Technologist - The FindLaw Legal Technology Blog

How Much Digital Security Does Your Law Firm Need?

When it comes to cybersecurity, there is a delicate balance between annoying and asking to get hacked. While cybersecurity is important, there's no doubt about the fact that cybersecurity measures, like two-factor authentication, or obscenely long and complex passwords, are just annoying.

Unfortunately, when outsourcing cybersecurity, third party providers will always want to oversell. This has two primary benefits for them: 1) the more you buy the more money they make, and 2) the more cybersecurity you have in place, the less likely you'll have a breach which makes the third party look good. Knowing how much digital security your firm actually needs generally depends on what you're doing, but having a good basic understanding can minimally help you avoid getting soaked by third parties.

Wired to the Rescue

Fortunately for the Luddite lawyer crowd, Wired magazine has put together a handy guide to help people and businesses (thought it's not specifically tailored for lawyers, sorry folks, it's good). The three categories it created are Civilian, Public Figure, and Spy. Since most lawyers do operate in the public realm but aren't quite full fledged public figures, you'll want to read up on the digital security best practices for both.

The tips for Civilians are great for around the office, and especially for sharing with employees. The tips for Public Figures are good for those of you that run law offices and want to have a bit of added security and peace of mind when it comes to the firm's network and data. The tips for Spies are pretty much overkill unless you're litigating some straight-up conspiracy theory cases, or you get wind of the fact that you're opposing counsel is misusing their smartphone.

Train and Follow

Two of the most important aspects of any cybersecurity plan are to make sure employees are trained to use the security features, and that everyone actually follows protocol. Sending fake phishing emails to staff and doing staff digital security audits can be helpful in identifying what (or who) needs some special attention.

Related Resources: