Cybersecurity is one of the most important security measures that law firms must now consider. With more client data being handled over the internet, law firms are a prime target for cyber-attacks, which makes cybersecurity the biggest risk that law firms face today.
In 2012, the American Bar Associated made a change to the Model Rules of Professional Conduct, placing greater emphasis on law firms’ need for competence in technology. While these are model rules, open for interpretation by each state, 35 states so far (including Florida) have adopted this rule in one form or another. The model rule (Comment 8 to Model Rule 1.1) reads as follows:
 To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject.
What this means for you is understanding and staying on top of technology trends, cybersecurity, and how to protect your practice and clients is just as important as keeping abreast of any changes in the legal profession. This does not mean that you must be a technology expert, but knowing what you know (and more importantly, what you don’t know), can go a long way in securing your practice. Some states, like Florida, even require lawyers to accumulate 3 CLE technology credits per biennial cycle.
Everything from email to apps use passwords today, so having a way to ensure you are using a variety of strong passwords is key. Platforms like LastPass, 1Password and Passpack offer strong password protection, along with storing passwords so you don’t have to worry about forgetting them. When evaluating a password protection platform, ensure that users must type in their password, or that it is not stored locally on the computer or through your browser. A key component of these platforms is that the password to access it must be protected. Many will offer two-factor authentication, which will send you an email or text with a code that is only valid for a limited amount of time. If you plan on using this two-factor authentication, ensure your computer or smart phone is encrypted and has a 6-digit password.
Are you still saving files (including confidential client information) to a local server? If you are, you are putting those files at risk should a cyber attack happen. Instead, consider switching to saving your files to the cloud. The advantages to cloud computing are endless, but here are some of our favorites:
While email is great for internal communications, communication with clients should be more secure than email. Web-based client portals are ideal for sharing sensitive documents, communicating securely with clients, and store all that communication in one central place that is easily accessed by both lawyer and client.
Are you ready to start investing in technology to protect your practice and your clients against cyber-attacks? We’re ready to help you understand the financial investment these protections require. Contact us today to see how we can help you leverage your finances to increase your practice’s cybersecurity.