There is a much greater onus on legal professionals to stay safe online in a personal capacity.
That’s because, if your personal digital security is compromised, what hides behind your password and the other defences you put up to ring-fence your personal PC, laptops, smartphone, and so on is of immense attractiveness to cyber hackers and to other bad actors.
As you’ll be aware, there is an ongoing arms race between those looking to breach sensitive computer networks and those looking to protect them. If these people find their way past your defences and you have remote access to your wider work network, you can rest assured that they would have a high probability of breaching important files, folders, and apps containing highly sensitive information about your personal and commercial clients via your cloud log-ins.
As leading experts in the provision of security technology to the legal sector, the Sprout IT team consider the six things you should make part of your daily online routine in 2019.
This is an area which we have written about extensively on our blog and our warning remains as relevant and urgent as it did when we previously published advice on successful password management (read more here and here).
Create the most complex passwords you can for each site you visit. We appreciate that this is easier than it sounds and there are now apps called “password managers” which automatically provide you with a superior level of security – you should investigate LastPass, Sticky Password, Dashlane, or KeePass.
Multi-factor authentication (MFA) is becoming an increasingly popular security option for solicitors’ practices and barristers’ chambers. MFA requires that you verify your identity in a number of different ways, including bio-metrically with the used of fingerprint reading. Sprout IT offers MFA as part of our product offering.
Careful where you click
Cyber attackers will either use email or the telephone to attempt to commit fraud against your firm. Clickbait headlines, bogus “free offers”, online quizzes, and spam emails use proven psychological tactics to engender trust in recipients and, if successfully, enough personal information is revealed to commit identity fraud or to break into other systems containing information of even more value to fraudsters.
Keep your software up to date
You should think of all apps and programs installed on your personal and company devises as work in progress. The most popular platforms, apps, and programs are constantly being reverse engineered by cybercriminals to look for loopholes which they can then exploit for their own personal gains.
When these threats become known, the vendors of these apps and programs will issue updates and patches to provide their customers with the necessary protection required against this new threat. You should always make sure that each app or program has automatic permission to update for ongoing comprehensive cover.
A firewall is your friend
A firewall is a type of electronic fortress around your computer and your network which stops people and companies trying to gain unauthorised access to both. While it is important that your desktops, laptops, and smartphones are protected by the firewall, it’s also important that any other device connected to the internet is protected as well – devices could include webcams and smart thermostats. More often that not, “internet of things” (IOT) devices are not provided with inbuilt security making them easier points of entry to your wider system if they’re not protected by a firewall.
According to AV Test, there are over 600 million viruses which have been written (or automatically rewritten in an attempt to evade detection) to target computers and networks operating on the Windows platform. Antivirus software is updated on a daily (and sometimes hourly) basis to provide users with protections against any current threats and to scan your hardware for any legacy threats that have got past your system’s defences prior to the installation of the anti-virus software. As with keeping your general software up to date, always make sure that you allow your anti-virus software to update automatically.
Be wary of public Wi-Fi
“’All wifi networks’ are vulnerable to hacking, security expert discovers” reported the Guardian back in 2017. We wrote about this recently in an article called “Cyber-resilience – the 6 biggest threats right now for legal” where we examined how a “bring your own device” policy could expose your firm to security vulnerabilities. That’s because, according to Kaspersky, a quarter of wi-fi hotspots are “waiting to be hacked.”
The safest approach to take when using public wi-fi is to consider that there may be an opportunist logged into the same network trying to hack into your device. You should be very careful about using online banking or logging into your legal firm’s computer network or cloud. Any interception by a bad actor will put your emails, passwords, clients’ private documents, and more at severe risk.
Never drop your guard
As with previous years, never drop your guard. Try to stay informed on cyber-security and take advice from experts on the best way to protect your interests and your clients’ interests. Any link that your personal devices have to your firm’s corporate network or cloud puts you and your colleagues in danger without taking the necessary precautions.
To speak with one of our team about personal device security, call us today on 020 7036 8530 or email us.
What is cyber security? Check out our cyber resilience solution to find more information.