Website Security & How It Affects Your Firm’s Email

Most law firms do not heavily invest or even think about their web presence. A majority of firms simply want a barebones website and whether their site helps them get business is an afterthought; in fact, many go with the cheapest website security and hosting plan that’s available. But what firms don’t understand is that in more cases than not, if you’re using a subpar website hosting service, your website will not only lack basic security features (such as a built-in firewall), but it will also share the same domain name as your firm’s email. This is an extremely important detail that can actually put your law firm under a tremendous amount of risk. But what’s a domain name, you say? Well, a domain name is simply what comes after the ‘@’ in an email address, and what comes after ‘www.’ but before ‘.com’ in a website address. So, for example, if you work at ABCLaw, your website would be www.abclaw.com and your email would be john@abclaw.com; in both cases, ‘abclaw’ would be your domain name. While this may seem innocuous on the surface, let’s use a real-life example to examine the serious drawbacks of having your website and email share the same domain name.

Like most firms, one of our clients had a website set up without any security or firewall built into it. Unsurprisingly, their website was soon hacked. As a result, their reputation, and more importantly, the reputation of their domain, had completely diminished on the Internet (and is continuing to get worse day by day). In fact, their reputation declined so much that the firm, whose website and email share the same domain name, stopped being able to receive emails entirely. Their domain was blacklisted by authorities on the Internet known as ‘houses’. These authorities manage spam and domain policy for the world’s top email service providers like Google (Gmail) and Microsoft (Outlook), and if your domain is blacklisted, it tells email servers that your emails are not legitimate and marks them as spam. The main takeaway from this scenario is that your website’s security and your firm’s ability to function are inherently linked, and once your domain is blacklisted, it is extremely hard to get it delisted. This can easily cripple your firm’s productivity and ruin its reputation permanently.

The staff at your firm should also be wary of sending out mass solicitation (sales, marketing) emails directly from their firm email address. If enough people mark their emails as spam, your domain will get blacklisted. Fortunately, email marketing services such as Robly or MailChimp can be used to send out such emails without risking the reputation of your firm. Additionally, website domain providers such as GoDaddy make the process of obtaining a new website domain quick and easy; the cost is usually minimal, too. All things considered, there really isn’t any excuse for your firm not to have a secure website with a unique domain name. As cybersecurity incidents continue to plague the legal industry, law firms should adopt best emailing practices alongside strict website security standards. Your firm’s entire reputation is on the line.