Va\\lue of e-safebusiness solutions

410 views

Published on

Acceptable Use and GRC provision in UK Legal Firms

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
410
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Va\\lue of e-safebusiness solutions

  1. 1. Acceptable Use PoliciesBalancing Productivity and Compliance “Employees expect personal internet access at work. This raises security, productivity, HR, compliance, bandwidth and legal issues which cross multiple departmental boundaries” “Organizationsneed to create, implement and monitor an Acceptable Use Policy (AUP) which governs the use of company infrastructure and which is backed up by both effective tools, regular monitoring and comprehensive training” “This presentation discusses some of the background issues that affect the management of a balanced AUP which employees understand and works with Risk Based Regulation” Knowledgeframe e-safe business
  2. 2. Acceptable Use PoliciesBalancing Productivity and Compliance As society becomes increasingly connected so professional service firms have to adapt to, and take advantage of, the business benefits of online communication, connectivity and collaboration. Email VOIP Professional Services Firm Mobile Phone Web Conferencing Instant Messaging Social Networking
  3. 3. Acceptable Use PoliciesBalancing Productivity and Compliance Clients are more demanding This change is accelerating, its scope is broadening and its impact is global. Regulatory pressures are escalating Competition is fierce and recruitment is increasingly difficult
  4. 4. Society is hooked on all-pervasive, always-on connectivity. The boundaries between work, social and leisure time are becoming nonexistent. Internet Mobile Phone Web Conferencing VOIP Social Networking I.M. PDAs E-mail
  5. 5. The Organization Productivity For most of us, not having online access would severely impact our productivity. For a growing percentage, full time, instant, multi-device connectivity is mission critical. Connectedness Connectedness provides a huge competitive advantage particularly if governed by an ITC Acceptable Use Policy which is integrated into its business vision and strategy.
  6. 6. The Organization Demographics At the same time workplace demographics are changing Existing staff members are being replaced by a new generation of knowledge workers Connectedness They have never known a world without the internet, Google, Facebook, YouTube, text messaging and camera phones, they are naturally collaborative and connected.
  7. 7. 60%
  8. 8. The Organization Demographics In order to compete for this valuable talent base every organization has to offer an always on, connected, collaborative environment At the same time workplace demographics are changing Connectedness It has to support the way in which the “everyone, everything, everywhere, connected” generation, live and work.
  9. 9. VOIP Web Conferencing Text Messaging In today's environment workers use social networking sites and online communities for business communications 60% 60% use social networking sites at work 5% 10% 25% Whilst no one doubts that connectivity, communication and collaboration tools dramatically increase knowledge worker productivity there is the realisation that these same tools increase business risks for the employer.
  10. 10. These changes will have a profound effect not only will you have to understand and manage these new connectivity tools but also: Manage the behaviour of users
  11. 11. These changes will have a profound effect on firms, not only will they have to understand and manage these new connectivity tools but they will have to: Manage the behaviour of users balance security and network reliability
  12. 12. These changes will have a profound effect on firms, not only will they have to understand and manage these new connectivity tools but they will have to: Manage the behaviour of users Maintain employee productivity and safety balance security and network reliability
  13. 13. These changes will have a profound effect on firms, not only will they have to understand and manage these new connectivity tools but they will have to: Manage the behaviour of users Ensure compliance with regulatory rules and guidelines. Maintain employee productivity and safety balance security and network reliability
  14. 14. The risks fall into two main categories: Reputational Damage for example, the loss of client data, IP contravention, breach of data protection law, negative tweets & blogs HR Issues In particular the employees’ right to work within a secure, regulated and protected online environment together with developing policies and strategies which help connected employees maintain a work/life balance.
  15. 15. “Organizationsneed to develop a strategy, driven by the business needs of the practice which balances increased regulation, enhanced security and improved productivity with the social and work needs of permanently connected employees.”
  16. 16. Both Lexcel V4 and Risk Based Regulation from the SRA impose additional monitoring and reporting burdens on law firms. Lexcel V4 SRA
  17. 17. Both Lexcel V4 and Risk Based Regulation from the SRA impose additional monitoring and reporting burdens on law firms. Lexcel V4 Regulatory Burden SRA
