Keeping It Secure – Internet in a Bubble

Absolutely! Feel free to use YouTube, Twitter, Facebook and Gmail for business purposes at Kelley Drye.  As many firms struggle with internal access to these services for their employees, Kelley Drye has figured out how to satisfy employees and firm management by establishing a secure secondary path to the Internet in a bubble which they call Wild West Internet.

This inventive access was discussed at the “Keeping It Secure – Internet in a Bubble” session at the ILTA LegalSEC Summit 2015.  Judi Flournoy, CIO at Kelley Drye described the evolution of how they reached the Wild West Internet.   In part, the genesis was an outgrowth of a 300 part questionnaire request from a financial institution client.  With the significant restrictions the financial institutions placed on access they were forced to change their Web access policy.  The first iterations proved extremely draconian.  No access to personal email or social media was permitted. This met with incredible backlash from the staff.  In fact, there were attorneys in tears of frustration and anger, expressing feelings of disconnect from the outside world.  Peeling back the policy, the revised policy instituted individual access to those cleared by Human Resources on a one off approval basis.  Soon thereafter, throngs were making this request which became problematic.

Ultimately the solution and final policy decision involved creating a separate browser experience for users when they accessed YouTube, Twitter, Facebook and Gmail for business purposes.  With the assistance of Lisa Stone and Thomas Moreo from Cornerstone Information Technologies, they built a perimeter network which sat within their larger network but behind an additional firewall.  Thus they were able to safeguard all of their primary systems and establish a walled garden where people could access those services.  There were multiple safeguards put into place including that fact users could not print, download or cut and paste back into the primary network.  Users agree to these in principle and understand the limitations, but both those users and the firm found this to be a perfect halfway point.

For more granularity on instituting this please see the following:

  • They used an ASA Next Gen internal firewall creating an outer perimeter – DMZ
  • Citrix ZenApp
  • Read only domain controller with shares for profiles
  • MacAfee with all of the blocks associated for pornography and gaming sites
  • Blocked: printing, downloads and the ability to cut and paste back to the firm environment
  • Loaded MS Office in the environment so people could still read Word/Excel
Advertisements
About Joseph Raczynski (92 Articles)
Joseph Raczynski Legal Technologist/Futurist Joseph is an innovator and early adopter of all things computer related.  His primary bent is around the future of law and legal technology. He also focuses on several fields including machine learning, mobile, security, cryptocurrency, and robotics (drone technology). Joseph founded wapUcom, LLP, consulting with companies in web and wireless development.  As a side project DC WiFi was created to help create a web of open wireless WiFi access points across cities and educate people about wireless security. Currently he is with Thomson Reuters Legal managing a team of Technical Client Managers for both the Large Law and Government divisions.  Joseph serves the top law firms in the world consulting on legal trends and customizing Thomson Reuters legal technology solutions for enhanced workflows. He graduated from Providence College with a BA in Economics and Sociology and holds a Masters in eCommerce and MBA from the University of Maryland, University College. You can connect with Joseph at JoeTechnologist.com or JosephRaczynski.com or @joerazz

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: