This security policy involves the security of Illinois Living Trust and Tuohy Law Offices. It consists of security objectives, guidelines for their achievement, and overall security management strategy and implementation of policies on crucial security mechanisms. Information security policy complies with EVS-ISO/IEC TR 13335 guidelines, models, and terms; the standards EVS ISO / IEC 2382-8 and EVS-ISO/IEC TR 13335 are used for information security terms.
The security policy is for all subdivisions of CBA and regulates interactions and relationships with the following subjects:
- Partners, customers, and subcontractors
- State agencies
- Media and public
1.3 SECURITY POLICY GOAL
Our security policy establishes the guidelines and procedures in the scope of assets that ILT employees must
know and comply with as a primary means of achieving security goals. Our security policy is the base for planning, design, execution, and security management.
1.4 SECURITY OBJECTIVES
1.4.1 Security of assets must be maintained to the extent that ILT can function normally and without interruptions in the case of most probable threats to achieve its business goals.
1.4.2 Asset availability, integrity, and confidentiality must conform to an above-average level of security.
1.4.3 Compliance with the security legislation (including copyright, personal information, state laws and regulations, and workers’ health and safety and fire safety requirements) must be ensured. To meet this requirement, some objects and processes must be protected with measures above the average level of security if needed.
1.4.4 Due to contractual and similar relationships with partners, security measures above the average level must be used to meet the requirements of objects and processes where appropriate.
1.5 SECURITY PRINCIPLES
1.5.1 Security platform provided by BridgePoint Technologies reduces the risk of viruses,
ransomware, and loss of sensitive information. This service is referred to as “Zero Trust,” and the specific platform is ThreatLocker.
1.5.2 Most cybersecurity protections are based on looking for, finding, and stopping threats. The problem is that cybercriminals are getting smarter and entering networks undetected, and bypassing legacy security systems.
End-users accidentally introduce threats by downloading various applications without validating them as authentic or trustworthy, clicking on links they shouldn’t, and opening infected attachments in emails. That’s why a new approach of blocking everything that is not trusted and only allowing those approved applications is a far safer and more comprehensive approach to ensuring malware does not end up on your networks.
1.5.3 ThreatLocker combines Application Whitelisting with Ringfencing and Storage Control in ways that make security simple. Zero Trust helps ensure that you and your device will not be exploited.
1.5.4 Controlling what software can run should be the first line of defense to protect yourself against malicious software better.
Ringfencing™ adds a second line of defense for applications that are permitted. First, by defining how applications can interact with each other, and secondly, by controlling what resources applications can access, such as networks, files, and registries. Ringfencing™ is an invaluable tool in the fight against file-less malware and software exploits.
1.5.5 Allowlisting has long been the gold standard in protecting businesses from known and unknown executables. Unlike antivirus, Allowlisting puts ILT in control over what software, scripts, executables, and libraries can run on our endpoints and servers. This approach stops not only malicious software but also stops other unpermitted applications from running. This approach greatly minimizes cyber threats by eliminating rogue applications from running on our network.
1.5.6 ThreatLocker® Storage Control is an advanced storage control solution that protects information. We have the tools to control the flow and access of data. We can choose what data can be accessed or copied and the applications, users, and computers that can access said data. By using ThreatLocker®, we control our file servers, USB drives, and your data. Most data protection programs on the market are butcher knife solutions to a problem that requires a scalpel. Blocking USB drives and encrypting data-storage servers can help secure our organization’s private data. However, these tools don’t consider that this Data needs to be utilized quickly.
1.5.7 ILT uses “Barracuda Email Security Service” – or “ESS.” ESS is a cloud-based security service that protects both inbound and outbound emails against the latest spam, viruses, worms, phishing, and denial of service attacks. Any items deemed to be illicit will be quarantined in the ESS platform. Due to the sophistication of hackers, it is essential to reduce the risk by preventing emails with dangerous attachments or links to infected websites.
1.5.8 Assets usage permissions are granted to the workers based on work-related needs.
2 SECURITY ORGANISATION AND INFRASTRUCTURE
2.1 Bob Fuhrman serves as our vCIO.
2.1.1 Our vCIO served as an IT Director in law firms for over 20 years, including a mid-sized national law firm with headquarters in Chicago.
