Most people think improving their cybersecurity will take large amounts of time, energy and patience (not to mention money). Fortunately, they're wrong.
In an attempt to prove it to you, Systems Engineer Charles Koo will offer one tip a week for the next five weeks. (Or you can download this article containing all five and complete them in one week – or even one day.) These information security tips – if applied during that week and used consistently beyond – will quickly and inexpensively bring your law firm or organization's cybersecurity into 2017.
For our first suggestion, we revisit a security policy that is often missing or poorly executed: strong passwords.
Day 1: Manage Passwords Effectively.
Spend your first day helping the firm establish solid password practices and giving members tools to securely manage their passwords. We know we should use long, complex passwords, but many find the practice a nuisance. People either write down their passwords or use the same password for multiple accounts to save time remembering various passwords. These practices should be discouraged at your firm. When you hear in the news that a major company was hacked and millions of passwords stolen, hackers understand many people reuse passwords for other accounts. They will then try targeting Yahoo, Hotmail, Gmail, LinkedIn, Facebook and banking sites, among others. Help users with original ideas for using sentences that are only known to them as their passwords or other ways of being creative. Encourage members of your firm to use tools such as KeePass to manage passwords and store them in a highly encrypted database. In addition, consider using two-factor authentication (such as Duo, Google Authenticator and RSA tokens).
In fact, we consider two-factor authentication to be a law firm must-have now. Learn more about it by contacting us.
Next week: Run Security Patch Updates and Create a Schedule for Future Updates.
Read the full article with all five tips here.