Data Security for Solo Attorneys Part 2

Most solo attorneys are their own IT departments, which means they are responsible for their own data security.

Along with better passwords and backups, here are some additional ways to keep things locked down.

Use two-factor authentication

The name says it all. In order to access your e-mail or cloud data, two-factor authentication requires a password and another method of authenticating who you are. In most cases, this involves sending a text message to your cellphone with a 6-digit code.

If you wish, you can “authenticate” a device for up to 30 days. But anytime you try and access your account from a new device, it requires a new code. For example, your work computer can be authenticated for 30 days, but if you log on from home computer it will require entering a new code sent to your cellphone. That provides nice protection against someone trying to remotely hack into your account.

Gmail and Dropbox are the two most familiar names that now offer two-factor authentication, but more and more services are offering it as well.

As a side note, it’s a great time to use a password manager like LastPass. LastPass just added a sentry feature, which means they automatically search through lists of of knowingly leaked usernames and passwords. Pretty sweet!

Setup multiple user accounts on shared computers

Any computer that you use for work that is also accessible by others (family usually) should have multiple user accounts. One for you as a work account, and another one for anybody else. This is not an issue of trusting your spouse or your kids. And it’s not about justifying why nobody would ever want to read files for “boring transactional accounts.” It’s about making sure your client data is secure.

If you use Windows, here is how to setup multiple accounts. If you run OS X, you can watch this video to learn how to get this setup.

One important caveat—when you setup a new user account, you get to choose what files other users can access. Make sure that other users cannot access your client files.¬†Otherwise, the purpose of establishing multiple user accounts is defeated.

Buy a safe

Yeah, I’m cheating a bit, but hard copies of documents still count. A locked file cabinet is nice, but you can pickup a sturdy, heavy, and hopefully fireproof safe for around $150. Even if you have a relatively small office (like many solo attorneys), you can fit a safe behind/under your desk.

In today’s digital age it’s easy to forget about physical evidence. In some situations, a duplicate or scanned copy will work. But if you have access to the originals—keep them safe (pun intended). There’s this whole “spoliation” issue that could become problematic if you just leave things laying around. Or if tell your clients to take “really good care” of that super-important document and they lose it.

For $150, that’s money well spent.

Take fifteen minutes to batten down the hatches

You can instigate all of these changes within 15 minutes, and that’s even giving you time to troubleshoot. That is time well spent, and it might even help you sleep better.


Leave a Reply