• By Redwire
• Posted October 13th, 2016

The Importance of Law Firm Security

In any service-oriented business, security should be a high priority, whether you’re protecting anything from clients’ purchasing history to a secret family recipe.

When it comes to law firm security, however, the stakes are significantly higher. Consider the highly sensitive personal information that your law firm handles on a daily basis; what would happen if a random perpetrator gained access to your clients’ information, like their bank records, phone records, or personal affidavits? And just as importantly, what would happen if the opposing legal counsel illegally gained access to this information? You could be looking at not only personal loss for your clients but also loss of trust, assets, and the good reputation of you and your firm..

That’s why law firm security and data protection are paramount to any firm’s success, large or small. We’re going to lay out three myths about law firm security that—when debunked—will show the importance of law firm security and help you keep your firm and your clients’ information as safe as possible.

Myth #1: My Firm Isn’t at Risk

Whether you think your firm is too small, too insignificant, or too well protected to be at risk for hacking, you’re probably wrong. In 2011, the FBI warned law firms specifically that they were the targets of potential data breaches, regardless of their size or location.

While the following steps won’t completely protect you, any Florida firm can protect itself better by implementing some of these basic tips:

• Ensure that both your laptop and any backup media devices are encrypted (laptops must use whole disk encryption).


• Make sure that all employees’ computers require a screensaver password after being inactive for a set amount of time.


• Create strong passwords that are at least 12 characters long—yes, 12—and use a combination of lowercase and uppercase letters, numbers, and symbols.


• Do not keep your passwords in a file called “Passwords.” This shouldn’t have to be mentioned, but unfortunately, it does.


• Change any and all default security settings on your router, operating systems, software, etc.


• Make sure all your software is updated and supported, as outdated versions can be prime targets for hacking.

Myth #2: I Can Protect My Clients’ Data on My Own

Even if you’re IT-minded and have implemented the basic tips mentioned above, further security measures are prudent and even imperative.

Under current Florida data breach law, organizations must report data breaches to affected individuals within 30 days of the breach’s occurrence. Can you imagine the impact it would have on your firm’s reputation if you had to inform your clients that their sensitive financial and legal information had been breached?

It’s much better to employ the services of a security company beforehand to protect important data before an attack occurs.

"In any service-oriented business, security should be a high priority, whether you’re protecting anything from clients’ purchasing history to a secret family recipe."

Myth #3: My Firm Is Paperless, so Physical Security Isn’t as Important

With many law firms embracing the digital world and going paperless, some attorneys may erroneously conclude that physical security is no longer as important as digital. Unfortunately, that’s just not the case. Here are a few physical security tips that are often overlooked in today’s digital world:

• Your server should be located in a physically locked room, ideally in a locked rack.
• If and when an employee is terminated, ensure that their ID card is appropriately discarded or destroyed. You should also immediately disable any access the employee had to the firm’s files or servers.
• Control access—to locked rooms, software, and any other applicably protected area or digital device.

Better yet, consider investing in a business alarm system that includes features like live threat confirmation, faster police dispatching, and the ability to monitor video feeds from anywhere with a secure Internet connection.

While the prospect of data breaches and other attacks to your firm may seem daunting, when you take the steps to protect yourself and your clients, law firm security can become something you’re proud of instead of something you fear.