As of June 25th the Identity Theft Resource Center reported 301 data security breaches for 2013, which exposed 6,413,028 potentially sensitive records. Security breaches are a real threat for businesses today, especially for law firms. Case in point: earlier this year the ABA Journal reported that most major law firms have been victims of security breaches.
Not only do small and medium-sized firms often have financial data and private information about their clients (think of the data in divorce agreements, for example), but larger law firms may also have economic intelligence—information on business deals, mergers and acquisitions.
So what can law firms do to avoid security breaches and protect this sensitive data?
3 Methods for Law Firms To Prevent Security Breaches
1. Encrypt Everything. The world has gone digital and most sensitive information today is kept on a computer or in the cloud. Adding to the risk, a lot of crucial information is kept on devices that can store data but that leave the office, including laptops, thumb drives and mobile phones. Ensure that your data is safe by encrypting it both in transit and when it’s in storage.
2. Educate Users. The ABA piece reported that firms’ users are most often the cause of security breaches, whether it’s by using personal wi-fi when the firms’ connection is spotty or by using one password for all log-ins. Educating users can go a long way to avoiding security breaches.
3. Control Access. The fewer people who have access to sensitive data, the less likely a leak or security breach will occur. Law firms can even choose data storage options, such as a virtual data room, that offer audit logs so they can track who has accessed the data—this can be valuable to track down the source should a security breach occur.
These are the crucial first steps in preventing security breaches, but there are many additional steps worth taking. The State Bar of Wisconsin published a long list of preventative measures on their website that are worth reviewing for any law firm concerned about security breaches.