Can You Keep a Secret? A 10-Question Law Firm Security Quiz

Take this 10-question quiz to find out where you fall on the security spectrum.

Are you secure, or are you screwed? Answer the questions and count your “no” responses. We’ll score and rate you after you respond.

  1. Do you mandate a password change by all system users for everything frequently (every 30–60 days, including e-mail, practice management system, document management system, etc.)? Yes/No
  2. Do you use two-factor authentication for accessing all of the above? (If your system doesn’t offer two-factor authentication, then you should ask for it). Yes/No
  3. Do you encrypt and password protect all devices (laptops, phones, tablets)? Yes/No
  4. Do you have confidentiality agreements with all contractors/outsourced functions, etc.? Yes/No
  5. Do you impose the same security requirements on outside contractors as employees? Yes/No
  6. Do you automatically connect via Virtual Private Network on external connections (especially public Wi-Fi)? Yes/No
  7. Do you mandate that laptops/phones/tables have firewalls turned on? Do you audit same? Yes/No
  8. Can guests overhear clients’ names being spoken while visiting your office? Yes/No
  9. Is your office secure from outside visitors after hours? Yes/No
  10. Do you have confidentiality agreements with the janitorial personnel? Yes/No

Now count how many “no” responses you recorded, and we’ll see how you rate.

Why You Should Care About Your Results

Keep in mind that this quiz is very basic. It does not attempt to cover all issues. We’re not going deep into network or server security. This is a simple, surface-level quiz. If you’re struggling at this level, then you’re in deep, deep trouble.

What will happen if you screw up? The best bet is that you’ll lose a client and take a reputation hit. The word will be out that clients’ secrets aren’t safe with you. That’s a problem when you’re in the secret business.

It could get much worse. It could end up in the local news. Let’s say your notes from your conversation with the state senator get revealed. He admitted to a sexual liaison with the governor. Your notes say it was the “best afternoon of my life.” How’s that going to play out for you?

Or even worse. What if your state bar is paying attention to data-security issues and decides to suspend your law license? That might crimp your style.

Did losing your license while playing a major part in a sex scandal involving the governor get your attention? I hope so.

What Does Your Score Tell You About Your Security?

Let’s score this thing:

One “no”: Not bad. Fix the one thing and then go deeper. Start looking at your procedures for wiping and disposing of old devices. Be sure your cloud-based services and your local servers are secure. Check your phone system for access issues. (Who’s listening to your voicemail other than the National Security Agency?)

Two “nos”: You can fix this. Get to work and lock things down. Someone in your practice needs to start focusing on security. It’s a mission-critical job now.

Three or more “nos”: Pick your preferred approach. First option: Give up completely and surrender your law license. You’re going down, and you might as well get ahead of it before they come for you (you’ll probably be happier anyway). Second option: Get some outside help. Find a technician and/or consultant who can help you and put him or her to work (after the tech signs a confidentiality agreement).

It’s easy to put security on a back burner when everything thing else is on fire. Unfortunately, the impact of a breach is powerful and long lasting. We’re going to hear about the big breach when a large firm gets attacked, secrets get revealed, and it destroys a Fortune 100 company. It’s coming—soon.

When it happens to you, the impact will be less public but no less traumatic. The breach will bring you down. It’ll embarrass you, cost you money, and, conceivably, cost you your license.

You’re a cautious person. You buy insurance for your health and for malpractice. You take continuing education courses to stay up-to-date. You check the safety ratings for cars before you buy, and you look at the sanitation grades in restaurants. Be cautious about this stuff too. Educate yourself. Take control.

Your data, and the loss of it, affects your life now more than ever. Secrets are what we do. Secrets require effort to protect. That’s especially true when we involve others in our work. Are you good at keeping a secret?

Written by
Lee Rosen
I founded ❯ grew ❯ sold a multi-million dollar firm remotely from 100+ countries. The article you just finished is from The Friday File. It's your weekly nudge from working in your practice to working on your practice. Isn’t it time to build the law firm you deserve? Transform your law practice and your life. Start with the Friday File email. Every Friday morning, join 11,000+ lawyers working On instead of In their firms. You’ll find safe, successful, actionable approaches for your law practice. Every Friday File email saves you time and makes you money. Click here to join.

Start typing and press Enter to search