.

Law firms and other security conscious organizations traditionally operate out of closed, hard-wired networks, which provide physical security. Network access is typically limited to users physically located in the building. Requiring users to type in a name and password adds another layer of security to the network. Providing remote network access over telephone lines has added an entirely new dimension to the task of keeping client-critical information secure.
Conventional telephone systems are, by nature, public. Anyone can dial a number, and reach the "door" leading into a company's network. The primary concern of remote access security is to make sure that only known, authorized users can enter that door.
Network security can be seen as a series of layers of protection around the inner network. The levels are usually split between packet security, call security and user security. The layers are shown in the diagram below. While backbone LAN routers can implement the outer two layers, they cannot usually validate individual users; this has to be done by the host system. Terminal and communications servers, on the other hand, cannot usually verify at a packet level, but can, to some extent, implement the inner two layers. Lawfirms acknowledge their responsibility for security once a user enters their system. We assist them by incorporating security features into individual applications, as well as networks.
It is important to distinguish between authentication, the process that determines how users access computing resources, and authorization, the process of determining different access privileges among the user population. The final consideration is privacy, ensuring that only the intended audience views accessible data.
Remote access security is characterized by two defining trends -- the increase in the transmission of information over public networks (and the accompanying threats to the security of that information); and the advent of solutions that help enhance the security of an organization's data. As a result, organizations need to define and implement a level of security that is appropriate for their operational needs. This can best be achieved by analyzing the levels of security that are necessary for different kinds of enterprise information, and then configuring a solution that uses the appropriate combination of off-the-shelf and integrated security capabilities. KeyComm stands ready to help its law firm customers achieve that balance.

.