Stupid Simple Security Tips #11 – Securing External Accounts: Overview
Once more unto the breach, dear friends.
Our last security tip provided simple steps to guard against breaches of your internal data…but responsibilities to your firm and your clients do not end at the local firewall.
With so much of your practice’s legal, financial, and privileged information stored in the cloud or shared with vendors whose security protocols are beyond your control, it’s equally important to optimize protection of your data when it resides outside your network.
Take a minute to consider all of the remote services employed in managing your cases and business: file sharing/storage, discovery review platforms, IT providers, banking, bookkeeping, marketing partners – each possessing critical, private data from your firm and/or clients.
Now spend a few painful seconds considering how screwed (technical term) you’d be if any of them were hacked.
If you dare, next imagine the potential cascading catastrophes resulting from the exploitation of credentials gathered in those breaches. Yikes!
OK, ok – take a deep breath and steel your resolve; even if you can’t personally protect the integrity of these remote networks, there are several simple precautions you can take to secure accounts on them.
These include: always using unique passwords, enabling two-factor authentication on all possible accounts, vigilantly updating software and exorcising malware, and adhering to safe browsing practices.
I’m going to address the necessity and application of each measure in greater depth over the upcoming series of Stupid Simple Security Tips, so stay tuned to learn the best ways to keep your data safe both within your firm and without.
In the meantime, if you have immediate concerns about any of these practices (or just love spoilers), click here to send me an email with “Security” in the subject line and I’ll be happy to give you a head start.