Save for appearances in court, life as a lawyer is one that’s ideal for telecommuting. And amid the coronavirus outbreak, many attorneys are spending the brunt of their typical 9-to-5 schedules from the comfort of home rather than going to their workplace.
Given the kind of personal information that attorneys deal with on a day-to-day basis, the spike in remote work raises the risk of this same sensitive data falling into the wrong hands, an issue that has cybersecurity experts sounding the alarm.
During a recent webinar hosted by the American Bar Association, ABA Cybersecurity Legal Task Force Co-Chair Ruth Hill Bro warned of the potential perils law firms face should they not take the appropriate precautions.
“Cybersecurity is a moving target,” Bro explained. “Law firms are attractive targets and the risk of cyber breaches multiplies as more employees work remotely.”
Bro also noted the surge in malware viruses and websites that have been created over the past few months, each aimed at bilking people out of their money through misinformation campaigns.
Even though coronavirus restrictions are easing, remote work is here to stay, and may grow in frequency given that the shift in work arrangements for many law firms went smoothly. Here are a few suggestions to ensure the data that you and your remote staff handle is fully protected.
Take advantage of multifactor authentication
Multifactor authentication, or MFA, requires users to input several pieces of information before they can obtain access to a database. For instance, instead of only entering a username and password, MFA may also require answers to personal security questions (e.g. What is your mother’s maiden name?), fingerprint scanning or a code sent to an email address. These additional elements provide several layers of security, entailing more guesswork for would-be hackers.
As noted by Bro during the webinar, MFA enhances the protection of shared use servers.
Install antivirus software updates ASAP
Because cyberattacks are such an ongoing and pervasive threat, antivirus software developers are constantly releasing patches that address certain vulnerabilities. It’s easy to put these off, given they often take time to download. Try to avoid this if you can and get in the habit of downloading the patches as soon as they become available.
Check your Wi-Fi connection
When you click on the Wi-Fi symbol at the top of the page, you’ll likely see several networks that are in your immediate vicinity. If yours has a padlock next to it, that’s a good sign. If not, it means your network is free for anyone to log on. Even if you know your network is protected, get into the habit of checking it out on occasion; there may be instances in which the lock symbol doesn’t appear. If that’s the case, consider contacting your network provider to see what might be the problem. The issue may be confined to you or it could be widespread.
Be more discerning about access
Just because technology allows your staff to access information remotely doesn’t necessarily give them license to do so. In other words, if employees only need access to certain portions of a network to do their job, there is no point in granting more far-reaching access. As the U.S. Chamber of Commerce points out, setting access privileges can serve as a fail-safe mechanism by isolating network penetration so it doesn’t affect all users.
Back up your data frequently
Ransomware is quickly becoming among the most common ways cyberattackers obtain sensitive data. These can be devastating if you don’t have a carbon copy that can replace whatever is stolen. Here as well, make this process part of your daily or weekly routine, especially for information that may be compromising to your clients’ reputation should it be exposed.
At Afinety, we specialize in cloud-based solutions so your staff can continue their work in all environments. Leveraging the world’s largest cloud provider, Amazon Web Services, Afinety has the network protections that you, your clients and your staff can depend on. Contact us to learn more.