LACyber: Cyber Security Blog

cyber security buffalo western new york
a division of Lincoln Archives Inc.

Data Security in the Legal Sector: 5 Steps to Success

by Sally Rozumalski

In this age of digital innovation, protecting clients’ sensitive information has become increasingly complicated. Your data, no matter how you store it, electronic or physical, is never 100% safe. For any lawyer this can be a difficult pill to swallow. But can you ever guarantee your client a win or even a specific outcome with 100% certainty? Of course not, you couldn’t! What you can do though, is weigh the options, formulate a strategy and set yourself up to get the result your client wants!

Ensuring sensitive information is protected is the same concept. As a legal professional, certain ethical duty is expected. A reasonable effort to prevent unauthorized access or disclosure of client data is expected. While every firm must have security measures in place, security and risk prevention will look different from practice to practice. So where can you start? With FIVE basic steps, you can take your firm from vulnerable to prepared. Help minimize your risk of a breach, and any potential violation of ethical duties. It is no longer acceptable to plead ignorance about technological privacy threats.


FIVE basic steps, you can use to take your firm from vulnerable to prepared


1. Assess your current IT defense

Being prepared for a data breach is a tricky process. Often times unless a law firm is uniquely large, it’s unlikely that their IT department, would possess all the capabilities to have a secure operation center. This includes being capable of inspecting all traffic, classifying it as benign, malicious, or questionable, analyzing questionable traffic rapidly to determine whether it is malicious, stopping all malicious traffic and taking the necessary steps to remediate any damage.

Keeping current with new attack strategies requires more time than most small and medium enterprises can give their security staff. There is simply too much to do and not enough time.

2. Encryption Encryption Encryption

Encryption is becoming a staple in security management. Demonstrate extensive use of encryption of data in transit and at rest and show that the firm employs two-factor authentication to secure remote connections to the firm's infrastructure.

3. Beef up your passwords

Far too often, passwords such as 1234abc and even 123456789 are too often used in the office setting. A unique password can be the fine line between security and a costly breach. No one password should be used for more than one account. To keep track of all your passwords a password manager can be a great tool. Essentially, a password manger is an electronic program that saves all your passwords in an encrypted vault and requires only one master password to gain access. Password managers can also generate random long multi-character passwords, which are the strongest types of password.

That being said two-factor authentication is a great tool to use when possible! On most big platforms it’s easy to setup and use. It requires both a password and a physical device to receive a code. From there if you get locked out of your account or there appears to be suspicious activity on your account, you can easily regain access and secure your account.

4. Proper training!

Believe it or not the biggest gap in security in any organization are its people! Proper end user training could save you countless hour and thousands of dollars. A simple class simply won’t cut it any longer. The cost is steep, and studies show the information is not retained long enough for it to be of any real value. Adding training in regularly including engaging content like humor boosts effectiveness and when sent out on a somewhat regular basis can not only teach and entertain users but also cut savings drastically!

5. Back up your data, the more the merrier

Backing up your data in at least one location is a smart and easy way to ensure the security of the sensitive information entrusted to you. A backup will save you in the event of a hard drive failure, stolen or lost laptop, accidental overwrite of data, or a malicious attack. It certainly is the best way to handle ransomware and maintain all of your information without paying a huge fee. Not only that but it can save you a headache and a huge chunk of your time! 

Don’t stop there though! It’s not enough anymore to have backups but it is crucial to have redundant backups as well as test your backups regularly.  In the case that something goes wrong, you want to ensure the plan you have in place will actually work in the case of a crisis. Speaking of plans having a location offsite is also a must, in case of any potential disasters that could take place.


With these steps under your belt, take an hour or two to learn about computer and internet safety. Remember, rely on local experts in the field to tackle any data security measures, don’t take on the fight alone! If you’d like additional information about implementing law firm data security and privacy measures, we welcome you to reach out via phone or email with any questions you may have. While these best practices will not make your data 100% secure it will deter hackers and give you some much needed peace of mind.

LACyber is a division of Lincoln Archives providing comprehensive Data Breach Defense Services. Lincoln Archives and LACyber are proud to be a part of Lincoln Family of Companies serving the Western New York Community since 1914.


Return to Blog Menu

Contact Information:

155 Great Arrow
Buffalo, New York
(716) 871-7040

Recent Blog Posts:

Facebook’s Password Dilemma: Another Security Mishap?
Following last September’s massive security breach of user data, it’s becoming more and more challenging to summarize all the misuse of privacy and security fumbles Facebook is held responsible for.
Author: Sally Rozumalski - Date: 2019-03-22
Senators Calling for Transparency and Change in Cyber Sec Reporting
In the current digital age, we’ve become almost numb to digital breaches of information. However, what you don’t tend to hear about often are hacks of computer and IT systems belonging to government entities.
Author: Sally Rozumalski - Date: 2019-03-15
Wire Transfer Scams: Is it Really That Easy to Miss?
Americans lost nearly $905 million to fraud last year with wire transfers taking the first place for biggest culprit. So what is the deal with wire transfer fraud, and how can we avoid it ?
Author: Sally Rozumalski - Date: 2019-03-08
Safe and Secure: Avoiding Scams this Tax Season
It’s that dreaded time of year again: time to file those taxes!
Author: Kathryn Turner - Date: 2019-03-01
Cyber Defense Planning in the Financial Sector: Are you Prepared?
Financial institutions are continuously targeted in this digital age. As threats to the industry evolve, the risk to financial institutions increases exponentially.
Author: Sally Rozumalski - Date: 2019-02-22
See All Blog Posts

Contact Form

Cyber Defense Plans starting at $49.99