In today’s digital age, perhaps the most transformative IT trend is the adoption of mobility and bring-your-own-device (BYOD) strategies into the business of law. Every attorney has a favorite device, whether smartphone, tablet or laptop, and increasingly, those devices are finding their way from the office into the boardroom and the courtroom. While the efficiency gains of BYOD can be tremendous, when firms don’t take proper measures to safeguard information privacy, the security risks can be disastrous. 
 
According to the 2013 Verizon Data Breach Investigations Report, social engineering attacks designed to steal account credentials were the most often used technique carried out to gain access to endpoint machines and then pivot to systems containing more sensitive data. 
 
While we’ve all heard that using the same password for multiple accounts is dangerous, both personally and professionally, 65% of people still use the same password everywhere.  Password strength is another concern as 90% of employee passwords are crackable within 6 hours. In 2014, the top 5 most common passwords were: 
 
  1. 123456
  2. Password
  3. 12345
  4. 12345678
  5. QWERTY 
     
How can a law firm mitigate the risk of a security breach and protect their confidential case and client data? Enter two-factor authentication. 
 
Two-factor authentication adds a second layer of security and verification to basic log-in procedures. Without two-factor authentication, you simply sign into your favorite websites, applications and programs with your username and password. If your password is compromised, then your account, and subsequent data/network, is left exposed. Two-factor authentication verifies your identify using a second factor (such as a code sent to your smart phone or email) which prevents anyone but you from logging into your environment, even if they know your password. 
 
You may be familiar with two-factor authentication from your Gmail or Yahoo mail account – both sites offer two-factor authentication when you log in from a new device by requiring that a six digit code verification be sent to your phone and entered prior to login. 
 
For law firms, adding an additional layer of access security helps to mitigate the risks of exposing client data and breaching ethical and regulatory requirements. When looking to implement new software, applications and technology for your firm, be sure to check with potential vendors to ensure they offer two-factor authentication. 
 
For more information on how to safeguard your case and client data call 1-800-726-3339 or visit www.abacuslaw.com