New Partnership Taps Endpoint Modeling Techniques for Stronger Law Firm Security

By Chris DiMarco, Legaltech News

Observable Networks specializes in the creation of technology that can aid organizations in finding an overview of how all the endpoints tied to their system are being used. The St. Louis, Missouri-based company recently announced a partnership with Kraft Kennedy, a consulting firm that helps law firms of all sizes with technology issues. In joining hands with Kraft, Observable hopes to offer firms a way to better understand their systems and defend against threats.

Patrick Crowley, founder of Observable Networks, told Legaltech News that in the company’s early days, “We had some big wins with large law firms for some pretty natural reasons, which explains why the partnership with Kraft Kennedy will be such an effective one. It’s everyone’s responsibility in information security to not fall behind and the challenges and risks are evolving. Our perspective and technology makes us especially effective and we feel can future proof how organizations address those challenges, and this has really resonated amongst law firms specifically because if you think about the professional services they offer, they are arguably the most important form of information custodian today. They often hold the most sensitive and important information of their clients,”

According to Crowley, deep packet inspection, which analyzes network traffic in an effort to identify cybersecurity risks like malware, are commonly employed by organizations to monitor and assess the information traveling between machines on a network. But he said they are an “example of a technology many organizations and law firms use today, but also an example of a solution which has a value rapidly approaching zero given technology trends today.”

The trend obfuscating network monitoring methods is encryption, Crowley said. While encrypted data can aid in mitigating the risk that intercepted data can be used by cybercriminals, it also makes monitoring the data on the network that much more difficult.

Observable Networks differs from these older forms of security in that the company’s software is based on endpoint modeling, a type of data analysis that collects data to accurately predict not only the content on a network, but to identify end-point behaviors that may seem “off.”

“In endpoint modeling, for each device, server or computer in a customer’s footprint we essentially create a software simulation for each of the connection,” Crowley explained. “You can think of a one-to-one connection between the customer environment and the devices and simulations are run in real time. This allows us to automatically detect the presence of a device on the network and more importantly automatically discover and track the role that device plays over time. By tracking that role, we can determine if its say a partner’s laptop or a mobile device, a printer, etc. We can then also determine that if the role changes in some way we can ask ‘is there a problem here? Is this something a security analyst needs to look at?’”

With this method of monitoring and predicting network traffic, Observable Networks and Kraft expect to further prepare law firms and other organizations to proactively identify both internal and external behavior patterns that may indicate foul play.

“The solution from Observable Networks adds another layer of intrusion detection in the never-ending battle to secure networks,” noted Michael Kraft, founder of Kraft Kennedy, in the announcement of the partnership.