Cybersecurity Hygiene Checklist

By Tech Summit

Cybersecurity Hygiene Checklist

PASSWORD PROTECTION

❑ Consider dual factor authentication

❑ Use complex passphrase with numbers, symbols and/or upper- and lower-case letters

❑ Never provide your password when requested by email or through a site. Contact the requester by phone and try to independently verify the legitimacy of the request

❑ Use a password generator and manager

PRIVACY

❑ Do not use public Wi-Fi

❑ Utilize VPN (virtual private network) as appropriate

❑ Require a password in order to access a thumb drive

❑ Encrypt documents as appropriate

❑ Cover the camera on your laptop and tablet

❑ Use up-to-date redaction software where appropriate (e.g., PDF documents)

❑ Keep work and private personal digital information separate

❑ Always manually log off of networks, websites, and email platforms when you are finished

❑ Periodically clear out cookies

❑ Do not link sites together so as not to share private information

❑ Consider faxing confidential information

❑ Consider use a credit card RFID (Radio Frequency Identification) shield

HARDWARE, SOFTWARE, AND OPERATING SYSTEMS

❑ Keep software and operating systems up to date

❑ Implement patches as soon as available

❑ Install software to scan for viruses

❑ Install a tracker to locate lost devices

❑ Install a program/app that can remotely lock or wipe lost devices

LAW PRACTICE MANAGEMENT

❑ Purchase cyber security insurance that covers social engineering

❑ Always maintain backup files in a secure location

❑ Consider encrypting server and/or backup

❑ Review cyber security audits of third parties or vendors

❑ Ensure backup is not connected to your system so as not to compromise its integrity in the event of a hack

❑ Create an incident response plan to be followed in the event of a hack – what to do, who to call, what to change

❑ Consider disclosing cybersecurity protocols and concerns in retainer letter

❑ Do due diligence on third parties and vendors with whom you are working

This checklist was developed by students in the spring 2019 Technology and the Law course, a collaboration between the New York State Bar Association Committee on Technology  and the Legal Profession and City University of New York School of Law

Six diverse people sitting holding signs
gradient circle (purple) gradient circle (green)

Join NYSBA

My NYSBA Account

My NYSBA Account