Do Law Firms Need to Worry About Cyber Security?
Don’t wait to get hacked to take the precautionary steps
Technology, like all innovation, is subject to those who will use it do unscrupulous things. So anyone doing business today, including attorneys, needs to be aware of the dangers of a cyber breach and related crimes. In fact, just a few short months ago, nearly 50 law firms found out the hard way just how important cyber security is when they became the victims of a group of Russian hackers. Although the targeted firms were ones that deal with the financial services and trading industry, the harsh reality of data theft is one that all lawyers need to be cognizant of and militant about. Here are some tips on how to handle cyber security:
1. Ditch the “Not Me” thinking
Everybody does it. But thinking that a cyber-crime won’t happen to you can be almost as dangerous as the crime itself. Every lawyer needs to be aware that the dangers apply to them and that information is not safe unless you take action to protect it. Although you may not consider your firm to be high tech, any files you have stored on your own servers or in the cloud are vulnerable.
2. Be vigilant about backing up
We all know the importance and value of backing up data. But if you get the least bit lax about it or you don’t have a system set up for regular back-ups, you could get into trouble. You never know when a breach will occur so it’s best to be prepared. If you use the cloud, make sure you’ve discussed your back-up options with your provider and that your data is replicated in different locations in the event that one of the servers is compromised.
3. Assess your system
If you have an IT department, it is a good idea to have your team do a thorough review of your computer system and network to determine risk potential. Hire a professional consultant if you don’t have your own IT team – it is just that important. Look at your encryption and who has access to what information in your firm. Remember that less is more; the fewer people who have access to confidential information, the lower the risk of an internal breach.
4. Consider two-factor authentication
Two-factor authentication is becoming more and more popular as data breaches become more common. Although it’s an extra step, using this method to authenticate users can help immensely in preventing risk to your online accounts. You are likely familiar with this process (even though you may not realize it), if you have a debit card.
The way it works is that there are two factors required to sign into an account; in the case of your debit card, it’s the card itself and your pin number. In most cases, the two factors are something the user has and something only the user knows. This process makes it harder for hackers because they need more than just the password to get in.
5. Train everyone on how to spot phishing schemes and scams
Your entire team should be trained on cyber security and stay aware of what scams and phishing emails look like. It only takes one click from a well-meaning but unaware staff member to break a huge hole in your security. Go over the common tactics used in phishing attacks and remind everyone never to open an email they are unsure of or to click on a link that doesn’t look right. One half of all Internet users receive at least one phishing email per day and these types of attacks cost businesses around the world more than $4.5 billion per year. Some tips to avoid opening a malicious email:
- Never click on a link or attachments from an unknown source
- Banks, credit card companies, and other financial institutions won’t ask you for your account information via email
- Phishers often use the words “urgent” or “your account has been suspended”
- Major brands and corporations won’t have spelling and grammatical errors (phishing emails often do)
- The IRS and other government agencies will never email you and ask for information
- Never give any personal information online
Attorneys, just like other professionals, are not immune to cyber-crimes. So if you haven’t taken any steps to protecting your data and your network, follow these tips. Remember, data breaches can happen at any time and when they do, you could be held liable for the loss of confidential client information, not to mention endanger your practice.
For more tips on improving your practice, be sure to visit our blog often. At Boss Reporting, it’s our goal to be your partner for all your court reporting needs and to be a resource of valuable industry information. And if you need a real-time reporter, give us a call at 954-467-6867 or fill out our online quote request form today.