December Insider Tip: Cybersecurity & Your Law Firm
In this month's newsletter, we are sharing an article that we think you will find useful, entitled "Cybersecurity 101: Best Practices Your Firm Should Implement" written by Jonathan R. Tung, JD of FindLaw Strategies.
Although it may be easy to dismiss the threat of cybersecurity, don't. The security of the information handled by your law firm really should be a top priority. These best practices listed below can help your firm avoid potential security disasters.
1) Be Educated on "Phishing" Scams
We've all heard of the Nigerian 419 email scam(s). These days, law firms are the targets of similar phishing letters; and the new variety aren't nearly as obvious as the Nigerian ones, either. Large law firms are usually the most common target for security breaches because they typically attract the most monied clients.
2) Review Third Party Contracts
According to a 2015 Forrester Research Survey of IT security and risk management professionals, organizations are more concerned about third parties inadvertently leaking data than they are about the vendor's ability to do the job as agreed. This means that any time your company signs a contract with a third party involved, the chances are that somebody is more concerned about potential data breaches than the contract itself.
3) Secure Your Website & Network
If you're still one of those companies that uses a free Wi-Fi network that allows guests to use it ... let's just say it's time to upgrade. All law firms should be using a Secure Sockets Layer protocol that has been "Heartbleed" proofed.
4) Multi-Factor Authentication
Multi-Factor Authentication has been around a while, but more companies are considering it. In addition to considering it for your firm, you should consider it in your personal life.
The major drawback to MFA or 2FA (Two-Factor Authentication) is its hassle. This security process requires another token that allows only the bearer of that key to access the site. It's possible to employ 2FA in your company; although, at this point, it's still a little maverick for law firms to do this.
Read full article here.