Home Computers & Ransomware During COVID-19Read more
Protect Your Law Firm From Cybersecurity
Cybercrime should be a primary concern for legal offices – according to Coveware, legal firms were cybercriminals’ top choice for ransomware targets in the first quarter of 2019.
How well protected are you?
What Does The Average Law Firm Cybersecurity Include?
According to the ABA Legal Technology Report, legal firms use a range of cybersecurity measures at varying rates:
- Spam filters – 87%
- Anti-spyware – 80%
- Firewall software – 79%
- Pop-up blockers – 75%
- Desktop and laptop virus scanning – 73%
- Email virus scanning – 69%
- Mandatory passwords – 68%
- Network virus scanning – 66%
- Hardware firewalls – 57%
Less than half of surveyed firms use security measures such as file encryption (46 percent), file access restriction (41 percent), email encryption (38 percent), intrusion detection (34 percent), intrusion prevention (33 percent).
Why Is Basic Cybersecurity Not Enough?
As you can see, cybersecurity standards among law firms can vary greatly. Less than 70% even bother to require the use of passwords.
Unfortunately, even for those that do, passwords are not enough. You, like many other lawyers and legal offices, may think that passwords will keep you safe. They’re the most common form of cybersecurity, with over 90% of surveyed lawyers in the ABA Legal Technology Survey Report stating that they password-protected their laptops and computers.
However, consider the fact on a regular basis, large caches of logins and passwords are discovered for sale online. Most recently, 773 million emails and 21 million passwords were posted for sale on the dark web.
If you use the same old passwords and repeat them across accounts, the process for using them against you is simpler than you might think:
- One of the dozens of accounts you use is breached
- Your account information (including the password, which is the same as the one you use on other accounts) is posted for sale on the Dark Web.
- A cybercriminal buys that info and uses the password to access other accounts you own.
This is why you need to do more to protect your law firm…
Do You Have 2-Factor Authentication?
A more advanced way to protect your data is to implement a 2-factor authentication solution.
Two-factor authentication, also called multiple-factor or multiple-step verification, is an authentication mechanism to double-check that your identity is legitimate. Its purpose is to make attackers’ life harder and reduce fraud risks. If you already follow basic password security measures, two-factor authentication will make it more difficult for cybercriminals to breach your account.
Answers to security questions are easy to find out, unfortunately, especially now that we are willingly sharing all the details about our lives on social networks and blogs. Anyone that interacts with you on a daily basis can find out the answers to common security questions, such as the graduation year, the city that you grew up in or your first pet’s name.
Even if you don’t give these out on your social media accounts, some can be found through public records, available for anyone who cares to look. Others can be cracked simply by entering common names.
This is where two-factor authentication comes in handy. It will offer you an extra layer of protection, besides passwords. It’s hard for cybercriminals to get the second authentication factor; they would have to be much closer to you. This drastically reduces their chances to succeed.
Need Assistance Deploying 2FA?
You may now understand how important a two-factor authentication solution is, but that doesn’t mean you have the time or knowledge to implement one at your firm. Allow William Ives Consulting to help.
Our team will help implement two-factor authentication for your firm, as well as an extended range of simple and robust security measures including firewalls, antivirus software, intrusion and gateway protection, and more. With our help, you don’t have to be worried about cybercrime in the legal industry.
Like this article? Check out the following blogs to learn more: