Cybersecurity checklist

RICHARD WEINER
Technology for Lawyers
Published: November 18, 2016

Cyber is important. And so is, you know, cybersecurity, which is finally rising toward the top of the topical topics discussion list in the mainstream media.

The Wisconsin Lawyer, a leader in discussing lawyer cybersecurity, recently posted a useful seven-pronged checklist for attorneys to use for making sure that their data is secure from snoopers. I know I talk about this all the time, but I also think that posting checklists like this is a handy way of encapsulating this information.

You need to start by taking an overview of what is at risk. There are numerous ways that data can be compromised and used, causing anything form financial damage to violations of attorney-client privilege. So the overview here is of activities that a law office should take to at least try to minimize a wide range of potential problems.

Do all of these, or take risks that you don’t need to take.

First, keep out intruders through firewalls. These can be physical or software-based, and range from the simple firewalls that came with your computer to very sophisticated IP-based mechanisms.

Next, use anti-malware software. I use Malwarebytes, which is very popular and really inexpensive. It is also a cross-platform app. Add this app in to your antivirus software (I use Kaspersky for my phone and AVG for my computer), and, really, don’t spare any expense for your antivirus. Also, use ad blockers, because malware can come in through ads or click-through banners.

Keep all software and operating systems up-to-date. Patches can come at any time, and they all need to be installed in time. You may need to do this virtually on a daily basis, but you have to do it.

Use strong passwords, and change them often. Make use of password generators and managers. Do not keep your passwords anywhere near your computer or in your purse or wallet.

One tip not in the Wisconsin Bar publication that I have to mention: Encrypt all data, including all documents and emails.

Back up all data every single day. Period. Do it either off-site or to a storage unit not attached to the internet.

Practice “safe surfing.” Use Ghostery or another anonymous-type browser, only go to secure, known websites, don’t download anything from the internet, etc. etc.

Last, be open to learning and changing dangerous behavior. Talk to outside techs regularly to make sure you’re doing everything you can.

[Back]

The Akron Legal News • 60 South Summit St. • Akron, Ohio 44308 • Phone: 330-376-0917 • Fax: 330-376-7001