Does your legal firm require staffers and attorneys to use spaces in passwords? Does your legal staff use passphrases to create strong passwords? Is anyone at your legal firm still using “password123” as a password? If you answered “yes” to the first two questions, congratulations, you’re on your way to great password health. If you answered “yes” to the third question, you and your staff need to read this article and implement its best-practices.
Legal Firms Can Protect Accounts By Creating Security Passphrases
How can your legal practice in New Jersey protect itself against hackers? By creating strong passwords. That may seem simple, but it is effective. Even better than a strong password is to require lawyers, paralegals and other staff at your firm to create a passphrase and to use spaces if the site allows it.
What does a passphrase look like? It could be:
- Ilove to eat pizzaeverysaturday
- snowis funto makeasnowmanin
- travelingtoicelandthis year
If you don’t eat pizza every Saturday and aren’t traveling to Iceland then these passphrases might be ideal for your business passwords. It is more difficult – exponentially more difficult – for a hacker to infiltrate the servers and computers at your law firm if everyone uses passphrases. If you’re using a passphrase or a computer-generated password, consider using a password locker such as LastPass, Dashlane or Robo Form to store those passwords. This is especially important as you don’t want to reuse these passphrases. On the off chance law firm’s site is hacked using one of your passphrases, the hacker will continue to use that same passphrase or password to get into your other accounts.
We realize having different passwords or passphrases for every account you utilize in the course of your legal practice can be annoying and time-consuming but ask yourself: How much risk can your legal practice shoulder if its accounts are hacked?
Hackers are getting more sophisticated and law firms are quickly becoming a favorite target for hackers. Why? Because many legal firms don’t have a dedicated business continuity and data recovery specialist on staff or on retainer. Many law firms rely on the “IT guy” and that can prove costly if your firm suffers a ransomware attack.
A hacker doesn’t need to sit in front of his or her computer and mount an attack on your firms. He or she only needs a computer program and that program will do the work for the hacker and mount a brute force and continued attack on your site.
Here are some tips for creating strong passphrases.
- Make it at least four words long (the more words, the better)
- Use spaces if the site you’re creating the password for allows that
- Use different passphrases for each site for which you need a password
- Don’t use phrases that contain personal information like: mywifesnameis Irma or wehave three dogs named fluffyspotandshadow. It is difficult for humans to be truly random but to protect your business it’s important you do.
- Change your passwords/passphrases frequently. In fact, set a reminder.
If you’re not convinced your law practice and its sensitive and private client data is safe from potential hackers, ransomware or a cyberattack, reach out to a BCDR professional today. Don’t believe, “it can’t happen to our firm” because it can.
I run an IT & Cyber Security Consultancy focusing on Business ContinuityDisaster Recovery (BCDR). We work professionals in many fields including legal and medical.
If you have security and business continuity and cybersecurity questions let me know. I am also filling up my calendar with guests on my Security Disciple Podcast. If you’d like to be a guest, please DM me @waregeeks, call (877) 653-7146, or email me firstname.lastname@example.org. www.waregeeks.com