In part one of our Protecting Your Law Firm in 2019 blog, we talked about the biggest threats facing law firms in today’s virtually connected atmosphere. From phishing attacks to DoDS and ransomware, cyber threats are always lurking, and most of the time, they can be halted their tracks with minor security measures.
Much like getting a guard dog, even a small amount of cyber security can deter a hacker into skipping your enterprise on their list of potential targets. In part two of our series, we’re going to look at the small-scale, actionable steps you can take to protect your firm’s data. While we can’t recommend enough a major security retrofit, some attacks can be prevented with good policy.
One of the most important factors of cybersecurity is being proactive. A cyber attack can mean a loss of capital, loss of data, exposure of sensitive data, and more. However, the most costly will be the reputation of your company. A reputation can take years to build and a few keystrokes to topple. As much as a small leak of classified information can destroy decades old trust between a firm and it’s clients.
These steps below will guide you and your team to a safer and more secure tomorrow:
Believe it or not, this is probably the most crucial tip we have. Phishing attacks are by far the most frequent cyber attack on small or local businesses, and training your employees to know when a suspicious email is an attack could stop a crisis in its tracks. “A recent study found that 50 percent of all breaches stem from social engineering attacks (e.g., phishing emails) and insider errors.”
Creating a culture of cyber-consciousness should be the end goal for any business. Whether it’s hosting a lunch-and-learn cybersecurity training day or implementing policies to guide your employees to the safest practice when handling firm assets. Keeping small reminders on the walls or desk of the office space is another great way to reinforce and remind your workforce of the potential threats. Another is to feature cyber-security related articles within company memos or newsletters. (Like the ones we share on our social feeds) Anything that can keep security top of mind will encourage a smarter, more secure workplace.
Our 5-Minute Guide to Cyber Security is a great resource to have printed out or mounted somewhere in your office: https://jdlgrp.com/5-Minute-Guide-Cyber-Consciousness
Having set cyber rules for your employees is a great way to reinforce the importance of virtual safety. It’s not uncommon for an employee to misunderstand the the difference between a home computer and a corporate network, so setting specific rules to follow will deter a vulnerable employee from opening a can of worms.
Some policies to consider in your protocol include:
- Rules requiring strong passwords
- Periodically changing work passwords
- The use of two-factor authentication
- Forwarding files to personal emails
- Using encrypted removable storage devices (USB Drive)
- Immediately reporting suspicious activity.
- Regulations on software installed, browser used, extensions attached, etc
- Best practices for email
- Discouraging the use of unsecured networks (cafes, restaurants, airports, or hotels)
- Use of a virtual private network (VPN)
While many cyber attacks are after valuable data, some are purposely meant to be as destructive as possible, wiping out any data it can find. Having a reliable backup system is critical to ensuring you don’t lose any valuable data that can render your firm unable to continue business. Investing in a secure backup system will allow you to recover your files as quickly as they were stolen.
Updated Cybersecurity Plan
In our current technological atmosphere, innovation is abundant. New software and gadgets seem to pop up daily, and with them, come new opportunities for cyber threats. For this reason, it’s vital that your entire cyber defense be kept up to date. And we’re not just talking about software to keep your firm safe, you must be actively retrofitting your virtual infrastructure and education your employees to adjust to the rapidly changing space — think smart watch policy or even encrypting tablets.
Unfortunately, the volume of cyber attacks has been steadily increasing in recent years. With new technology comes a greater responsibility to keeping your business and employees safe. While these tips can keep you moderately secure, only a professional can design a custom defense to combat the full spectrum of cyber threats.
JDL Group Inc. provides all of the suggestions above and more through Unified Threat Management. One example is the FortiMail Secure Email, combining email security and data backups by utilizing the latest technologies and services from FortiGuard Labs. Fortinet also offers mobile carriers a strategic security solution, specifically addressing the scaling, performance, and connectivity needs in today’s mobile work atmosphere.
Contact us today for a 100% free cybersecurity consultation for your business!