During the month of February, we’re focusing on ways to tune up your IT to keep security levels optimal and your data safe. This week, we’re taking a look at how lawyers and law firms can improve data security to prevent that dreaded breach of confidential client data.
According to the American Bar Association, in 2009, the Federal Bureau of Investigations (FBI) warned law firms that they were being targeted by hackers. Even though exact numbers aren’t available, it’s been estimated that at least 80 percent of the 100 biggest law firms have had their data hacked. What’s the motive? Hackers are well-aware of the huge amount of highly confidential data that law firms handle, making law firms sitting ducks for data breaches.
So what exactly can law firms do to tighten up their security? We’ve summarized some of our favorite tips from the American Bar Association to keep your data safe:
- Stay aware. Don’t be lulled into a false sense of security. Just because a client hasn’t visibly been affected by a data breach doesn’t mean that it hasn’t happened yet.
- Be smart with your passwords. A password of at least 12 characters, with a mix of capital and lowercase letters, punctuation and numbers is safest. Never use the same password more than once and change them regularly. Never use the default username and password.
- Protect your hardware. Stolen and lost laptops are responsible for a large number of data breaches. Keep it and any thumb drives protected with a whole disc encryption, and backup and encrypt all files. As for your servers? Keep them under lock and key.
- Keep the malware away. For small law firms and solos, the American Bar Association recommends a single integrated product to deal with spam, viruses and malware like Kaspersky Internet Security. Large law firms should look into a service like Trend Micro.
- Train your employees. Make sure your employees know how to safely use social media, cloud computing and smartphones when dealing with confidential data. If an employee is terminated, cut off all access to data, passwords and other ways data can be breached.
- Consider cyber insurance. In case a data breach does happen, your law firm may benefit from cyber insurance. Shop around for an insurance policy that covers the cost of investigating a breach, taking remedial steps or notifying those who are affected.
A data breach may sound frightening, but if you stay ahead of the game and implement an IT security plan for your law firm, you’ll be able to mitigate most if not all consequences if your law firm is targeted.