Anticipating the Worst-Case Scenario
Helping a client address unrecognized IT Risk.
ACS was approached by a major, Boston law firm which was interested in obtaining information on our services. As part of the introduction, we offered to conduct an audit of the company's current IT platform and to provide a comprehensive assessment. What we saw and communicated to the firm's leadership team heightened its awareness of its significant IT vulnerability and ultimately led to our providing it with the managed-IT services it needed.
What our Audit Uncovered
Our audit of the firm's IT posture, which took place after normal business hours, identified a number of significant risks of which the firm's management was completely unaware.
Our audit revealed:
- The firm had no IT plan
- The legacy servers and PC's were out of warranty
- The network had not undergone required security and software upgrades in several years
- The platform, in general, had not been managed according to industry-standard best practices
- The firm's data was extremely vulnerable to security breaches; their sensitive data was not being maintained in conformance with regulatory and industry-standard compliance protocols
- The email system lacked a remote back up, was corrupted and on the verge of crashing
In addition, we learned that a single IT technician had complete responsibility for the network and that, based on his past attitude and performance, the firm's confidence in his capacity to behave as a reliable and vigilant protector of its data was very much in question. This issue rose to the level of acute concern when we were unable to access the firm's data room during our weekend audit because the technician was the only person who had a key and who had the network login credentials.
Get your Own PDF Version of this Case Studay.
We worry about your IT so you can focus on your bottom line. Sign up and get this Case Study and other similar ones directly into your inbox.