Whether it’s generating 15 digit passwords, encrypting your computer devices, or setting up mobile office cameras, we compiled a comprehensive security checklist for you to improve your law firm’s security and keep your clients information safe.
1. Protect your passwords with LastPass
Every lawyer and law firm needs to keep track of numerous amounts of passwords, which becomes increasingly overwhelming. We noticed the tendency of using the same 3 variations of passwords for each site – NOT the best way to be doing things! If someone gets hold of only 1 password, you can imagine the destruction they could potentially do.
That’s where LastPass comes to help. By using their cloud-based plugin, they can generate extremely secure passwords for each site and remember them for you automatically using your Master
Password (make sure this one is very secure). An example of an auto-generated password is “Ade!23#ssap(283Hg0!”. You get the idea.
If you have a firm, you can even choose to share certain passwords with other partners or paralegals. The best part is – they will be able to login to those sites, BUT they will not be able to see what the actual password is.
More info: LastPass.com
2. Enable two step authentication for Gmail.
To ensure that your email account is protected, you should consider enabling two-step authentication to add an extra layer of security to your account. The way this works is that when you sign in with your normal email address and password, a verification code is sent to your phone to ensure that you are the correct owner of the account.
3. Use Box as its HIPAA compliant.
Box.com offers a secure way to keep all of your files in one place so that you can access them anywhere from any device. With enterprise-level security and HIPAA compliance, Box.com allows you to protect your confidential documents online at the highest security standards.
More info: Box.com Security Features
4. Use LawPay as a secure payment processor
LawPay is legal payment processing company specifically built for attorneys. They help attorneys accept trust account payments and take the fee from the operating account. Lawpay is the most trusted and recognized merchant processor approved by the ABA. They offer PCI Level 1 Certified Fraud protection so you can ensure that your online payments are secure.
More info: LawPay.com
5. Enable 6-digit pass codes even the FBI can’t crack.
Using a 4-digit passcode to secure your smartphone is standard practice. However, if you want to take extra precautions and ensure that the information on your phone has an extra layer of protection, you should think about enabling a 6-digit passcode on your phone. If you have an iPhone running iOS 9 or later, you can enable 6-digit pass codes that make it nearly impossible to crack.
6. Enable BitLocker encryption
According to the official Microsoft site, Windows BitLocker Drive Encryption is a new security feature that provides better data protection for your computer by encrypting all data stored on the Windows operating system. So if anyone steals your laptop or takes the hard drive out, they can’t access the drive.
7. Make your website domain private, unless you want anyone to find your home address, personal email, and cell phone.
According to NetworkSolutions, when you buy a domain name, your registrar is required by ICANN to enter your contact information – including your name, physical address, email address and phone number – in its WHOIS database, a searchable directory that holds contact information on all of its domain name registrants. This personal information is available, free of charge, to any member of the public who decides to check domain names in the registrar’s online WHOIS database. To protect yourself, consider contacting your domain registrar and ask about making your domain private. They will typically offer this service to you for about $10/year and is a must if you consider online security a priority.
8. Lock your WordPress down with WordFence plugin.
Block hackers from taking over your website and potentially sending themselves everyone who tries to contact you. Click here to download the free Wordfence plugin, or go crazy with the premium version.
More info: Wordfence.com
9. Get a secure case management software.
It’s important to find a reliable case management software that can securely store confidential documents and client info, manage your trust account correctly, and stay HIPAA compliant. It’s important as well to have backups of your calendar and deadlines so you’ll never lose important information.
10. Nest Dropcam – Mobile Security camera in your home or office.
The Nest Dropcam is a very useful tool to look after your office and sensitive files even when you’re away. Nest Cam can use your phone’s location to know when you’re away so when your employees leave the office, Nest Cam will know to turn on automatically. And with 24/7 live streaming, advanced Night Vision, and motion and sound alerts, Nest Cam helps you look after your office from anywhere.
More info: Learn more about Nest Cam
11. Privacy screen on your laptop, tablet, and phone when traveling.
Every so often, when you travel in public areas like airports and train stations, you wouldn’t want strangers peeking over at your sensitive information. To help prevent that, you will want to consider buying privacy screens to protect sensitive data and increase text and image clarity. Privacy filters can easily be placed on laptop, tablet, and phone screens and enable only the person looking directly at the screen to see what’s there.
More info: Buy a Privacy Screen on Amazon
12. Check for https or the secure icon on the top left when entering credit cards on websites.
Whenever you are using a website or app when entering your credit card information, make sure you see the “secure” icon badge on the top left. Some of the most popular companies that offer online security badges are Norton, McAfee, Truste, and the Better Business Bureau. Keep in mind that if the website you are on is missing a security badge, that site might not be protected.
13. Encrypt client communications with a client portal.
Do NOT send confidential emails and messages to your clients. Use secure encrypted messaging with client portals. Your client will login with a secure password so no one sees your communication. LawyerHelp offers a client portal among its suite of tools for law firms.
More info: LawyerHelp.eu
14. Screen your calls with Google Voice
Google offers a free phone number called Google Voice that automatically forwards calls to your cell phone, office, or home. You can enable call screening which asks each caller to state their name before you answer the call.
More info: Google Voice