Tactics to Keep Your Law Firm’s Data Secure from Hackers
Legal practices of all sizes continue to struggle with keeping their technology secure from hacking. Consider these statistics from SecurityInfoWatch.com:
- Security consultant Mandiant estimated that 80% of the 100 largest U.S. law firms experienced a computer breach in 2011 alone
- The International Legal Technology Association’s (ILTA) 2014 technology survey of more than 400 law firms determined that 54% of respondents didn’t implement any mobile device management systems to secure data on devices
Despite a common desire to keep clients’ data safe, many law firms are unfortunately falling short. Don’t wait until hijackers hold your data for ransom—use these tips to make your law firm’s data more secure, prevent potential lawsuits, and increase efficiency along the way.
Tip #1: Move Data from Servers to the Cloud
Still utilizing a server in the closet? Your legal practice may be opening itself up to hackers… not to mention slowing down tech performance and risking data loss. Move your law firm’s data onto the cloud in order to:
- Block hijackers and avoid viruses
- Access documents from any device or computer with internet access
- Save money by cancelling your network maintenance contract
- Update security features regularly (rather than dealing with hardware that is much harder to update)
- Increase data storage when needed
Some attorneys may be hesitant to move from a physical server to the cloud because they feel less secure with something they can’t see. However, the reality is that nowadays, cloud computing is more secure than antiquated technology stuffed into closets.
Note: With James Workspaces, migration from a server to the cloud usually takes just one evening, and then your desktop appears and works exactly the same as before the migration.
Tip #2: Immediately Block Ex-Employees
According to Bloomberg Technology’s report on reviews conducted by the Federal Bureau of Investigation and the Department of Homeland Security, companies victimized by current and former staff members often incur hefty expenses ranging from $5,000 to $3 million.
This cost doesn’t even take into account the risk of an employee hacking into social media accounts and damaging your law firm’s reputation, or the danger of stealing or sharing confidential client information.
Prevent expensive breaches; use technology to immediately shut out former employees once they are let go. For instance, with James Workspaces you can block ex-employees with just a few clicks and then easily add new workstations for replacement staff members in minutes.
Tip #3: Bulk Up Passwords
This one seems like a no-brainer, however, you might be surprised by how many legal practices still don’t make their passwords as strong as they need to. In fact, 90% of passwords can be cracked in seconds.
Norton claims that the best passwords contain the following elements:
- No personal information
- No real words
- Mixed characters like lowercase letters, numbers, and special characters
- At least 8 characters, though other experts recommend at least 12 characters (at James Publishing and Attorney Marketing, we recommend as many characters as possible)
Great passwords are the first line of defense when it comes to protecting your law firm’s data. Just because it’s advice that we hear all the time does not mean that it isn’t important or effective.
Tip #4: Prevent Staff from Downloading Viruses
With all the email phishing schemes and malware out there, your staff members could end up falling prey to hackers. That is why all team members should learn about the most common phishing scams and virus threats and how to avoid them. Here are just a few:
- Problem: Spear phishing, which uses highly customized messages on platforms like LinkedIn to lure people into providing information.
- Solution: Look out for “alarming” threats that could indicate a fake message, and avoid providing sensitive legal practice information on social media.
- Problem: “Whaling,” where hackers use an email address similar to that of a law firm partner to request data from others at the firm.
- Solution: Always ensure that the email address is correct and don’t be afraid of double checking suspicious requests with partners or their assistants before providing information.
The other part of the puzzle is boosting your technological strength to both ward off hackers in the first place and catch anything that may fall through the net. Check out the James Workspaces solution.
Tip #5: Employ Secure Collaboration Tools
Google Suite for Business is a set of collaboration tools that can make work more secure. It is totally HIPPA compliant and meets all state bar requirements. Some features and benefits include:
- Easily scheduling appointments using shared calendars (coworkers can look at each other’s calendars to determine open blocks of time) that can securely integrate with other tools like Gmail and Agile CRM
- Saving work to Google’s servers in real time, meaning you will never lose data
- Accessing documents via the internet—attorneys and support staff can work from laptops or other devices while remaining protected
- Assigning different permissions to various team members such as “view only” or “view and edit” for greater security
- Updating regularly with security patches
With the Google Suite for Business, your team members can safely collaborate with fewer emails back and forth… and less worrying about whether your important communications or documents will be intercepted. Best of all, a migration to G-Suite is included for free with cloud migration from the James Publishing and Attorney Cloud team.