LACyber: Cyber Security Blog

cyber security buffalo western new york
a division of Lincoln Archives Inc.

Data Security in the Legal Sector: 5 Steps to Success

by Sally Rozumalski

In this age of digital innovation, protecting clients’ sensitive information has become increasingly complicated. Your data, no matter how you store it, electronic or physical, is never 100% safe. For any lawyer this can be a difficult pill to swallow. But can you ever guarantee your client a win or even a specific outcome with 100% certainty? Of course not, you couldn’t! What you can do though, is weigh the options, formulate a strategy and set yourself up to get the result your client wants!

Ensuring sensitive information is protected is the same concept. As a legal professional, certain ethical duty is expected. A reasonable effort to prevent unauthorized access or disclosure of client data is expected. While every firm must have security measures in place, security and risk prevention will look different from practice to practice. So where can you start? With FIVE basic steps, you can take your firm from vulnerable to prepared. Help minimize your risk of a breach, and any potential violation of ethical duties. It is no longer acceptable to plead ignorance about technological privacy threats.


FIVE basic steps, you can use to take your firm from vulnerable to prepared


1. Assess your current IT defense

Being prepared for a data breach is a tricky process. Often times unless a law firm is uniquely large, it’s unlikely that their IT department, would possess all the capabilities to have a secure operation center. This includes being capable of inspecting all traffic, classifying it as benign, malicious, or questionable, analyzing questionable traffic rapidly to determine whether it is malicious, stopping all malicious traffic and taking the necessary steps to remediate any damage.

Keeping current with new attack strategies requires more time than most small and medium enterprises can give their security staff. There is simply too much to do and not enough time.

2. Encryption Encryption Encryption

Encryption is becoming a staple in security management. Demonstrate extensive use of encryption of data in transit and at rest and show that the firm employs two-factor authentication to secure remote connections to the firm's infrastructure.

3. Beef up your passwords

Far too often, passwords such as 1234abc and even 123456789 are too often used in the office setting. A unique password can be the fine line between security and a costly breach. No one password should be used for more than one account. To keep track of all your passwords a password manager can be a great tool. Essentially, a password manger is an electronic program that saves all your passwords in an encrypted vault and requires only one master password to gain access. Password managers can also generate random long multi-character passwords, which are the strongest types of password.

That being said two-factor authentication is a great tool to use when possible! On most big platforms it’s easy to setup and use. It requires both a password and a physical device to receive a code. From there if you get locked out of your account or there appears to be suspicious activity on your account, you can easily regain access and secure your account.

4. Proper training!

Believe it or not the biggest gap in security in any organization are its people! Proper end user training could save you countless hour and thousands of dollars. A simple class simply won’t cut it any longer. The cost is steep, and studies show the information is not retained long enough for it to be of any real value. Adding training in regularly including engaging content like humor boosts effectiveness and when sent out on a somewhat regular basis can not only teach and entertain users but also cut savings drastically!

5. Back up your data, the more the merrier

Backing up your data in at least one location is a smart and easy way to ensure the security of the sensitive information entrusted to you. A backup will save you in the event of a hard drive failure, stolen or lost laptop, accidental overwrite of data, or a malicious attack. It certainly is the best way to handle ransomware and maintain all of your information without paying a huge fee. Not only that but it can save you a headache and a huge chunk of your time! 

Don’t stop there though! It’s not enough anymore to have backups but it is crucial to have redundant backups as well as test your backups regularly.  In the case that something goes wrong, you want to ensure the plan you have in place will actually work in the case of a crisis. Speaking of plans having a location offsite is also a must, in case of any potential disasters that could take place.


With these steps under your belt, take an hour or two to learn about computer and internet safety. Remember, rely on local experts in the field to tackle any data security measures, don’t take on the fight alone! If you’d like additional information about implementing law firm data security and privacy measures, we welcome you to reach out via phone or email with any questions you may have. While these best practices will not make your data 100% secure it will deter hackers and give you some much needed peace of mind.

LACyber is a division of Lincoln Archives providing comprehensive Data Breach Defense Services. Lincoln Archives and LACyber are proud to be a part of Lincoln Family of Companies serving the Western New York Community since 1914.


Return to Blog Menu

Contact Information:

155 Great Arrow
Buffalo, New York
(716) 871-7040

Recent Blog Posts:

Is Tape Back Up Still Relevant?
As the years go on, tape is not going away. In fact, the technology behind tapes is improving! The question is: are there enough discussions taking place about this data back-up method?
Author: Sally Rozumalski - Date: 2019-06-13
Data Destruction, What is the Big Deal?
Ensuring the secure destruction of private data not only gives you piece of mind, but also could potentially save you thousands if not millions of dollars in data breach fines.
Author: Sally Rozumalski - Date: 2019-04-19
Can Your Smart Speaker "Hear" You?
Millions of people turn to their smart home devices for the weather, music or just a good laugh. But do you ever wonder if your smart device can actually hear whats being said, or where that information might go?
Author: Kathryn Turner - Date: 2019-04-12
The Gap in Risk Protection You Won’t See Coming
Your office network is a complex compilation of interconnected machines which cyber criminals seek to break into. So what part of your office is the most vulnerable to a data breach?
Author: Sally Rozumalski - Date: 2019-04-05
Ransomware and Company Closings: Could You be Next?
 Ransomware is continuing to hit businesses, will more force and impact each year. Malicious software and the infamous effects that accompany it, are starting to effect companies on a larger scale than a simple inconvenience including shutdowns, fines, and years lost.
Author: Sally Rozumalski - Date: 2019-03-29
See All Blog Posts

Contact Form

Cyber Defense Plans starting at $49.99