So the first thing to touch on is the touch ID. A lot of people again are taking a kind of a false sense of, hey, I have got touch ID enabled to I am good, they have to cut my finger off in order to unlock my phone. The problem is you know once you try putting your ID, if your thumb is wet or something like that it doesn’t work, what happens it asks you for a password to enter.

So if you are still using a four digit password that’s very easy to hack, one out of seven phones can be hacked with the top ten passwords. I think let’s say we had seven people, seven of us on the call right now, one of us can probably have our phones hacked if we sit there and try to put in the top ten passwords. So, just relying on touch ID isn’t enough. You want to make sure you are using more complex password, here is one little tip for that.

The other one is the mentality that, hey, if an employee leaves and they have got email on their phone, all we need to do is change his email password and we are good and a lot of people think that is a good solution. Again, the smaller the firm, the less likely they are to have a mobile device management solution in place.

So the problem by only changing a password is it doesn’t remove any data from their phone, it simply blocks them from sending or receiving any new email accounts, all the contacts, calendars, emails, attachments, sensitive client information is still on their phone, so you do not have control over that data if your approach is simply to change the password.

So that’s why it’s really important to roll out a true mobile device management solution no matter how small your firm is, so you can be taking control if and when something happens. Again, the smaller the firm, the more laid back they are, the more we trust everybody, right?

It’s a beautiful happy family, nothing is ever going to happen, oh Susie, you know shall be with us forever, until the day she is not. And so it’s important to plan for those things, so when a negative situation occurs the reaction isn’t stressing out and losing sleep and hoping nothing bad happens, but instead of hey, it’s too bad she wanted a walk but at least we have got these measures in place and all our data is secure.

John W. Simek: So Tom, I have got my own ideas on here, but Mac users in protecting themselves, can you tell our listeners if there is anything that they could probably implement today that’s going to help improve their security posture and I am going to listen to see if your answer is the same as the ones I am thinking?

Tom Lambotte: Yes, you know, so couple of easy ones that are so easy. I mean once you hear this and urge the listeners, once you hear this my hope is that you can’t unheard it. It’s so easy, you cannot take action, that’s my goal. So the first one is to use full disc encryption. The reason you need to enable this is if you don’t have this turned on if your computer gets in to my hands with five minutes and a screw driver I can take the hard drive out plug it in to an external USB hard drive case and I will be accessing all of the data on your hard drive.

(00:14:56)

Okay, if you have FileVault enabled it encrypts everything on your hard drive so nobody can do that. So FileVault is built in to your Mac operating system, it’s very easy to enable, just Google, how to enable FileVault and you are on your way, what do think about that one John, is that in line so far.

John W. Simek: Yeah that’s so far you are doing good and the best part of FileVault is its free.

Tom Lambotte: It’s free, it’s easy and now you just got to enable it. Another one and you mentioned this earlier John, with passwords, you have got to use a password manager, a specific tool built to do just that thing. The only way that users can move away from using the three passwords that they have, right, they have one password, they always use forever, then their one website said, hey, you have got to add a number in here, so they took that password and added a random number at the end that’s their level 2 security password and then one day their bank said, hey, you have got to have some kind of special character, so they took password 7 and they added a dollar sign at the end and that’s their extremely secure password and they use those three for everything.

So you have to move away from using the same password for everything, the easiest way to do that is to use a password manager. On the Mac platform, hands down the best one is one password, that’s the number one in password. And they even have a windows option as well, so it can stay in sync between your iPhone, your iPad, your computer and it makes it really easy to kind of implement that.

And the third and last one is to install antimalware software on your Macs. A lot of die hard Mac users will I can hear them, you know making all types of comments when I say that, but you can transfer, you know infected files to other users, again, malware and adware, we are removing those on a weekly basis for our clients even with our tools installed, there is still some things that get by.

So we recommend ClamXav as well as Malwarebytes antimalware for Mac, both are great solutions they do not slow down the computer, they work really well and they are inexpensive as well.

John W. Simek: I would add one more Tom and its free as well, and that’s install updates, you know there is a reason these guys distribute updates and it’s amazing how many users that we run in to anyway, they just don’t apply them.

Tom Lambotte: Absolutely, yeah definitely. It’s easy to do and it’s also easy not to do.

Sharon Nelson: Let’s go back to those small firms, you know you have got – say a Mac based firm of five to ten users, what would you recommend that they would be doing to protect themselves in their confidential data?

Tom Lambotte: So you know on top of the basic ones you just talked about one of the first ones is to role out a mobile device management solution for all their devices. This includes laptops, desktops, mobile devices such as iPhones and iPads. You need to have something that can allow a firm to retain control over the data, and without a mobile device management solution, you simply cannot do that.

And out of our client base I would say less than 5% had a mobile device management solution in place and it’s not hard. Some of them are more expensive, some very small options are out there as well, so do some research and find something and role it out.

Another one that we use that I highly recommend is Cisco Umbrella and this is a cloud security platform that provides first line of defense against threats on the internet wherever users may go. So this protects them from phishing attacks and DNS spoofing and all kinds of things where people think they are logging to a website but it’s really another website that’s just collecting data.

So that’s another layer of security and the third one that I recommend is to use a next generation firewall. Don’t use a $70.00 router off the shelf from Best Buy. You need an enterprise grade, cloud connected device that the modern firewalls and routers are connected to the clouds so security definitions are always updated. The ones previously, someone had to log in and manually do those updates, so those never happened.

So those are three. It’s definitely everything, but those are few things they can get started with to raise, what we focus on is really having multiple layers of security. There is not a one shot solution and so you want to look at it from multiple different angles.

John W. Simek: So Tom, what role is Global Mac IT able to play in terms of increasing security measures for Mac based law firms and don’t forget, tell our listeners how folks can contact you.

Tom Lambotte: Yeah so people can contact me, I will say that, because I will forget that first, they can shoot me an email at  HYPERLINK “mailto:[email protected]” [email protected].

(00:20:00)

They can also go to our website at globalmacit.com and they can sign up there for our newsletter called MacAdvisor which is tailored just for Mac using attorneys. We also have a couple of whitepapers that I have written and copies of my books they can request online as well to kind of help educate themselves on what they need.

In terms of helping Mac based law firms increase of security measures we only have one service and we do everything for our clients, we just take the entire role of technology off of their plates, so they can focus on what they do. And included in our service is kind of doing a full audit of where our clients are currently and we compare that with our check list of kind of best practices they want to implement and then we just kind of work piece by piece getting all of those different additional layers in place to greatly increase their level of security.

Sharon Nelson: Well, we want to thank you for joining us today Tom. We really had a good time talking to you at ABA Tech Show, and of course Macs are an increasing force within the legal industry and that tends to be especially true among the solo small firm market. So I know that you have given them just some wonderful advise and insights today, so thank you for taking the time to join us.

Tom Lambotte: My pleasure thanks for having me.

John W. Simek: Well that does it for this edition of Digital Detectives. And remember you can subscribe to all the editions of this podcast at legaltalknetwork.com or on iTunes. If you enjoyed this podcast please review us on iTunes.

Sharon Nelson: And you can find more about Sensei’s digital forensics technology and security services at senseient.com. We will see you next time on Digital Detectives.

[Music]

Outro: Thanks for listening to Digital Detectives on the Legal Talk Network. Check out some of our other podcasts on legaltalknetwork.com and on iTunes.

[Music]