1 | P a g e
Law Firm Cyber Security Tips
Encompassed within a lawyer’s duty of confidentiality (Ala. R. Prof. C., Rule 1.6) is a
duty to ensure clients’ information is protected in all of your data sources. Cyber
security has become necessary in the ever-evolving practice of law. It is far better to be
proactive than reactive when it comes to cyber security.
• Cyber Security Obligations:
o Types of Data
o Client specific needs (i.e. HIPAA)
o Ethical Obligations
• Logistical Needs:
o Dedicated computer for work. Do not use your work computer or email for
personal matters.
o Secure communications
o Training
o Knowledge regarding types of threats
Think before you click
Beware of Fraudulent websites
Don’t respond to scammers
Use antivirus software
Only sue trusted software
• Encrypt Everything: According to an ABA survey conducted in 2012, all forms
of encryption – including file encryption, email encryption, and full disk
encryption – are the least often used security feature among law firms.
Encryption is a relatively simple and effective risk management tool. Lost and
stolen devices are the most common cause of data breaches in law firms.
Encryption protects your information even if your device has been accessed
improperly.
• Cloud Computing: You must use due diligence in selecting a cloud provider by
asking the right questions. You should ensure the provider employs adequate
security to protect your data. You should only use a cloud provider that can
provide you with reasonable assurance that your data will be secured.
o TIP: If the provider cannot give you such assurance, then you should
decline their services.