Hedges Law’s aim was to achieve high cyber security with total remote working capability at an affordable cost.
The traditional model, which consists of a business’ own network, firewalls and hardware, requires a substantial investment and maintenance.
Hedges Law decided to take the ZTN approach with Google’s Chrome Enterprises and NEOWAVE’s FIDO secure keys to keep costs low without compromising security risk, following Cloudify Legal’s recommendation.
A ZTN is a security model which maintains strict access controls and does not trust any device by default, even if connected to a permissioned network.
The ZTN approach advocates mutual authentication and provides access to the network based on the confidence of device identity and device health in combination with user authentication
Google’s ZTN is predicated on a unique email address, and a reasonably secure password. By using Google’s Workspace service and sign in to Google’s worldwide network infrastructure, you are signing into a ZTN. The real power of Google’s ZTN sits with the option to enable and modify two-factor authentication (2FA).
Using a modern and secure version of 2FA with a physical secure key for each employee, Hedges Law has given its network an additional layer of protection from ransomware, malware and phishing attacks.
Hedges Law chose NEOWAVE’s Winkeo FIDO U2F via Oxfordshire-based distributor Open Seas. All 50 employees have been given the key and are required to use it in order to authenticate their log in when a new device or IP address is detected by Google.
NEOWAVE’s key has been chosen for its affordable price and its enhanced security as it follows the FIDO Alliance standards and prevents brute force, phishing and man-in-the-middle attacks.
Overall, Hedges Law saved £48,000 per year on their Network Infrastructure costs when compared to the nearest competitor without compromising security protection.
Implementation by Cloudify Legal of the Winkeo FIDO U2F keys and Chrome Enterprises system across the organisation took no longer than one working day.
Karen Edwards, operations director, Hedges Law, said: “The risk of cyber attacks is on the rise with 39 per cent of businesses reporting cyber attacks or breaches in the past 12 months. The legal sector is no exception.
“We were looking for a modern solution that delivers enhanced security from cyber attacks, simple implementation, comes at an affordable price and is easy-to-use on a day to day basis for our size practice. I’m happy to say that the products from Google and NEOWAVE delivered just that.”
Wayne Pollock, partner, Cloudify Legal, said: “Modern cyber threats require modern defensive solutions. Chrome Enterprise and NEOWAVE offer just that.
“A reliable, secure by design and a super low-cost solution. Large corporations worldwide are abandoning traditional network security models in droves due to operational expense and the significant data / cyber security risk.
“Sadly, smaller law firms are still being mis-sold the traditional tech stack, often disguised as Cloud, Hosted or Managed Desktops. Vendors don’t push ZTN solutions because they would make no money.
“Further, no business or user in the world that runs Chrome Enterprise and a FIDO key has been breached with malware or ransomware. All law firms should consider moving to ZTN and NEOWAVE’s keys.
“Don’t be fooled, you need both and vendors and IT staff will often disagree wanting to sell you complex and expensive solutions to achieve similar levels of cyber security.”
Jason Kent, director, Open Seas, said: “The Winkeo FIDO key from NEOWAVE is a more secure alternative to an authenticator app. It introduces a physical element to your network, which makes it harder to crack by bad actors.
“An estimated 90 per cent of security breaches are as a result of poor authentication, but with a FIDO secure key that falls to zero. Winkeo’s low cost means that businesses of any size can achieve this high level of protection.”