If your firm chose to go all-in on Apple devices and technology for their better security, you made a great choice. However, just because Macs have a higher security rating than PCs doesn’t mean you don’t need added protection. As a law firm you must protect your clients’ and your own data.
To begin, your firm needs to establish a standard cyber-security policy that is adhered to across the board. If you haven’t already, create one (if you’re not sure what should go into one, message us). It’s imperative to maintaining security.
Reader’s Disclaimer: While we aim to keep it simple and straightforward, security is a crucial issue for your organization. Everything offered in this blog is a great place to start but to cover all your bases, follow these steps with a full security audit and consider bringing in a security specialist to consult with.
Now you can start with the following steps.
Protecting Your Law Firm From Cyber Attacks
1. FileVault
This Mac feature is the built-in solution for security. It encrypts and decrypts data automatically as it is added to the hard drive but – and it’s a big but – encrypting a file only protects the files against theft when people don’t have your account information. The new OS of any Mac should automatically have FileVault enabled but to double check go to System Preferences > Security & Privacy, and click on the FileVault tab. If FileVault is not enabled, enable it and store the Recovery Key.
That being said, it isn’t a one-size-fits-all solution – there are many others that might be a better fit for your firm.
2. Firewall
Apple’s Firewall feature blocks incoming connections to unauthorized apps, programs and services. Once activated, this helps protect your firm’s data and your client’s data. Go to System Preferences > Security & Privacy, and click on the Firewall tab, then click enable. IMPORTANT NOTE: the firewall isn’t enabled by default because unused ports aren’t open by default. Windows, for better compatibility, leaves a bunch of ports open – which is why their firewall is enabled from the beginning.
3. Lock your screen and make sure you use a password
These seem like no-brainers but security requires attention to every detail. Get yourself and other team members in the habit of locking your screens every time you step away from the computer. Additionally, make sure you don’t have an auto-login feature enabled or a user account without a password.
4. Encrypt local backups
Whether you are using a local external hard-drive, in-house server or cloud-based backup system, you need to make sure your data is encrypted. For Time Machine, go to System Preferences > Time Machine. With your backup drive connected, click on “Select Disk ….” Check the box that says, “Encrypt backups.” For other backup types, review encryption systems with the server or cloud manager.
Don’t like Time Machine or know what else is out there? We can help.
5. Sharing services
With Macs, sharing is caring. Apple has made it easy to share files, photos and more between users but you don’t want the sharing of your sensitive information. Go to System Preferences > Sharing to manage your sharing options. This page from Stanford.Edu (https://pangea.stanford.edu/computing/macintosh/security.php) has a good breakdown and recommendations for sharing settings.
6. Use a VPN
A VPN, or Virtual Private Network, allows you to hide your actions on the web by rerouting your IP address and encrypting your information. This feature is especially necessary if you will be doing any secure work outside of the office or on a public WiFi network. It’s also a smart idea for your phone (that has business email on it).
Follow these steps as a first line of defense to ensure that you are protecting your data and your clients’ information, but there is really a lot more to developing a comprehensive security policy.
Your firm’s cyber-security is no issue to take lightly. If you need additional security or help with utilizing the security features of your Mac, we’ve got you covered.
