Over the past few years, reports about hackers and security breaches have gone from very few to many times per month.  The reports range from hackers breaching a firm’s security to a malicious virus that renders a firm’s network inoperable.  Most recently, a law firm in Panama was hacked and had millions of documents stolen and released as per the “Panama Paper.”  Additionally, courts are now ruling that companies can be sued for hacks and breaches when client “personal information” is breached.

Many attorneys and business owners comment to me, “I am a solo practitioner or have a small firm, why would anyone want my data?”  I also hear, “if a large corporation can’t keep them (hackers) out, what can I possibly do?”  Thinking this way is understandable.  However, every attorney and business owner has an ethical obligation to take appropriate steps and due diligence to protect client’s data, which is within folders/files on the company’s file servers or pc’s.

There are several ways security breaches happen; 1. A password is breached because it is not strong, 2. A hacker hacks through the firewall to get to the servers and data, 3. An employee opens an email which contains a link or attachment that “opens the door” for the hacker, 4. An employee is browsing on the web and opens an infected link that “opens the door” for the hacker, 5. An employee or ex-employee steals client folders and data files.

Passwords should change every ninety days and should be at least 12 digits and be strong.  A strong password is one that includes uppercase letters, lowercase letters, symbols, and numbers.  Ten years ago, eight digit passwords were acceptable, but today they are very easy to hack.  Staff should not record their passwords on post-it notes stuck to their monitors.  Posting of passwords or sharing passwords with others defeats the purpose of security.   Additionally, network login accounts should be immediately disabled and passwords changed for terminated employees.  If departing staff know any other staff’s passwords within the firm, those passwords should immediately be changed, regardless of whether or not the employee departure is amicable.  Changing passwords protects both parties.

A firewall is a device that blocks unauthorized access to a network and provides user’s pc’s access to the internet.  Think of it as a one-way valve.  The internet router/modem from your internet provider connects to the firewall.  The default admin password on the firewall should be changed to a strong password.  There are ports on the firewall that are either open or closed.  A port may be open to allow email to flow in and out of the firm’s email server or to allow for users to have remote access when out of the office into their pc.  Ports that are not used should be closed on the firewall, so that hackers do not have easy entry.  SonicWall SOHO Security Appliance is an example of a good firewall for a firm with has one to five pc’s.  Whereas the SonicWall TZ300 Security Appliance should be used for a firm with more than five pc’s.  Firewalls should be replaced every three years.  Newer security features, like “Intrusion Prevention System (IPS)” software is an important feature that your firewall should have.

Virusscan Software should be installed on all pc’s and devices.  The software should be set to update and scan in real time mode.  Using free antivirus software is not recommended.  Best practices recommend for a paid for subscription with a reputable virusscan software manufacturer; such as, Symantec, McAfee, or Trend Micro.  The subscription plan can be monthly or annually.  Additionally, use of Anti-exploit software is a great compliment to any firm’s security plan.  Anti-exploit software is used to protect against security risks and malicious software attacks as you browse the internet.  Security attacks and malware infections have risen exponentially through browsing the internet.  Anti-exploit software; such as, Malwarebytes Endpoint Protection Suite, will warn if you have clicked on a malicious link or download.

Preventing a cyber security attack and taking steps like strong passwords, changing passwords every ninety days, implementing firewalls, using virusscan software, and using anti-exploit software are all very important.  However, another key component that is sometimes overlooked when talking about cyber security is backing up your data daily and performing a test restore of the backed up data regularly to make sure the backup is functioning properly.  A malicious virus, such as ransomware, can completely disable a pc or the file servers where the shared data is stored.  A ransomware virus, locks all of the data so that it cannot be accessed without paying a ransom.  When backups are performed daily, the backups can be restored so that the firm experiences minimal down time and does not have to pay the ransom.

Alicia A. Slade, MS, MBA, is the President of Plummer Slade, Inc., a computer networking and IT solutions firm providing IT services to hundreds of law offices each year.  Plummer Slade is exclusively endorsed for IT Solutions by the Allegheny County Bar Association (ACBA).