Skip to main content

3 Reasons Your Law Practice is Attractive for Hackers and What To Do About it

April 26, 2014  |  1 min read


It wants your precious data.

You may not realize it, but your law practice is uniquely designed to be highly attractive for hackers. Of course, you didn't set out to make your practice a hacker's paradise. No one does. Here are three reasons your law practice is at risk for hacking:

1. Concentration of sensitive documents

Large law firms tend to hold significant accumulations of private financial information, including due diligence materials, negotiation strategies, specific details on technological secrets, and many other critical items. In a globalized corporate environment, such materials as these can be worth millions of dollars to foreign intelligence interests.

2. Law firms have notoriously poor data security

Lucy Thompson, Chair of the ABA, points out (PDF link) that information released to law firms often enters an unguarded arena: “It’s possible the information comes from a very secure source, a company with very good security. Then it goes to a law firm, and who knows what kind of security they are going to have.”

3. Information is pre-sorted for value

Large companies accumulate vast quantities of documents, most of which have no usefulness to cyber-criminals and corporate spies. A company’s outside counsel, however, will only possess materials with the greatest sensitivity and value, so the interested hacker doesn’t have to sift through mountains of unrelated material.

Achieving data security is not deeply mysterious, however, and for most law firms it doesn’t require an enormous investment. Following a few well-defined steps can go a long way toward protecting your client data. The steps you can take now to prevent hacking are:

  • Minimize storage locations (consider cloud)
  • Protect stored data (encrypt at rest)
  • Protect data in transit (SSL, SFTP)
  • Secure devices (strong passwords)
  • It’s important to keep in mind that the chain of data security is only as strong as its weakest link.

Read our previous post to learn about more ways to prevent hacking:
4 Ways To Prevent Your Client's Data from Getting Hacked