He has extensive experience managing all aspects of IT in a professional services environment, including long-term strategic planning; vendor management; infrastructure design; backup, disaster recovery & business continuity; migration to cloud services; risk management; creating & managing a Help Desk, and designing ongoing training regimens.
3 PHYSICAL AND INFORMATION ASSETS
3.1 Critical Assets
This security policy mainly targets the security of assets listed in this section.
The following items must meet a medium level of availability and integrity: premises technical Infrastructure, power distribution, and other general-purpose utility systems equipment and tools used for maintenance.
and similar information, the disclosure of which could reasonably affect the normal functioning and competitiveness of ILT.
PBX (telephone exchange)
phone cabling and distribution devices telephones, including mobile phones, firewalls, routers, modems, wireless networking, and other data communications equipment
The source code of self-made software is confidential unless decided otherwise. Self-made software should be under
The following risks will be considered typical, and security
measures are based on this selection.
4.1 Spontaneous risks
Water and fire extinguishing damages, including stormwater, emergency pipelines, etc.
Fluctuations in power quality and plain blackout
Interruption of external communications
Loss of Staff
Penetration into the internal network from the public network
Distributed Denial of Service (DDoS)
Sniffing of an internal computer network
Interception of oral communication
Workers’ deliberate security breaching behavior, internal attacks
5 SECURITY MEASURE POLICIES
The implementation and management of essential security mechanisms must comply with the following policies and
encrypted mail messages.
workers) must be encrypted, and all confidential data on hard disks. Encryption keys must be duplicated in a safe backup.
randomly at least once a week
after the respective incidents.
6 SECURITY OF COMMUNICATION
6.1 Networking infrastructure
6.1.1 ILT network must meet the following two-level logical structure:
External network outside the firewall
Internal network inside the firewall.
7 NETWORK MANAGEMENT
7.1.2 All cabling (electricity, communications, telephone, alarm system, etc.) must be marked, documented, and hidden. Wiring documentation must include the exact location in the building, cable specifications (make,
capacity), wire marking (color, symbols, markings in distribution points, etc.), location, installation, repair times of distribution equipment, and the type of cables.
7.2 Internal network management
7.2.1 The company has one shared internal network.
7.3.1 Internal and external web servers must be located on different computers. 7.3.2 Besides the web serving, external web servers can only run FTP servers. 7.3.3 Mail server relay feature must be absent or permanently disabled.
7.4.1 Internal emails should not be sent outside the internal network (even in quoted form).
7.4.2 Mail sent to public networks must include the proper name of the sender.
7.4.3 Incoming and outgoing mail must be subjected to virus scanning.
7.4.4 Opening active contents (.EXE, VBS, etc.) in incoming emails are permitted only for security investigation purposes.
7.4.5 When possible, avoid sending documents in formats allowing macros.
7.4.6 Files attached to email must not contain parts of other files that do not show up with the viewer.
7.4.7 Our emails are protected by “Barracuda Email Security Service” – or “ESS.”
ESS is a cloud-based security service that protects both inbound and outbound emails against the latest spam, viruses, worms, phishing,
and denial of service attacks.
Many email threats today use social engineering tactics to target users and bypass email security gateways. We must stay ahead of cybercriminals to protect our business and your confidential data and documents.
Only Barracuda protects against all 13 email threat types.
Barracuda Email Protection provides the most comprehensive protection against all 13 email threat types, from spam and ransomware to socially engineered threats such as spear phishing, business email compromise, and account takeover.
Any items deemed to be illicit will be quarantined in the ESS platform.
Due to the sophistication of hackers, it is essential to reduce the risk by preventing emails with dangerous attachments or links to infected websites.
Once ESS has been activated, each user will receive email notifications once a day (or more frequently if so desired) listing messages which have been quarantined.
7.5 Phone calls
7.5.1 Transmission of confidential information by telephone is avoided, especially with mobile phones.
8 GENERAL SECURITY
8.1 Security of perimeter and zones
18.104.22.168 Corridor doors are self-closing and locked after hours.
22.214.171.124 The entrance to the building must be locked outside of working hours and only accessible by assigned key fobs.