  18. 18. Both internal governance and exterior regulation impose additional monitoring and reporting burdens . Internal Regulatory Cost Regulatory Burden Regulation in particular appears to be moving away from the “yearly snapshot” approach to a continuous monitoring model with a form of credit scoring applied in real time. External
  19. 19. This impacts costs and possibly even ability to attract clients and recruit talent. There is, therefore, a direct link between a clearly written Acceptable Use Policy, continuous compliance monitoring and profit.
  20. 20. Being compliant is a business imperative. However monitoring and managing ongoing compliance together with reporting to regulators has the potential to take up valuable management time. e-safe business reconciles Acceptable Use with Lexcel V4 and Risk Based Regulation to provide a largely automated monitoring, managing and reporting environment which addresses the issues facing growing law firms adapting to the new regulatory environment.
  21. 21. Client Confidentiality Data Security Avoiding discrimination AUP E-safe Monitoring & Reporting Strategic Risks Operational Risks Regulatory Risks Business Management Equality & Diversity Risk Based Regulation e-safe business reconciles the Acceptable Use Policy with Risk Based Regulation to provide a largely automated monitoring, managing and reporting environment which addresses the issues faced in addressing the ever expanding regulatory environment.
  22. 22. Lexcel/LSC/SRA 01.Lexcel V4 Strategic Risks Operational Risks Regulatory Risks Lexcel V4 4A.4 e-mail policy 4A-5 website use 4A.6 internet use AUP E-safe Monitoring & Reporting There is overlap between Lexcel, LSC and SRA rules and guidelines. e-safe business from eSafe Systems
  23. 23. Lexcel/LSC/SRA 01.Lexcel V4 Strategic Risks Operational Risks Regulatory Risks 02.SRA Business Management Equality & Diversity Risk Based Regulation Lexcel V4 4A.4 e-mail policy 4A-5 website use 4A.6 internet use AUP E-safe Monitoring & Reporting SRA Rule 5.01(1)g Rule 5.01(1)h Rule 5.01(1)i There is overlap between Lexcel, LSC and SRA rules and guidelines. The Acceptable Use Policy and e-safe business, work together to manage this relationship. e-safe business from eSafe Systems
  24. 24. Lexcel/LSC/SRA 01.Lexcel V4 Strategic Risks Operational Risks Regulatory Risks 02.SRA Business Management Equality & Diversity Risk Based Regulation Lexcel V4 4A.4 e-mail policy 4A-5 website use 4A.6 internet use AUP E-safe Monitoring & Reporting LSC Rule 3 Rule 8 Rule 9 SRA Rule 5.01(1)g Rule 5.01(1)h Rule 5.01(1)i 03.LSC Client Confidentiality Data Security Avoiding discrimination e-safe business from eSafe Systems
  25. 25. E-safe business improves productivity, reduces risk and improves security by modifying user behaviour.
  26. 26. E-safe business improves productivity, reduces risk and improves security by modifying user behaviour. User Monitoring – The User Monitoring Module monitors all information displayed on the workstation screen, within a Windows environment including: Applications Chat Internet Browsing Email Instant Messaging The Operating System
  27. 27. E-safe business improves productivity, reduces risk and improves security by modifying user behaviour. Activity is compared with built in “Threat Libraries” which look for: Cyber bullying, Cyber slacking, Predatory behaviour, Drugs, Race, Hatred, Sex, Dating, Hacking, Bypassing firewalls & proxy avoidance, Propaganda, IP theft & copyright infringement.
  28. 28. E-safe business improves productivity, reduces risk and improves security by modifying user behaviour. Image Control – Image Control intercepts images, before they are displayed on-screen and determines the images acceptability for display. This provides the greatest protection from accidental or deliberate access to inappropriate images. Image control can also block images introduced onto the network via USB or email.
  29. 29. E-safe business improves productivity, reduces risk and improves security by modifying user behaviour. USB Device Management – USB device management controls the use of: memory sticks, digital cameras, MP3 players and mobile phones whenever an attempt is made to connect them to the network helping to prevent data theft and the introduction of viruses, worms and Trojans.
  30. 30. e-safe business improves productivity, reduces risk and improves security by modifying user behaviour. Training – Deploying e-safe is not, in itself, sufficient to provide the level of control or changes in behaviour necessary to ensure your AUP is adhered to and ongoing regulatory compliance maintained and improved. It’s important that everyone in the organisation understands the reasons why e-safe business has been deployed and how non compliance with rules impacts reputation, costs and profit. e-safe provides comprehensive training showing how to introduce e-safe business and configure it to provide the level of protection you need.
  31. 31. e-safe business can be installed onto your network Or provided as a managed service from our UK based servers with fully qualified and accredited support

×