I am trying to help set up a new law firm - sole practitioner. I need some recommendations on security and software.
Here is what I have done so far.
Single workstation laptop - Lenovo T480S upgraded i7 from 2019 with 16gb ram -
BitLocked hardrive, 12 key password rotated every 6 month login (no Microsoft account), 2-factor office 365 business account, 2 - 64gb bitlocked usb drive for on the fly data movement. All passwords stored in LastPass account, not bitlock keys.
Daily network backup (windows) to home desktop (3800x DIY workstation also bitlocked) and 4Tb HD (bitlocked) NAS with infinite file history saved. Automatic backup of the main hardrive and network drive to backblaze - continuously. All bitlocked keys are unique and backup stored in safe deposit box on additional bitlocked USB drive. This restore key to this USB drive is stored on two friends computer and printouts - we store each other keys, but no one know what keys go to which item for each user.
My network is Synology router rt2600ac at home as well as in the office (2 in mesh network) - standard password protects only, guest account with device logging.
Question 1)
What other security enhancement do I need for the computer system above? Do I need a more robust backup or individual file inscription? - any big gaps?
Question 2)
I need way get PDF’s signed and passwork locked though client email, ideally with a password locked or 2-factor type of signature system. I was thinking DocuSign through sharepoint, or adobe sign with PDF’s only. I need the documents locked after all signatures are complete and ideally password protected. I also need email logs of who opened the file and when it is signed. - I have no experience with this, but I need recommendations and help.
Question 3)
I am looking for an alternative to Zoom for video conferencing with clients that may want to share personal information. I have set-up Microsft teams meeting though office 365, but on a smartphone this requires clients to download the APP, which is a barrier for many. Ideally, I would find something that does not require my clients to download an phone APP. As a Necessity, I also have to setup a Facebook page as many clients want to talk through facebook messenger. I do not know how secure the video conference is - does anyone know either they record or monitor the audio - my gut is yes? I advise clients to not type anything on facebook they do not want to be public.
E_Bu_Te