Online Security Basics for the Busy Lawyer

BY Jim Carroll

Online Security Basics for the Busy Lawyer


Every lawyer that has a busy practice has a thousand things to worry about every day of the week. It is easy to let the day-to-day chaos of a law office over-shadow the importance of protecting the data in your servers from both accidental and intentional loss. But there are certain best practices that will make worrying about data breaches less of a concern.

Intentional data breaches happen all the time. A recent study has indicated that approximately 60 separate sensitive and confidential records are stolen and lost every second every day. Further, the world-wide total cost of an average data breach is $3.86 million. This number is a 6.4 percent increase in costs over last year’s average. As intentional data breaches are increasing every year and law firms need to increase their efforts to stop them.

What’s in a password?

So, what are the basics of protecting the confidential information of clients and a law firm’s internal business data?

First and foremost is having a robust password. Google advises its users to follow several best practices. The password should be unique and eight characters or more. The password should be a combination of letters, numbers and characters. Creating a memorable phrase using various numbers and characters that replace letters will allow the password to be easily memorized without having to write it down, which is also not recommended.

For example, instead of using the letter “S,” replace it with the “$” symbol. The same can be done with the letter “E” being replaced with the number “3.” Also, do not use personal information or common words or numbers such a birth dates or addresses that can be easily discovered and used to break a password.

It is recommended that lawyers change passwords often -- at least once every six months but it is even better to change them every three months.

The next major technique used by hackers to sneak into a law firms’ database is something called “phishing” or more specifically called “spear-fishing.” Phishing involves a hacker sending out millions of emails in order to catch an unsuspecting person to trigger the trap and give access to their computer. Spear-fishing uses the same technique but involves a laser focus on one employee. Once that employee opens an infected email or file attachment, then the trap is sprung.

The best way to prevent spear-fishing is to train employees to report any suspicious emails and to not open any file attachments that come from an untrusted source.

A new trend in online security protection is to plan on the inevitable happening and purchasing cyber insurance. Cyber insurance will pay for the cost of a security breach. Further, the insurance company might require certain protections and practices to be implemented before a policy can be issued.

Jim Carroll

Jim Carroll is a contributor for Bigger Law Firm.


Writing press releases for law firms

How Law Firms Can Effectively Use Press Releases

Press releases allow law firms to share their successes, announce new hires or promotions, and position themselves as thought leaders in their respective practice areas. In this article, I will share best practices for writing a great title, writing a great summary, and telling your story in a meaningful way, as well as provide scenarios…

Fluff Content AI Articles for Law Firms

Google’s John Mueller Warns Fluff Content Can Harm Your Law Firm’s Whole Site

By heeding John Mueller’s warning and focusing on producing valuable, informative content for your audience, you can avoid the pitfalls of fluff content and improve your website’s overall search engine performance.

Lawyer Making a Video

Lights, Camera, Action: How Lawyers Can Create Compelling Videos

One of the most effective ways to reach potential clients is through video content. According to HubSpot, 91% of businesses use video as a marketing tool, and for good reason: video content can increase website traffic, engagement, and conversions. In this article, we’ll discuss how lawyers can create a video that explains an area of…