Three Avoidable Mistakes Lawyers Make Regarding Cybersecurity

January 9, 2018

Every day we’re seeing more and more threats to document security, and hackers are becoming increasingly creative with their attempts into systems. We can’t stress enough how important it is to secure all of your documents, your computer, and more importantly your firm and client’s information.

 

Don’t Rely on Basic Security Measures

… such as Norton Antivirus, or any generic virus protection software that came preinstalled on your PC. Firewalls, antivirus, and other security measures are good, but simply not good enough for blocking all traffic into your firm’s data. Hackers are using phishing to obtain access into data via email. Have you ever gotten an email that looks kind of strange, like an invoice for something that you don’t remember purchasing? Those emails are considered phishing.

Whatever you do, don’t open these emails. They’re a gateway for a really bad time amongst your firm. Phishing emails like the aforementioned often link to ransomware, and that can shut your firm down for days, sometimes weeks, unless you have a disaster recovery plan in place.

Phishing isn’t the only attack you should be worried about. These basic perimeter security measures will not stop a disgruntled employee from stealing, or even removing important data from your office. Paying for top notch security can prevent this, and even trace back where the breach originated.

 

Tier Employee Firm Data Access

Your entire firm should not be able to access all of the data within your office, only information pertaining to that employee and their specific cases. Having all of your data out in the open is extremely risky. Employees can accidentally delete, remove, or alter other employee’s documents. If a firm member opens a phishing email, not only will their data be infected, but having open access security measurements allow that hacker to access all of the data within your firm.

 

Back up Policies

Data Retention is largely overlooked when it comes to law firm security. Documents should be backed up to a separate server or document management system every day. Having your information backed up in several locations comes in handy if you need to recover data, or if your system gets hacked and you need to restore your entire computer to the earliest point possible. Client data needs to be a priority. Hackers are becoming more sophisticated than ever before, and without proper security channels in place, your firm is at a major risk.