Executive Summary
Technology has changed every aspect of practicing law, from landing clients to branding firms. Today, lawyers can work anywhere and at any time. This freedom comes with significant risks. Hackers, thieves and predators abound. Data can be lost or compromised in nanoseconds. Smart firms are vigilant about securing their systems, safeguarding financial accounts and protecting client information.
Don’t be Cyber Exposed
Cybersecurity is an imperative. Internet wrongdoers go after law firms as sources of valuable data and “back door” conduits to even more lucrative targets like banks and financial institutions. Avoid disaster through good risk management.
Alta Pro Practice Pointers
- Invest in cybersecurity. Bring in experts to set up your systems and train your staff. Stay educated. Limit access to online banking. Conduct regular audits of case and financial databases to detect potential breaches.
- Have a written cybersecurity policy. Develop procedures and guidelines on using and protecting firm IT. Create mandatory protocols for passwords, two-factor authentication, opening suspect emails, downloading to flash drives, doing online banking and taking laptops out of the office. Monitor compliance by everyone – especially senior partners who are ultimately responsible if something goes wrong. Add the cybersecurity guidelines to your Office Policy Manual.
- Do some research. The ABA publication Law Firm Cybersecurity is a valuable guidebook on preventing breaches and cyber attacks.
- Passwords, passwords, passwords. Here are some tips on creating strong passwords. Here is a strong password generator. And whatever you do, don’t tape your password to the side of your monitor.
- Keep systems safe. If you don’t have an IT staff, designate someone in the office to be responsible for maintaining program updates, installing security patches and running safety audits. Use ABA recommended systems and properly vetted vendors.
- Invest in case management technology. See more pointers here.
- Have procedures for remote access to firm systems. This is critical for virtual offices and firms where lawyers work from home. Install software to track when remote users log on and off. Use reliable cloud services (Box, Dropbox, MS OneDrive, Google Drive) for file sharing. Use encryption for transferring sensitive data.
- Beware of cyber scams. See more pointers here.
- Talk to your clients. Let them know their information will be kept safe and secure. Use your commitment to cybersecurity as a value-add to your professional service.
- Keep learning. Don’t delegate cybersecurity to your IT staff or an outside vendor. This is a firm management issue. Every member of the firm should know how to safely access data and use your case management systems. Compliance should be a condition of continued employment.
The Bottom Line: Cybersecurity begins before you buy your first computer by knowing the risks and understanding the need for safeguards.
What’s Next?
Have a question about cyber safety? Ask the Risk Pro!
Heads up!
This information is intended for informative purposes for members of Alta Pro Lawyers Risk Purchasing Group. It is not intended as legal advice. Lawyers should always refer to local and state rules and statutes for applicable standards and rules. These guidelines are designed to help lawyers avoid professional liability claims and are not intended for any other purpose. No legal or fiduciary relationship is intended to be created by receipt of this material.