Who’s minding the store—of information? In a law firm, decisions must be made constantly or nothing would get done. You’ve made countless decisions on what type of law to practice, your location and who to hire. Your whole operation, however, relies on your computer system and the internet to operate on a daily basis. You might even be paperless. You have ethical and legal responsibilities to safeguard the confidential information that is stored on your computer system for your clients and must ensure that only the right people have access to the system.  This article explores managing cybersecurity from a law firm management standpoint.

Cyberinsurance

You should have cyberinsurance. Case closed. The cost is relatively modest and the benefits extend beyond payment of benefits to helping manage issues you may have before they become more costly. Obtaining the insurance is likely to require you to fill out an extensive application. If the insurance does not require you to do so, it may not be the best insurance solution. When buying life insurance, if you are not a smoker, you don’t want the same insurance rates as smokers. When buying cyberinsurance, you would want to be insured with entities that are proactive in protecting their systems. The application will most likely pose questions regarding password strength, backup frequency and location, encryption, multi-factor authentication, etc. If you have to do a lot of work to be able to give favorable responses in the application, your current computer consultant has not really been providing cybersecurity and you may need a different consultant. You should be at a point where your IT infrastructure is strong enough so that you can provide favorably honest answers on the application which will, of course, lead to a better insurance rate because you are less likely to make a claim, but also make you feel comfortable you are sufficiently protecting the information in your custody.

Switching Your IT Consultant