Contact Us Today to Receive a Free Dark Web Scan by our Team of Security Experts

Protecting Your Law Firm in 2019: Part 2

IT Support with two computers

Protecting Your Law Firm in 2019: Part 2

In part one of our Protecting Your Law Firm in 2019 blog, we talked about the biggest threats facing law firms in today’s virtually connected atmosphere. From phishing attacks to DoDS and ransomware, cyber threats are always lurking, and most of the time, they can be halted their tracks with minor security measures.

Much like getting a guard dog, even a small amount of cyber security can deter a hacker into skipping your enterprise on their list of potential targets. In part two of our series, we’re going to look at the small-scale, actionable steps you can take to protect your firm’s data. While we can’t recommend enough a major security retrofit, some attacks can be prevented with good policy.

One of the most important factors of cybersecurity is being proactive. A cyber attack can mean a loss of capital, loss of data, exposure of sensitive data, and more. However, the most costly will be the reputation of your company. A reputation can take years to build and a few keystrokes to topple. As much as a small leak of classified information can destroy decades old trust between a firm and it’s clients.

These steps below will guide you and your team to a safer and more secure tomorrow:

Training Employees

Believe it or not, this is probably the most crucial tip we have. Phishing attacks are by far the most frequent cyber attack on small or local businesses, and training your employees to know when a suspicious email is an attack could stop a crisis in its tracks. “A recent study found that 50 percent of all breaches stem from social engineering attacks (e.g., phishing emails) and insider errors.”

Creating a culture of cyber-consciousness should be the end goal for any business. Whether it’s hosting a lunch-and-learn cybersecurity training day or implementing policies to guide your employees to the safest practice when handling firm assets. Keeping small reminders on the walls or desk of the office space is another great way to reinforce and remind your workforce of the potential threats. Another is to feature cyber-security related articles within company memos or newsletters. (Like the ones we share on our social feeds) Anything that can keep security top of mind will encourage a smarter, more secure workplace.

Our 5-Minute Guide to Cyber Security is a great resource to have printed out or mounted somewhere in your office: https://jdlgrp.com/5-Minute-Guide-Cyber-Consciousness

Establish Protocol  

Having set cyber rules for your employees is a great way to reinforce the importance of virtual safety. It’s not uncommon for an employee to misunderstand the the difference between a home computer and a corporate network, so setting specific rules to follow will deter a vulnerable employee from opening a can of worms.

Some policies to consider in your protocol include:

  • Rules requiring strong passwords
  • Periodically changing work passwords
  • The use of two-factor authentication
  • Forwarding files to personal emails
  • Using encrypted removable storage devices (USB Drive)
  • Immediately reporting suspicious activity.
  • Regulations on software installed, browser used, extensions attached, etc
  • Best practices for email
  • Discouraging the use of unsecured networks (cafes, restaurants, airports, or hotels)
  • Use of a virtual private network (VPN)

Backup Data

While many cyber attacks are after valuable data, some are purposely meant to be as destructive as possible, wiping out any data it can find. Having a reliable backup system is critical to ensuring you don’t lose any valuable data that can render your firm unable to continue business. Investing in a secure backup system will allow you to recover your files as quickly as they were stolen.

Updated Cybersecurity Plan

In our current technological atmosphere, innovation is abundant. New software and gadgets seem to pop up daily, and with them, come new opportunities for cyber threats. For this reason, it’s vital that your entire cyber defense be kept up to date. And we’re not just talking about software to keep your firm safe, you must be actively retrofitting your virtual infrastructure and education your employees to adjust to the rapidly changing space — think smart watch policy or even encrypting tablets.

Unfortunately, the volume of cyber attacks has been steadily increasing in recent years. With new technology comes a greater responsibility to keeping your business and employees safe. While these tips can keep you moderately secure, only a professional can design a custom defense to combat the full spectrum of cyber threats.

JDL Group Inc. provides all of the suggestions above and more through Unified Threat Management. One example is the FortiMail Secure Email, combining email security and data backups by utilizing the latest technologies and services from FortiGuard Labs. Fortinet also offers mobile carriers a strategic security solution, specifically addressing the scaling, performance, and connectivity needs in today’s mobile work atmosphere.

Contact us today for a 100% free cybersecurity consultation for your business!

Sources:

https://www.law.com/thelegalintelligencer/2018/07/18/cybersecurity-for-midsized-and-smaller-law-firms-10-tips-to-take-action-now/

2 Comments
  1. Brandon

    Online data security for businesses is definitely a very important topic, too often there are articles about hackers stealing information from small or big companies. The place I work at installed Surfshark two months ago, since lots of us work remotely it became mandatory to keep a VPN up when connecting to an insecure network. First I was a bit afraid it will be a nuisance but the software was really easy to use. I think the most important thing was the support of unlimited devices, one account for all business computers. My guess is we’ll be seeing more of similar software.

    ReplyOctober 19, 2018 at 9:54 am
    • JDL Group Inc.

      Software and services that always protect remote users are becoming part of the zero-trust defense mechanism. Through this, we encourage to maintain strict access controls and not trusting anyone by default, even those already inside the network perimeter. Verify anything and everything trying to connect to critical systems before granting access.

      ReplyAugust 5, 2019 at 3:11 pm

Leave a Reply to JDL Group Inc. Cancel reply

Your email address will not be published. Required fields are marked *

four × five =

This site uses Akismet to reduce spam. Learn how your comment data is processed.