Law firms, particularly large or prestigious organizations, are rich targets for data hackers who prey on targets who are lax in cybersecurity. However, even smaller firms must take preventative action to diminish the threat of data breach. This article provides some basic tips recommended by the American Bar Association on how to protect your firm’s data against hackers. It also offers suggestions from our experts at Needles on how to implement a dependable backup system as a failsafe.
Protecting your Data
- Create complex, unique passwords that you change often – Experts recommend that passwords have at least 12 characters. It can take hackers years to solve passwords that have a dozen characters that include numbers, uppercase and lowercase letters, and symbols. And be sure to use a different password for each device; otherwise if hackers solve one, they solve them all. Also, change your passwords regularly. Don’t keep a file on your computer on which you store your passwords. Believe it or not, some users even name some files “passwords.”
- Protect your laptop with whole disk encryption – Stolen laptops are a common cause of data breach. Disk encryption translates your data into a code that can only be deciphered with a special key. Some newer laptops come with built-in encryption software. Backed up data and data on flash drives and other external media should also be encrypted. Because employees can easily store firm data on their own flash drives, make sure it is necessary for users to log in when using them.
- Lock up your server – To keep people from getting access to your servers, keep it on a locked rack within a locked, climate-controlled room.
- Protect data on smart phones – Stolen smart phones are another great source for data-greedy hackers. Make sure all smart phones are protected by PINs.
- Limit access to sources of sensitive material – Allow access to confidential information only to those employees who have a need to use it.
- Eliminate data access by terminated employees – If a staff member terminates employment for any reason, immediately eliminate all access to data by killing IDs and any other means of gaining access to information.
- Never give user IDs or passwords to anyone outside your firm.
The Importance of Backing Up your Data
Your firm could need to access backups for many reasons. Are you SURE you have a proper backup? We strongly recommend you take personal responsibility for your firm’s backup procedures. Every client that calls us after a catastrophe thought they had proper backup procedures in place. Why? Because someone told them that they did. Take a few minutes to speak to your IT professional, and ask about the following 5 scenarios. Knowing the answer to these questions will help make sure that you are prepared if the unthinkable happens to your firm.
What if your server’s hard drive crashes?
Ensure that your firm’s computers and servers are in good shape, and are regularly updated with the latest patches and anti-virus libraries. Ask your tech to review the “health” of your server environment, as it is the lifeblood of your network! Make sure your backup is stored in a separate place from your Needles database. Having the backup and the Needles database stored on the same hard drive or computer isn’t going to do you any good if that machine fails.
What if a disgruntled employee messes with your data?
Unfortunately, a situation like this can take days, weeks, or even months after an employee leaves to be discovered! If you are backing up your data to the same hard drive every night, and overwriting the previous night’s backup, you have no history and can only go back a single night. Make sure to rotate your backups! This means to have a daily backup, then a separate weekly backup, and even a separate monthly backup that are kept as separate files. This way, if you discover something after the fact, you have multiple backups to help repair your data.
What if your office building burns down?
Here’s where things get interesting. If you are backing up your server to another computer or hard drive in the same office, you’re going to be out of luck! Make sure to either take a backup off site regularly, or use an internet backup solution to make sure your data isn’t all in one place. In addition to that; Word documents, QuickBooks files, and a Needles database won’t do you any good without copies of the software necessary to access these files. Make sure you also have all the software required to use your data backup in a safe/accessible place in case of emergency.
What if there is a natural disaster in your area such as a hurricane?
Have a natural disaster plan in place for both your data and your staff. If a natural disaster occurs in your area, things are going to be chaotic. However, with proper advanced planning, you can be up and running from the comfort of a hotel that has complimentary Wi-Fi! All you need is an external hard drive, a couple of laptops, and a couple of cell phones.
What if your IT expert quits, gets fired, or is hit by a bus!?
This can be very scary. In our technical world, we come to depend very heavily on our IT experts. But they are cogs in our machine that are just as capable of failing as any other part. Make sure you or multiple people on your staff understand the backup AND restore processes so that your data is always protected.
If you’d like to learn more about the Needles program or speak to someone in our Sales staff, please call us at 410-363-1976 or email us today.
If you’d like to see what your firm’s missing, request a free trial of our program.