Cybersecurity: Why Law Firms Need to Reevaluate How They Get Customer Support from their Vendors - Aderant
  • Home
  • Blog
  • Cybersecurity: Why Law Firms Need to Reevaluate How They Get Customer Support from their Vendors

Cybersecurity: Why Law Firms Need to Reevaluate How They Get Customer Support from their Vendors

cybersecurity

Cybersecurity: Why Law Firms Need to Reevaluate How They Get Customer Support from their Vendors

by Jeff Flowers, Manager, Customer Support

If you frequent legal technology conferences, speakers often refer to external industry examples to make a point. Blockbuster is invoked for status quo thinking; Ford is cited for change management and today, we’re going to look at Target for cybersecurity.

In December of 2013, with the holiday shopping season in full swing, the retail giant Target disclosed its network had been breached. The adversaries had gained access through a third-party HVAC contractor working for Target. The vendor had access to a billing and project management system on the Target network.

In a fascinating multistep case study, CIO Magazine explained the attack was initiated with a spear phishing email aimed at the contractor. The threat actors then used the contractor’s credentials to gain access to the billing system. Next, they exploited a vulnerability in the billing system to perform reconnaissance, find targets of opportunity on the network and finally, tap additional IT credentials to steal data.

When the dust settled, some 40 million customer credit card numbers had been stolen. The company would pay $18.5 million to settle a multi-state lawsuit, let alone the cost of the investigation, problem remediation, legal fees and damage to the brand’s reputation.

To this day, the Target incident ranks as one of the most significant cybersecurity breaches in history.  It set off a new appreciation for the importance of cybersecurity because the impact is spread across not just your business, but also your suppliers and customers.

Law Firms and Third-Party Vendor Access

Law firms have come a long way in augmenting the protection of their networks and IT systems. Once labeled the “soft underbelly of corporate America,” law firms have doubled down on cybersecurity. Clients have demanded it too, as security audits are a routine part of the business development process today.

Cybersecurity is dynamic. Adversaries continuously change their tactics and firms need to evolve their security protections to match conditions. This includes re-evaluating how vendors gain access to law firm systems, especially when engaging customer support.

Here’s how the typical customer support request currently unfolds:

A law firm has a problem with an IT system and requests support from the vendor it bought the product from. The vendor takes details over the phone and routinely determines the support team needs access to the law firm system to triage and resolve the issue effectively.

Law firms usually have an internal process for authorizing this access, but it can take anywhere from hours to days to complete. While necessary under these circumstances, this wait can be problematic for a law firm if they have a pressing concern. For example, if a CFO calls about an issue with a billing system that’s holding up invoices, but the IT manager just changed the admin password before leaving for vacation – that can slow the time-to-resolution down a bit.

Such issues aren’t uncommon, but the vendor support team works through these obstacles as quickly and methodically as possible. Let’s say on average, it takes a law firm about a day to establish a time for the support team to remote into the system, diagnose the problem and fix it.

That process isn’t just slow, it is mostly ad-hoc and involves downloading bits of software from desktop sharing tools to enable access. It is, we believe, potentially susceptible to impersonation, spearfishing, and other social engineering techniques. Also, there’s no way to audit what happened after the support session has ended.

For example, if the firm has another issue a few days later and is convinced the vendor’s first intervention was the root cause, there’s no way to determine the ground truth one way or another. This means you can’t audit what was touched or changed on the system during that support system.

There is a better and more secure way to obtain customer support from your vendors.

Building a Dedicated Secure Channel for Support 

Enter SecureLink. SecureLink is a lightweight remote access tool that’s pre-configured in coordination with the law firm and the industry standard.

It’s not an Aderant product, but a tool we use to partner with our customers to deliver more responsive and more secure customer support. Partner is the operative word because it’s about establishing a law firm’s security ideals and providing a way for us to serve the firm within the scope of those ideals.

For a law firm, SecureLink is software that’s typically installed on the same server hosting the Aderant product, such as Aderant Expert, Spotlight or Handshake. Rather than being installed on each server, it only needs to be installed once within the client environment, and it takes just 20 minutes or so to install, configure and test. From there, it allows law firms to tightly control remote access so that our people can only access the Aderant applications you’ve authorized us to support.

On our end, we use a dedicated server that establishes a secure connection and segments access to personnel by role, product and need. Their access is also protected by two-factor authentication. When a firm needs support, that server gives our people a secure connection to the Aderant product.

For the benefit of our customers, there are documentation requirements for every remote session which are:

1) A reason – such as your request for support – for the connection is required;

2) A notification of the connection is sent to a designated person (or people if you wish) at your firm; and

3) The session is recorded and is completely auditable days, weeks or even months later.

It is a predetermined, dedicated and secure channel for Aderant to provide timely support to your firm, which reduces risk.

Not Just More Secure Support, Better Support

Security professionals will say cybersecurity isn’t an event or a checkbox on a client audit list – it is a process of continual improvement. Law firms do essential work for high profile clients, and security enhancements should include a re-evaluation of third parties that touch a law firm network – including customer and vendors.

Currently, about 20% of our law firm customers have partnered with us to provide support over SecureLink. We’ve even done completely new software installations – remotely – for new customers this way. From our perspective, we pride ourselves on providing exceptional support to our customers. This new approach is not only a more secure connection, but it’s also a way to markedly improve our service and support.

Recommended Reading:

Related Posts

legal software
Blog 
Friday Feature – Expanding Flexibility and Control in BillBlast’s Email Module
This week’s Friday Feature highlights the capabilities of the BillBlast Email Module, designed to empower firms to deliver invoices accurately and consistently, while accommodating the nuance required across clients, matters and internal workflows.
Aderant
Blog 
Aderant Innovate and the Discipline of AI Driven Engineering
AI is now embedded in modern software development. For Aderant, the priority has been applying it in ways that strengthen the engineering standards clients already rely on.
Aderant Momentum London 2025
Blog 
Momentum London 2025: Inside the Transformation of Legal Operations
The business of law is undergoing a structural shift — one driven less by sudden disruption and more by a steady, deliberate recalibration of how work gets done.