8.1.2 Access to premises
126.96.36.199 Permanent employees are permitted access to the main entrance during working hours and, as appropriate, to
the premises of their workspace as their role requires. Internal rules govern admission at any other time.
188.8.131.52 The right to access other premises will be given when appropriate, but only during working time.
8.1.3 Other locks
184.108.40.206 Spare keys to all rooms are kept in locked fireproof cabinets or off-premises.
equipment to the table – for example, laptop security locks.
9 PERSONNEL SECURITY
9.1 Staff Selection
9.1.1 Candidates for vacant jobs are selected based on job requirements.
9.1.2 Each candidate’s background is checked from a security risk perspective.
9.2 Procedures for appointment
9.2.1 On appointing to the job, new Staff must carefully read the following documents and confirm their knowledge with
ILT security policy
internal rules of procedure
9.2.2 For contract workers, the appropriate security requirements must be included in each case.
9.2.3 Head of the department is responsible for instructing a new employee.
9.3.1 Staff will receive notifications via the intranet news.
9.3.2 Operative security information is distributed through the inner mailing list. In this mailing list, the following events must
security environment changes
recruitment and dismissal
changes and additions to the internal network security system
9.4 Procedures for dismissal
9.4.1 By the end of the last working day, the dismissed worker must return all assets to the ILT Department head responsible for the take-back.
9.4.2 By the end of the last working day, all means of access (keys) and credentials must be removed (change the passwords, remove from access control lists). The Department head is responsible for the take-back.
9.4.3 If necessary, the measures in 9.4.1 and 9.4.2 are taken immediately after the dismissal decision.
10 SECURITY OF DOCUMENTS AND STORAGE
10.1.1 Typical time for keeping archived materials is seven years.
10.1.2 In exceptional cases, which may result from the corresponding laws (Commercial Code, Law on Archives, rules for archival), or other considerations, the time is decided by the head of the sub-unit.
10.2 Keeping paper documents
10.2.1 Secret and confidential documents must be kept in a fireproof safe.
10.2.2 Any other documents to be archived must be stored in the archive room on shelves, in labeled folders and boxes.
10.2.3 The originals of technical documents must be kept in the archive.
10.2.4 Other non-public documents must be kept in closed cabinets or drawers.
10.3 Keeping storage media
10.3.1 Media with secret contents must be kept in a safe.
10.3.2 Other significant media is labeled and maintained in the archive.
11 BUSINESS CONTINUITY
11.1.1 Data and software
220.127.116.11 Work data is copied from the workstation to the server or through the server to the tape at least once a day.
18.104.22.168 From the server, documents, source code, and user home directories are copied to an external hard drive at least once a week.
22.214.171.124 Static data should be copied to tape at least once a year.
12 CHANGE MANAGEMENT
12.1 Security Monitoring
12.1.1 Operative monitoring
126.96.36.199 Security officers review audit logs at least once weekly.
188.8.131.52 On significant technical, organizational, legal, or other internal or external changes, possible security need
changes are identified.
12.1.2 Random security checks
Information security must be randomly checked in subunits at least once every two months.
12.1.3 Regular review of security is performed at least once a year.
12.2 Security policy modification
12.2.1 The security policy is changed if required by the security monitoring results (see 12.1).
12.2.2 The security policy is amended if the need arises from the appearance of a new version of the baseline security directory.
12.2.3 Security changes due to security policy changes are carried out within one month.
NOTHING IS MORE IMPORTANT THAN YOUR SECURITY AND PRIVACY
ILT is committed to keeping your accounts safe and your data secure. We are all fed up with our data being pirated and sold to telemarketers and our every move online being watched, monitored, and targeted by third parties. As a valued customer of ILT, we have your back and working to protect your valuable personal data.
You are trusting ILT with your data and financial information. We will work overtime to stay ahead of leading technology to improve and enhance your privacy and data protection continuously. And our Security Center will provide you with innovative resources to secure every aspect of your life.