Cybersecurity for Law Firm Marketers: Tips, Tools, and Best Practices

Marketing departments are stewards of the firm’s online presence – from websites, intranets, and blogs to social media accounts and a slew of communication and cloud-based applications.

Here are practices you can implement to keep your digital marketing presence secure.

1. Use strong passwords – “password” and “123456” are among the most popular passwords. We can all agree that you shouldn’t use those. How about p@ssw0rD? No, that can be easily cracked too. Simply switching a letter to uppercase or a number or symbol is no longer secure. It helps, but you’ll need more. Some suggest a password entropy (the difficulty of predicting your password) of 24 characters. One way to remember a password that long is to use a phrase that inspires or challenges the marketing team, like “MakeEachD@yYourM@sterpiec3” (thanks, John Wooden). See: How a Password Changed My Life.

2. Use a password manager – This is no-brainer. Busy marketing teams have scores if not hundreds of passwords to juggle. Password managers such as 1Password offer end to end encryption, including one strong master password that only you know and which is needed to unencrypt your stored passwords. 1Password also has a “team” option which is great for sharing passwords, and more importantly, seamlessly changing them when a team member leaves.

3. Use fake answers to your security questions – Social engineering answers to security questions is easy to do in today’s hyperconnected, social-media world where we share everything. Your mother’s maiden name? Come on. Go ahead and choose that option, but make the answer unrelated. Like pumpkinpie! or @SunnySkies. How will you remember? I’m glad you asked. Use the aforementioned password manager to store your answers.

4. Use 2-factor authentication – Optimal security is not a convenient thing. And a login verification like 2-factor authentication falls into this category. However, with this enabled, even if someone manages to get ahold of your password, they’ll still need a verification code to access your account. It’s an extra step having to verify that you’re logging into a new device or website but it’s another layer of security that is essential in today’s mobile world where marketers increasingly handle updating blogs, accessing applications, and managing social media accounts.

5. Use a VPN – In Why Lawyers Should Never Use Starbucks WiFi, solo attorney Jeff Bennion, sounds the alarm:

“When you are working on a brief…or email a client, or download your client’s medical records or patent application, and you are on an unsecured connection, anyone who really wants to can take a peek.”

If you must use public WiFi, don’t use it without a virtual private network (VPN). A VPN is an application that creates a secure, encrypted connection. Cyber Advocate Bryan Focht breaks it down and gives his top 10 recommendations. Here’s a good article on how to set up a virtual private network.

6. Update your software – Software updates often contain a security patch. Whether it’s your WordPress website and blog, social media apps on your mobile device, or yet another Microsoft Office update, avoid vulnerabilities by updating right away.

A digital marketing strategy is essential for today’s firms to compete and grow. It requires the use of online applications and law firm marketers can help to keep their firms secure and client information confidential by implementing these best cybersecurity practices.