A boutique litigation and M&A advisory firm in Midtown Manhattan — 22 attorneys and 15 support staff handling sensitive client matters across financial services, real estate, and private equity.
Attorneys and staff enrolled in managed IT and endpoint protection within 30 days
Security incidents or unplanned outages during two major client trials
Uptime maintained across email, file servers, and client-facing systems
Average IT issue resolution time — down from a 2+ day average
THE CHALLENGE
The firm’s previous IT arrangement was informal and reactive. Partners had deferred modernizing their environment because client work always took priority — but the cracks were showing. Workstations ran outdated Windows builds with inconsistent patching. Email was hosted on an aging on-premise Exchange server with no redundancy. Staff shared a file server with no meaningful access controls, giving a junior associate and a named partner identical permissions to client matters.
Their most serious exposure was one they hadn’t fully internalized: they handled privileged communications, M&A deal materials, and sensitive documents for clients in regulated industries. A breach or ransomware event wouldn’t just disrupt operations — it could trigger professional liability, client notification obligations, and bar association scrutiny. When a partner’s workstation was compromised via a phishing attack that exfiltrated two weeks of email, the decision to act was no longer deferrable.
WHAT SOLVED IT DID
Microsoft 365 Migration & Email Security
We migrated the firm off on-premise Exchange and onto Microsoft 365, establishing MFA, conditional access policies, and legal-grade email archiving. Phishing protection and email filtering were configured at the tenant level, eliminating the class of threat that had caused the firm’s prior incident.
Endpoint Protection & MDR
Microsoft Defender for Business was deployed across all 37 endpoints, backed by MDR monitoring that flags threats in real time. Legacy antivirus was removed and patching brought current — with ongoing management to keep it there.
Remote Access & File Permissions
The legacy VPN was replaced with secure, zero-trust remote access integrated with Azure AD. File permissions were restructured around roles — attorneys, partners, and support staff operate in properly scoped environments. Privileged documents are no longer accessible by anyone with a login.
Managed IT & Cyber Insurance Documentation
The firm is now on a flat-rate managed IT plan covering all support, monitoring, and patch management. We documented the full security posture and helped their insurance broker update the cyber policy based on actual controls in place, resulting in a premium reduction at renewal.
The Results
- All 37 endpoints enrolled in endpoint protection within 30 days
- On-premise Exchange retired — firm migrated to Microsoft 365 with legal-grade archiving
- MFA enforced on all user accounts with conditional access policies in place
- Legacy VPN replaced with secure, zero-trust remote access via Azure AD
- File permissions restructured by role — no overprivileged access across shared drives
- Cyber insurance premium reduced after security posture documentation submitted to broker
