The COVID-19 pandemic requires legal professionals to protect themselves from all viruses — cyber and biological — while practicing law remotely. According to Ruth Hill Bro, co-chair of the American Bar Association’s Cybersecurity Task Force, law firm employees working from home are appealing targets for cyber breaches, and the pandemic is creating opportunities for hackers and scammers. Experts like Bro have begun to encourage firms to perform risk assessments and complete all legal work on secure servers, using multi-factor authentication to access sensitive information.
“There are thousands of COVID-19 scam and malware sites being created daily.” — Ruth Hill Bro
While working from home, legal professionals may be accessing or transmitting confidential information concerning the firm and its clients. The inappropriate disclosure of sensitive information can lead to extremely negative consequences.
Cybersecurity Best Practices While Working Remotely
Although there is no one-size-fits-all approach for maintaining cybersecurity while practicing law from home, here are some ways legal professionals can protect their data from threats:
1. Ensure that devices have employer-provided security software with the latest manufacturer updates before accessing any remote systems. Additionally, when downloading sensitive data, be ready to provide additional credentials to gain access.
2. Stay home — don’t work from public places like coffee shops or while riding public transportation, where third parties might be able to view your screen and printed documents. It’s best to avoid public Wi-Fi, opting instead for secure, password-protected home Wi-Fi or a personal hotspot.
3. Save company materials on devices configured with company-sanctioned anti-virus software, password protection, and secure network connections. Gain remote access only through a virtual private network (VPN) with end-to-end encryption.
4. Be wary of emails originating outside of the firm that may be phishing attempts disguised as coronavirus updates or revised company policies. When in doubt, don’t click on any links in the email.
5. Conduct work-related communication on company communication systems, never via personal devices, or by posting on social media platforms.
6. Shut down (instead of restarting) your laptop to clear temporary files and run updates every day. Power off your company-issued mobile device every night to allow for a full reboot to clear harmful files.
7. If you believe that a possible data security breach has occurred, inform your organization’s designated security officer as soon as possible.
Cybercriminals are aware of and actively targeting attorneys who are remotely accessing confidential and sensitive information. However, just as wearing a mask and frequently washing your hands are critical steps to help stop the coronavirus spread, effective cybersecurity practices are essential in order to prevent cyberattacks and protect sensitive data.
To learn more about how you can effectively practice law from home, check out our compilation of resources: Litigate From Anywhere.