KT Connections Blog

By accepting you will be accessing a service provided by a third-party external to https://ktconnections.com/

Is Your Legal Team Following Security Best Practices When Working Remotely?

Is Your Legal Team Following Security Best Practices When Working Remotely?

If you’re fortunate enough, you may be one of the South Dakota businesses in an industry that is capable of having your staff work from home. Fortunately, law firms tend to fall under this designation. While this allows you to remain productive, according to South Dakota’s data protection law, your business still has a responsibility to secure your clients’ data, even if your team is not in the office. Is your remote team up to the task?

What is the South Dakota Breach Notification Law?

S.B 62 outlines the steps and requirements organizations in South Dakota must follow if there is a data breach. Following are the types of data that, if breached, must be reported:

  • Social Security numbers, Driver’s license numbers (or other government-issued identification documents)
  • Credit card, or debit card numbers w/ required security or access code, passwords, routing numbers, PINs, or other information permitting access to a financial account
  • A name in conjunction with “health information” (as defined under the Health Insurance Portability and Accountability Act or HIPAA)
  • An employer-assigned identification number w/ required security or access codes, passwords, or biometric data used for authentication purposes

As many businesses find themselves needing to support a remote workforce, the greatest threat to keeping their data secure will always be their team of people. When working from home, it’s possible each team member is doing their own thing and possibly using their own personal device. What are they doing to secure that device? Who is using it after hours?

There are a lot of variables in play, and data security is critical for organizations responsible for sensitive information, such as law firms and medical organizations.

That Said, Legal Professionals are Well-Suited to Work Remotely

While many businesses have struggled to transition to remote working, the legal profession is well-suited, due to leveraging technology such as; mobile devices, Software-as-a-Service, and secure web-based technology allowing legal professionals to work from virtually anywhere. These tools can be used to support social distancing guidelines in ways many other industries are unable to. For example:

  • Law firms can create documents with e-signatures, removing the need for clients to come into the office to sign documents.
  • Scanning paper documents into electronic records provide your business with a few advantages when it comes to data security. For example, electronic documents are more easily retrieved in the event of a business-damaging disaster. Furthermore, as they live in the cloud, team collaboration and access is convenient since documents are always accessible. Microsoft 365 is just one solution to facilitate team collaboration.
  • Lastly, taking advantage of video conferencing tools such as Zoom, allows your team and clients the ability to communicate from their respective locations.

While law firms are great candidates to transition to and support a remote workforce, one area of concern remains in how your remote team handles client data.  

Data Security Best Practices for Law Firms

With the penalty for data breaches reaching into the thousands of dollars, it is in your best interest to ensure remote workers are compliant. While issuing mobile hardware can be straightforward and workflow compromises made to get a remote team up and running; data security cannot be compromised! As we know, your team will often be the weakest link when it comes to data security, so it is critical you support your remote workers and enable best practices especially when they are not in the office.

These best practices include password management, firewall protection, data backup, zero-trust, and finally, continual security training for your staff.

Password best practices:

Configure Firewalls: A firewall, whether software or hardware-based, is one of the most essential pieces of equipment your remote team will need. If your budget allows and depending on how sensitive your client data, consider investing in more than a firewall, consider a UTM (Unified Threat Management) device, which provides a wealth of data security benefits in one package.

A Data Backup and Business Continuity Plan is your best bet to ensure your remote team’s data remains backed up and accessible. Particularly during this stressful time when a disaster is a reality, you need to have a plan to have your data protected regularly and secured.

Invest in Staff Training, because the ugly truth is your team will only use the level of due diligence they use to keep their own data safe. Unless they are trained in best practices you may find your network under attack, as your team’s bad habits expose your network to cybercriminals. If your business suffers from a data breach, there’s a chance you won’t be in business six months later.

Communication Is Key To Success

With consistent communication and best practices in place, clients will be confident your firm can provide the level of service they expect during moments of crisis regardless of the circumstances.

At KT Connections, we offer hardware services, Microsoft services, and cloud IT solutions that can provide your firm with substantial value and peace of mind, in and out of the office. For more information about our flat-rate IT management services, or the solutions we use to make organizations like your law firm run more efficiently, call us today at 605-341-3873.

Storing Data Is a Miracle of Physics That We All P...
Tip of the Week: Easing the Shift Between Remote a...