Protecting Client Information from Cybersecurity Risks

Lawyers, whether you have your own firm or are working in a firm, have an ethical obligation to keep client information confidential. Digital data, often stored online, is also the obligation of the firm. Law firms need to have security measures in place, starting with the very basics of password protection to using encryption.

Password protection, especially for laptops, is required, but one report found that only 94% of lawyers in firms that have 10 – 49 attorneys have their laptops password protected. If the laptop is stolen and client data is on the laptop, a lack of a password exposes all of this data.

If you access files on your smartphone or tablet, as many on-the-go lawyers do, you need to also password protect your device. Solo lawyers are the least responsible in this case, with less than 9 out of 10 solo attorneys password-protecting their phones.

Solo Lawyers and a Lack of Security

Solo lawyers lack proper security measures across the board. These professionals do not incorporate password protection, and they do not take additional security measures, such as physical security measures, surveillance cameras, computer locks or even securing server rooms.

Solo lawyers can start with the basics, including:

·         Password protecting their data

·         Encrypting their data

·         Offsite storage with encryption

·         Key FOB access to hardware

·         Security alarms

Spam filters are key to stopping phishing attempts, and a simple firewall could help keep attackers from exploiting a security hole. If you’re the only one using an Internet connection at a firm, it’s easy for hackers to “sniff” out data.

Lack of security can lead to “Man in the Middle” attacks where a hacker “pretends” to be a router, retrieving and responding back to all requests. Utilizing this form of an attack, it’s possible to steal a variety of sensitive data, from credit card numbers to email addresses and passwords.

Websites using HTTPS can protect against this attack, or it’s possible to use an encrypted VPN. When using a VPN, you never have to ask what is my IP address? The VPN will route your requests through their servers to mask your IP address.

This masking allows you to stay anonymous online and reduces the risk of data interception when encryption is in place.

Cloud-based software solutions are another popular trend, with lawyers opting to put their trust in a software-as-a-service provider rather than their own hardware. The right online software will keep data protected through frequent updates and internal security measures.

Cloud-based solutions offer a hands-off approach to security and often offer better protection for data.

Using outside security experts can also help. These experts are able to assess current security measures at a firm and recommend better security measures to take. Solo lawyers have an even greater reason to take cybersecurity seriously: reputation. Lawyers that are just getting started need to be able to grow without the risk of a cyberattack. One attack is all it takes to ruin a solo lawyer’s reputation.

Through a mix of hardware, software and basic security measures, a solo lawyer can be as well protected as firms with 100+ attorneys.

Write a comment

Please login to comment

Remember Me

Become a Member

FREE online community for women in the legal profession.



Subscribe to receive regular updates, news, and events from Ms. JD.

Connect with us

Follow or subscribe