Four Steps to Better Law Office Security

Attorneys can improve their online security

Law Office Security:  Four Easy Steps to Improve Yours 

Solo and small law offices generally lack the resources of larger corporate law firms. One of those resources is “the IT guy.” Information Technology (IT) professionals help keep corporate firms’ sensitive data secure by using various tools, technologies, and techniques.

As a solo or smaller firm, you wear a lot of different hats, and the IT hat may be one of them. Below are four easy steps to improve your law office security and protect your data.

Step 1:  Use Different Passwords

How many systems, applications, and websites do you access in order to do your work? Most attorneys use at least five online resources. Rule Number One: Use a different password for each of them. Why? If one of those accounts is hacked, your other accounts won’t be at risk.

Step 2:  Strengthen Your Passwords

One of the most popular passwords is the word password, trailed closely by 12345678 and similar variations. In case you didn’t know this intuitively, simple passwords are ridiculously easy to hack. For better law office security, use passwords that are at least 10 characters long, with a combination of upper and lower case letters, numbers, and special characters ($ & # @). And if you’re worried about how to remember all these different passwords, don’t be. It’s OK to write them down and tuck them away in a secure desk drawer that you lock at night—or use an online password manager tool.

Step 3:  Change Your Passwords

Basic law office security includes changing all of your passwords every three months. However, if you follow steps 1 and 2 above, every six months is OK. But keeping them the same for a year or longer is probably pushing it. If you decide to use an online password manager to keep track of all of your passwords (and keep them secure, too), an added convenience is that the tool will also remind you when a password needs to be changed.

Step 4:  Accept Two-Factor Authentication

Have you logged in to one of your online resources recently and been asked to provide a mobile number for security purposes? It’s probably for two-factor authentication, which involves texting you a code after you’ve entered your username and password, then entering the code in the field on your login screen. Boom, you are safely logged in! This simple procedure is not nearly as inconvenient as it sounds and adds an extra layer of security.


Watch for more law office security tips in future articles right here on our Blog for Attorneys.

You can also find guidance from the National Cybersecurity Alliance at And when was the last time you backed up your data? Read our short article about the security benefits of backing up your data on a regular basis.