Cybersecurity with Tom Lambotte
As more and more law firms use technology, the cloud, and the internet, there’s a growing importance of cybersecurity for law firms. That being said, cybersecurity is oftentimes misunderstood.
Tom Lambotte, founder of GlobalMac IT shares these practical strategies to help you give extra peace of mind in terms of your company’s security:
1. The two-factor authentication
Once you activate two-factor authentication, you need a second factor to prove that you’re the one using the account. This can be in the form of a text message on your phone or a six-digit pin on your device, or sometimes, they might send you an email for verification.
2. Password management tool
Most people reuse them everywhere because it’s too hard to remember if they had to create a unique password for every single login. With a password manager, such as LastPass, it creates unique passwords for you, and it automatically stores them for you as well. You just need to know the primary password to log in, unlock, and decrypt the password management tool.
Additionally, they have a team-based solution that allows you to share a password with someone else so they can log in without seeing your password.
3. Policies and guidelines for employees when working remotely
Those guidelines are provided through an Acceptable Use Policy, a document you want to complete and have everyone in your team sign. It outlines what to do and what not to do when working remotely.
4. Dark web scanning
This system continuously monitors the dark web for compromised account data on your law firm’s domain or your company domain. This makes sure that your credentials aren’t popping up. And if they do, change the password as soon as you can.
5. Phishing simulation
Phishing is when someone sends you an email acting like they are someone else to breach data. Phishing emails are getting better and better and 28% of employees don’t have confidence in identifying phishing emails.
A phishing simulation is a software that allows you to identify security risks in your firm by sending out a phishing email to everyone on your team to find out who’s going to click on the link.
6. Cybersecurity training
This needs to be mandatory for everyone. Be careful with picking a cybersecurity training. Look for shorter videos and stories that are fun and engaging.
7. A layered approach for strong cyber resilience
Use different security layers by using all those strategies above. Make sure all your computers are up to date, and you’ve got virus scanning and DNS security software on your computers. Adding all those things together will give you a really strong cybersecurity approach.
If you want to learn more about cybersecurity best practices, check out Episode 033: Cybersecurity with Tom Lambotte.