A modern approach to office cyber security
Hedges Law, an employee-owned UK law firm, has partnered with Cloudify Legal, a tech consultancy for the legal sector, to implement a Zero Trust Network (ZTN).
Hedges Law’s aim was to achieve high cyber security with total remote working capability at an affordable cost. The traditional model, which consists of a business’ own network, firewalls and hardware, requires a substantial investment and maintenance.
Hedges Law decided to take the ZTN approach with Google’s Chrome Enterprises and NEOWAVE’s FIDO secure keys to keep costs low without compromising security risk, following Cloudify Legal’s recommendation.
A ZTN is a security model which maintains strict access controls and does not trust any device by default, even if connected to a permissioned network. The ZTN approach advocates mutual authentication and provides access to the network based on the confidence of device identity and device health in combination with user authentication.
Google’s ZTN is predicated on a unique email address, and a reasonably secure password. By using Google’s Workspace service and sign in to Google’s worldwide network infrastructure, you are signing into a ZTN. The real power of Google’s ZTN sits with the option to enable and modify two-factor authentication (2FA). Using a modern and secure version of 2FA with a physical secure key for each employee, Hedges Law has given its network an additional layer of protection from ransomware, malware and phishing attacks.
Hedges Law chose NEOWAVE’s Winkeo FIDO U2F via UK-based distributor Open Seas. All 50 employees have been given the key and are required to use it in order to authenticate their log in when a new device or IP address is detected by Google. NEOWAVE’s key has been chosen for its affordable price and its enhanced security as it follows the FIDO Alliance standards and prevents brute force, phishing and man-in-the-middle attacks.
Overall, Hedges Law saved £48,000 per year on their Network Infrastructure costs when compared to the nearest competitor without compromising security protection. Implementation by Cloudify Legal of the Winkeo FIDO U2F keys and Chrome Enterprises system across the organisation took no longer than one working day.
Karen Edwards, Operations Director, Hedges Law, said: “The risk of cyber attacks is on the rise with 39% of businesses reporting cyber attacks or breaches in the past 12 months. The legal sector is no exception. We were looking for a modern solution that delivers enhanced security from cyber attacks, simple implementation, comes at an affordable price and is easy-to-use on a day to day basis for our size practice. I’m happy to say that the products from Google and NEOWAVE delivered just that!”
Wayne Pollock, Partner, Cloudify Legal, said: “Modern cyber threats require modern defensive solutions. Chrome Enterprise and NEOWAVE offer just that. A reliable, secure by design and a super low-cost solution. Large corporations worldwide are abandoning traditional network security models in droves due to operational expense and the significant data / cyber security risk. Sadly, smaller law firms are still being mis-sold the traditional tech stack, often disguised as Cloud, Hosted or Managed Desktops. Vendors don’t push ZTN solutions because they would make no money. Further, no business or user in the world that runs Chrome Enterprise and a FIDO key has been breached with malware or ransomware. All [Law] firms should consider moving to ZTN and NEOWAVE’s keys. Don’t be fooled, you need both and vendors and IT staff will often disagree wanting to sell you complex and expensive solutions to achieve similar levels of cyber security.”
Jason Kent, Director, Open Seas, said: “The Winkeo FIDO key from NEOWAVE is a more secure alternative to an authenticator app. It introduces a physical element to your network, which makes it harder to crack by bad actors. An estimated 90% of security breaches are as a result of poor authentication, but with a FIDO secure key that falls to zero. Winkeo’s low cost means that businesses of any size can achieve this high level of protection.”
About Hedges Law
Hedges has an incredibly long history that spans four centuries. We’ve been around for two World Wars, 62 Prime Ministers and nine Kings & Queens but we wanted to show that despite our history and the hundreds of years we’ve been around, innovation and excellence is at the heart of what we do.
Our tagline is “Advice for Life”. This means being the legal advisor of choice for our clients and families, to support them throughout their lives with all their legal needs as they navigate through life’s experiences.
Hedges has embraced the benefits of cloud-based technology to enable their employees to work flexibly from anywhere, while providing the best service and advice to their clients. The majority of employees work from home but the firm still maintains office space/hubs for those staff that want to work from an office environment as well as allowing physical meetings with clients.
In May 2021, Hedges Law became Employee Owned. This means that each one of our employees is now a part owner of the business we are all so proud of.
About Cloudify Legal
After helping Hedges Law Ltd move from the expensive and inflexible ‘break and fix’ technology model to a low-cost, high productivity and profitability model, Wayne Pollock and Steven Blundell realised many small and medium-sized law firms needed help and formed Cloudify Legal. A year on, Cloudify Legal has helped 21 customers in the UK, US, Aust and NZ improve their productivity, profitability and data security. Cloudify Legal are Gold Certified partners of Actionstep, a leading cloud-based practice management system.
About Open Seas
Open Seas is a UK-based enterprise IT solutions company specialising in cyber security and data protection. Open Seas acts as a bridge between customers and best-in-class IT suppliers providing optimum solutions to their customers’ IT needs.
In addition to its 24×7 cross-platform MDR service, the company provides Privileged Access Management and Zero Trust Network Access solutions, file synchronisation, replication, and backup products.
Open Seas is an official UK distributor for Neowave products including the Winkeo-C FIDO2 security key, Winkeo U2F and Badgeo smart cards.
