COVID-19 Remote Work Safety Tips for Law Firms

BY Kerrie Spencer

COVID-19 Remote Work Safety Tips for Law Firms


The COVID-19 virus has taken over the word. Many countries, including the United States, have implemented preventative measures. Across the nation, working people are requested to work from home whenever possible. This means that lawyers and legal staff are now working remotely. However, not all home computers or even work laptops are up-to-date on cybersecurity measures. Thus, working at home may expose sensitive information.

With the COVID-19 virus leaving many people worried, they are less likely to pay attention to computer security. In this new environment, breaching a law firm client's security ranks right at the top of the list of worries for law firms.

On March 13, 2020 the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency encouraged those that are moving to remote working status “to adopt a heightened state of cybersecurity,” as there is a significantly elevated risk of malware, phishing attacks and ransomware demands in the midst of the coronavirus pandemic.

While a law firm may use virtual private networks for telework and may also have a plan in place to deal with security emergencies, the risk remains that sensetive data can be lost or exposed. In the midst of this crisis, it is important to have a level of awareness of what constitutes security for the firm's client files.

There is not one law firm that would want to find themselves dealing with a ransomware attack.

What steps law firms need to take to keep data secure 

  1. Give your law firm's IT department all the support it needs. Ensure they have the resources on hand to keep data secure. Ensure all updates are taking place right away.
  2. Give all remote workers the right kind of equipment and ensure it is properly configured and has updated software.
  3. Assess what remote workers are using, whether it is their own computer at home or one acquired via a school or other organization. It may be a good idea to encrypt hard drives and provide a virtual private network for connecting. Moreover, all connections need to have multifactor authentication to log in.
  4. Inform all those working remotely that there are policies that must be followed when working with law firm data and in accessing a network. Spell out in clear language what an acceptable internet connection entails and the types of devices that may be used to connect online. All policies and directions need to be clear and in plain language that does not leave employees guessing about what to do.
  5. All law firm equipment taken home for work must stay there and never leave the home. Law firms should provide a “What to do” memo in case equipment is stolen or lost.
  6. Increase monitoring of client data and information.
  7. In some situations it would be best for nonessential staff to take leave instead of having to work remotely. Do not run afoul of the Fair Labor Standards Act.
  8. Hold a cybersecurity event, or webinar, and educate staff about the very real risks of of cyberthreats.
  9. Have workers double-check any and all unusual communications. Educate workers on what to look out for in suspicious emails or phishing attmepts.
  10. If your law firm has existing contracts with other support vendors have the IT professionals review the terms of each contract targeting cybersecurity. Also check on data breach insurance.
  11. Provide all remote workers and all law firm staff with a list of emergency contract numbers.

With all of these tips and suggestions, the most important things to remember are timing and communication. How quickly your firm responds to a security threat or breach is key.

The COVID-19 pandemic brings with it more than health concerns. While it may be a saving grace that in 2020 we have even better cybersecurity protections in place than ever before, law firms need to make sure they are prepared.

Kerrie Spencer

Kerrie Spencer is a staff contributor to Bigger Law Firm Magazine.


WordPress Plugins for Law Firms

Supercharge Your Law Firm’s Website: 5 Must-Have WordPress Plugins!

Are you looking to maximize your law firm’s website’s potential? You’re in the right place. WordPress offers a wealth of plugins that can improve your website’s functionality, from search engine optimization to online event scheduling. Here are five must-have plugins for law firms: Gravity Forms – Communication is key when it comes to your law…

Security vulnerability infected websites

WordPress Security Breach Used Vulnerabilities in Plugins in Themes

Over one million WordPress websites have been infected by a malware campaign called Balada Injector since 2017, according to cybersecurity firm GoDaddy’s Sucuri. The attackers behind the campaign use all known and recently discovered vulnerabilities in WordPress themes and plugins to breach sites. They typically play out their attacks in waves once every few weeks,…

Law firm partner learning about SEO

How to talk to the partners about SEO

As a law firm marketing director, you understand the importance of SEO in driving traffic to your website and generating leads for your firm. However, convincing the partners of your law firm to invest in SEO can be a daunting task, particularly if they do not understand its benefits. Here are some tips on how…