8 Simple Cybersecurity Tips for Law Firms
Cybersecurity is more critical now than ever before. Not only are law firms storing more data, but since the pandemic has forced us all to become increasingly mobile it’s even more of a challenge to keep clients’ sensitive information safe.
So what can you do? It’s important to educate yourself and your colleagues on cybersecurity to ensure that your law firm’s data is properly protected (After all, you are only as strong as your weakest link.) Here are eight simple cybersecurity tips that all law firms can follow to make sure nothing gets into the wrong hands:
Tip #1: Make sure all devices are protected with a password or passcode.
One of the most basic rules of cybersecurity is to protect your mobile devices with a password or passcode. This includes both your computers and mobile devices. This way, if your device gets lost or stolen, it will make it much harder for anyone to access your sensitive information.
At a minimum, your phones and computers should require a login password or passcode. Additionally, you should be setting the screen to lock automatically after a certain amount of inactivity. On your phone, this may be a minute or two. There are security settings for computers that will lock your machine once the screensaver turns on, requiring your password to unlock it. We highly suggest doing this.
If possible, try to avoid those Android “drag a pattern with your finger” passcodes. If a malicious actor were to hold your screen up to the light at a certain angle, the path traced over and over again by your finger might be visible.
Tip #2: Use good passwords.
The two most common passwords, year in and year out, are “123456” or “password.” Every year they jockey for first and second place. Between those two and a user’s birth or anniversary date, you have a solid shot of guessing someone’s password. This is a cybersecurity nightmare!
We all get nagged about passwords and are familiar with the basic rules: use upper and lowercase characters, numbers, and punctuation. But there are ways you can make a password even stronger: You can have a “base” password that you extend uniquely for each site you visit. For example, perhaps your passwords always start with M@ry4, but for your bank it’s M@ry4Bank! and for your email it’s M@ry4Email!.
Tip #3: Utilize two-factor authentication.
For another layer of protection, two-factor authentication is a great choice (in a couple of years it may be standard and not a choice at all). Here’s how it works:
You log into an application via your username and password.
You then type in a dynamically generated code that is sent to your smartphone (or a key fob).