Enabling Two-Factor Authentication Can Help You Keep Client Data Safe
Keeping your client data secure is one of your obligations as a lawyer, and keeping your personal data secure is just smart. One of the easiest ways to secure your data is to activate two-factor authentication for your most-used programs.
Two-factor authentication adds an extra layer of security to your passwords by requiring both your password and an additional set of expiring codes from your phone (or a program like Google Authenticator) to log into your account. Put another way, you can only get into your account by having a piece of information (your password) and a device (your phone), and an attacker isn’t going to have both of those things. This extra layer of security ensures that even if someone were to obtain your password, they would not be able to access your data because their act of entering the correct password would simply trigger a notification to your phone.
Many popular programs support two-factor authentication. A continuously updated list of programs is available at TwoFactorAuth.org. You’ll see that programs like Gmail, Dropbox, Square, and Evernote all support it. If you by and large use fairly popular programs for your email, data storage, and payment processing, you will find that all of them support—and even encourage—use of two-factor authentication.
The safety of your email is critical. If someone can crack your email password and take over your email, they can functionally change the password to many of your other accounts, as your email address typically serves as the way to verify a password change request. An intruder that gains that level of access could empty your bank account or hijack your computer and turn it into a spambot,
Arguably more important than securing your personal and financial data is securing your client data. Many law practice management software programs support two-factor authentication, including Abacus, Clio, MyCase, and Rocket Matter. Indeed, if you are shopping for new law practice management software, it would be irresponsible not to look for a program that is capable of two-factor authentication. Given the frequency with which large-scale hacks (such as the Equifax breach that exposed the data of 143 million people) occur, it is imperative that lawyers use the best security practices possible.
Two-factor authentication isn’t perfect—no security method is—but it can significantly decrease your chances of getting hacked, and you owe it to your clients to maximize your personal and business data security.
VIEWS AND CONCLUSIONS EXPRESSED IN ARTICLES HEREIN ARE THOSE OF THE AUTHORS AND NOT NECESSARILY THOSE OF FLORIDA BAR STAFF, OFFICIALS, OR BOARD OF GOVERNORS OF THE FLORIDA BAR.