Cyber Security

All members are reminded of the risk for legal practices with respect to sensitive data and trust account funds. Firms should consider what can be done to manage the risk and reduce your risk profile

Steps you can take to protect your business include:

  • Always verify account details verbally before processing funds transfers and ensure the number you are calling is legitimate
  • Implement multi-factor authentication (MFA) for banking and email – MFA can be installed relatively easily and is one of the best ways to protect your business by providing an additional barrier for hackers to overcome to gain access
  • Provide training and information to employees about cyber threats and how to avoid them
  • Use strong passwords
  • Back up your data regularly
  • Check your IT systems for any suspicious email rules (eg redirecting email communications)
  • Ensure your email security software, antivirus and firewall protection is up-to-date and turned on, and conduct regular cyber security audits – ask for guidance from your IT support team
  • Ensure all security systems are updated regularly and that the applications you use are the latest version
  • Check your trust accounts regularly and report any suspicious activity to your bank as quickly as possible
  • Ensure you have appropriate cyber risk insurance in place, but remember that cyber risk management comes first!

Read more about email scams and alerts from the Society.