Cybersecurity: for lawyers in 2017, it’s a top-of-the-mind issue. Lawyers know that without utilizing technology, it’s difficult for them to compete – especially solo and small firm lawyers. But complying with ethical obligations is a must. So what’s a lawyer to do?
For starters, as I discussed on my recent post about cybersecurity at Above the Law, learn about technology. After all, lawyers in the majority of jurisdictions have a continuing duty to stay abreast of changes in technology now that twenty-six states require lawyers to maintain technology competence and Florida requires that lawyers to accumulate 3 CLE technology credits per biennial cycle. So in 2017 it’s important for you to make an effort to learn all that you can about legal technology; it’ll help you stay ethically compliant and it will benefit your law practice.
Next, utilize the cybersecurity tips I shared so that your law firm’s confidential client data is safe and secure.
First and foremost, secure your devices with strong passwords. Use a password manager such as Lastpass or 1Password and ensure that all of your smartphones and other devices are password protected.
And, if you have an iPhone, consider investing in an Apple Watch. In addition to its many reminder features and apps that are useful for lawyers, the Watch has a feature that helps you find a misplaced phone by causing the phone to emit a sound.
Stop using email
Email is an outdated mode of communication and it’s inherently unsecure. Emails are akin to sending postcards written in pencil through the post office, making it incredibly easy for those who have the know-how to intercept emails — and their attachments — and read them. After all, some jurisdictions have issued opinions warning against using email in certain cases, indicating that lawyers must balance the sensitivity of the information being discussed via electronic means with the security offered by the specific technology being used. (See, for example, ABA Formal Opinion 11-459 (2011) and Texas Ethics Opinion 648).
The good news is that there are now better, more secure communication methods available, with web-based client portals being one of the most popular alternatives to email. The cumbersome back and forth process of unsecure, threaded emails is avoided and is instead replaced by the ability to securely communicate in an encrypted, convenient, and controlled online environment.
Security in the cloud
Which brings me to the final recommendation: ditch your local server and move your law firm’s client files into the cloud. Your data will undoubtedly be more secure in the cloud than it is on your law firm’s old servers, which likely haven’t been maintained or updated with security patches in years. Simply put, for most solo and small law firms, cloud computing provides the most secure way to store and protect confidential client data.
So if you don’t know where to start when it comes to cybersecurity, these are just a few steps you can take today to improve your law firm’s cybersecurity practices.