Cybersecurity 101 for Small Law Firm Lawyers

Take key steps to secure your law firm’s data and protect your confidential client information.

Cybersecurity is an issue of great importance to small firm lawyers. This is no great surprise, since lawyers have an obligation to preserve the confidentiality of client information. And as lawyers increasingly move their data into digital format, that obligation necessarily shifts to the firm’s data stored online.

Small law firms take many different security precautions in the name of client confidentiality. But, according to the most recent ABA Legal Technology Survey Report, the types of security measures used vary greatly from firm to firm. For example, the most common type of security tool used by lawyers is email spam filters with 87% of lawyers using it. Next is anti-spyware at 79%, firewall software at 77%, and pop-up blockers at 75%.

The Report’s data shows that lawyers take other types of security measures as well, including mandating the use of passwords (71%), scanning desktop/laptops for viruses(70%), scanning e-mails for viruses (69%), scanning firm networks for viruses (64%), and using hardware firewalls (57%).

Of course it’s one thing to track what other lawyers are doing to secure their firm’s data, but knowing what security steps to take for your firm can often prove to be challenging. Every law firm is different, and each presents its own unique security concerns. It’s no easy task to sift through all your options. So to save you some time, here are some easy steps you can take today to immediately increase your law firm’s cybersecurity.

Secure your online browsing

One of the simplest ways to increase security is to secure your online browsing experience using browser extensions. HTTPS Everywhere – a browser extension that is a joint project between the Electronic Frontier Foundation and the Tor Project – does just that. When whitelisted websites are visited, this add-on automatically rewrites HTTP links to HTTPS, resulting in a more secure online browsing experience.

Also consider using the AdBlock extension. This multi-browser tool removes ads (some of which can include code that tracks your browsing history and raises other privacy concerns) from the websites and social media platforms that you visit. Not only does AdBlock remove ads from your online experience, it will also save you lots of time, since you’ll no longer have to wait for the ads to load on the page.

Secure your online communication

These days, lawyers use electronic communication with their clients more often than not. For decades now, unencrypted email has been the communication tool of choice, but that’s beginning to change as more secure methods of communication are becoming available. This is especially so since the release of the ABA’s Formal Opinion 477 last year, in which the Ethics Committee concluded that unencrypted email may not always be sufficient for client communications. The Committee suggested that for particularly sensitive matters, lawyers should consider using encrypted email or online client portals, like those built into law practice management software.

However, since that opinion was released, encrypted email has been called into question after European researchers discovered major vulnerabilities in the PGP email encryption standard most often used to encrypt email. Fortunately secure client portals weren’t affected and continue to be a secure and convenient way for small firm lawyers to communicate and collaborate with their clients. So if you’re not already using them in your law firm, maybe it’s time to start.

Secure your online accounts

And last, but definitely not least, make sure to secure all of your devices – including all of your computers, smartphones and tablets – with strong passwords. The easiest way to do this is to use a password manager such as Lastpass, which will ensure that all of your smartphones and other devices are password protected. These tools will store your passwords via encrypted files – which you can then access from any device. They also automatically populate sites that you visit with the correct passwords and can also generate secure passwords for you.

Another important security measure law firms can take is to use two-factor authentication for your online accounts. It’s an easy and powerful way to protect your firm’s data because it adds an additional layer of security, making it that much harder for unauthorized users to access your online accounts.

So now that you know how to get started with securing your law firm’s data, what are you waiting for? Download a few browser extensions, choose the right client portal for your law firm’s communication and collaboration, and rest easy knowing that you’re already taking key steps to secure your law firm’s data and protect your confidential client information.