Security and Risk

At Kelley Drye, data security is a priority. We understand cybersecurity and work vigilantly to protect our clients’ information. Hardware and software are fundamental components, but technology can only do so much—people are the real key to robust security.

Our approach to information security and compliance includes five integrated elements: software, hardware, managed services, education and certification. Our OnGuard Security Awareness program combines mandatory annual training for all attorneys, staff and professionals, monthly communications outlining specific types of threats, and just-in-time notification for immediate threats.

Kelley Drye is a member of the LS-ISAO, which is affiliated with the FS-ISAC, an information sharing and analysis organization. We achieved ISO 27001 certification on May 20, 2016, for our document management service, e-mail service, remote access services, mobile device management services and litigation and regulatory data services.

  • We employ a full complement of protective software programs, including anti-virus, anti-malware, e-mail spam filtering and advanced threat protection in e-mails that include links.

  • We have a dedicated security awareness team that manages and monitors all systems and operations around the clock.

  • Remote access to our systems requires two-factor authentication, and we use Enterprise Random Password Manager for elevated technical administrative access to all systems.

  • We conduct ongoing inspection of inbound traffic, with third-party threat analysis.

  • Our protective hardware assets include firewalls, intrusion detection systems and authenticated proxies.

  • We have a purpose-designed network that our attorneys, staff and other professionals use to access social and streaming media sites.
 

Our ISO 27001 recertification audit will be due before March 22, 2019.

security_right_v1.jpg