The beginning of the new year is all about goal setting and making resolutions, including those that will improve IT at your law firm. Many of our clients use the new year as a time to evaluate their cybersecurity preparedness and data management processes.
There are many steps you can take to ensure your law firm is secure. To get you started, we’ve highlighted a few to prioritize in 2020.
- Update training sessions and review policies for improvement
Regular cybersecurity policy reviews and training sessions help identify security holes and can prevent user error. Hacker tactics are always evolving. Regular cybersecurity training programs heighten awareness of common practices to gain unlawful access to systems. Be sure to include business continuity, incident response and records management in training sessions and policies.
2. Implement or update Data Loss Prevention Technology
Data loss prevention (DLP) is a technology that scans documents, emails and other types of data leaving the law firm for information like social security numbers and blocks the transmission of sensitive data. DLP can also include scanning data going onto removable media for physical transport.
It is important to ensure that DLP technology is kept up-to-date to meet ABA compliance mandates. Furthermore, as data becomes more complex with the increased adoption of the cloud, there is an increased number of locations where data must be protected.
3. Strengthen access limitations with Multi-factor Authentication
Multi-factor Authentication (MFA) is a method of computer access control which requires users to provide authentication methods from at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are).
In a recent study, we found that most law firms are not using multi-factor authentication to protect important and sensitive documents and resources.
According to the Verizon 2019 Data Breach Investigation Report, stolen credentials remain one of the most prominent channels for hacking-related breaches. MFA is a simple and necessary addition to a cybersecurity program that can combat credential-related attacks.
4. Boost efficiency and profitability by measuring team success
An important resolution to make this year is to measure your IT team’s performance. Whether it is cybersecurity or IT service delivery-related, metrics drive everything. Determine how success can be quantitatively measured, whether by client satisfaction, cost or efficiency, then set a goal for each and track results regularly.
To ensure you’re implementing the most comprehensive cybersecurity practices at your law firm, check out our most recent Cybersecurity Scorecard, an annual study that measures cybersecurity preparedness across the legal industry. In it, you’ll find cybersecurity best practices and other key recommendations from LOGICFORCE experts.
Paul Telesco is the VP of Technical Services for LOGICFORCE. He holds multiple industry certifications including: Project Management Professional (PMP), Information Technology Infrastructure Library (ITIL) Foundation, Cisco Certified Network Associate (CCNA) Routing and Switching, Cisco Certified Network Associate (CCNA) Security, and Certified SonicWALL System Administrator (CSSA).