When it comes to law firms and IT systems, there’s no question that client data and case information are both highly sensitive and vital. Just as vital are your line of business systems — time tracking software, case management software, and other record-keeping and document management programs, all of which have sensitive data that must stay confidential and protected, but also be accessible for your staff anywhere, at any time.
The importance of implementing strong security measures to protect digital assets, including customer data, intellectual property, and proprietary systems cannot be overstated. Poor network security can lead to severe consequences, including significant legal liability. But how can you keep your NJ law firm’s data safe in today’s world of cyber theft and computing network breaches?
And, with your legal team working long hours, doing extensive online research and meeting tight deadlines for filing briefs (not always at the office), you need to make sure that all users have secure access to the firm’s files and systems.
That said, there are options to protect your law firm and your attorneys and paralegals when it comes to the practice’s computing network. These are our best-practice cyber security recommendations for your law firms IT systems, whether they are in your office or in the Cloud:
Firewalls. A firewall monitors all the traffic coming in and going out of your office to make sure nothing nefarious gets into your computing network. Ask your managed IT services provider about the type of firewall that makes sense for your law practice; be sure to select one that is ICSA Lab certified.
The firewall should also support current and future computing operations. A few things to ask about regarding a firewall are:
- Can it provide your mobile users with secure VPN connections (more on this below);
- Dual ISP capability for failover or load balancing;
- Ongoing tech support and security updates;
- Secure wireless access for your employees mobile devices.
Virtual private networks (VPNs). A virtual private network enables users to securely connect to your systems from anywhere via an internet connection—but without send information over the public internet. There are several kinds of VPN setups, with varying degrees of security and cost. Make sure your managed IT consultant explains the pros and cons of each type of configuration and authentication model so you make the best choice for your law practice’s needs.
Mobile device management (MDM) software. The world is increasingly mobile in terms of accessing files and transmitting data, whether through file sharing applications or email. The mobility issue (and the potential security risks associated with mobile devices) is exacerbated when your staff is allowed to use their own devices for work.
If you allow your law firm employees to use their own laptops, tablets, or cell phones to do their work, then you should deploy a mobile device management (MDM) solution to protect your business if a mobile device containing sensitive information is lost or stolen, or if an employee leaves the firm. If your employees use company-owned mobile devices, be sure sure to select MDM software that supports remote wiping and encrypts the data on its harddrive.
Enterprise-grade antivirus software. Law firms can’t be too careful when it comes to virus protection. Enterprise-grade antivirus software with automatic updates will ensure your computers have the most up-to-date viruse definitions to protect you against the ever expanding number of cyber threats. Enterprise AV also prevents your employees from turning off the AV software, which we find people will often do if they think it is causing their computer to run slow.
Manage those passwords. Password management is an often overlooked, yet very important part of data and network security. Strong passwords are case-sensitive, are at least eight characters long and include special characters. Require your attorneys and support staff to change their user passwords regularly (every 90 days is a good rule of thumb) and don’t allow them to reuse old passwords.
Also, make sure you provide your employees a place to securely store the passwords for the websites that you use to conduct business.
Nowadays, these measures are becoming common, basic precautions to protect a law firm’s digital assets that will help you avoid costly network breaches and maximize your profitability. We can help you and the partners at your firm understand your law firm’s security vulnerabilities and recommend these solution to maximize cyber security at an affordable price. Contact us today for an IT security assessment and to discuss the options for your New Jersey law practice!