Sharing passwords securely in a law firm – optional or a must?

Over the past few years the number of cyber security incidents against law firms were constantly increasing – confidential and sensitive information they hold became the most desirable, financially motivating goal for adversaries. Precisely, 23% of law firms in 2018 reported having suffered from a data breach.

Still doubting if you should worry or not? This brings us to another argument.

An average data breach for a law firm costs $1.1 million, downtime (a.k.a. no billable hours) and, worst, damaged reputation. This means, ensuring proper prevention today can protect your firm from all of that in the future.

Knowing that 3 out of 4 data breaches are caused by weak passwords, sharing passwords securely over a reliable password manager becomes an absolute must.

Outside your team – with clients and corporations

No law firm can afford losing clients’ trust. If an individual client or a larger corporation you represent asks you how to send you their passwords, there’s no way the ‘ email me’ can serve as a reasonable answer from a reliable firm. It will deter each cyber literate client from choosing your services instantly.

Your clients provide their sensitive, usually highly confidential information to you expecting it will be protected. And emails are the worst choice for that.

Here’s how to share passwords with your clients instead.

Add a client as a guest

In a password manager of your choice, add each new client or a corporation as a Guest. Since a password manager serves as a securely encrypted environment, sending a password via this channel will eliminate the dangers of password sharing via email.

Unshare passwords afterwards

Once the case is closed, there’s no need for you to keep access to that client’s data. Unlike emails – where once the password is sent, the data is always out there – in a password manager you can easily unshare a password, so nobody has access to confidential data for longer than needed.

Wrong email forwards, miscommunication or junior lawyers getting access to top-level clients’ data – does this sound familiar? Sharing passwords securely among the team members reduces the all-too-common risks of human mistakes, saves everyone’s time and increases productivity.

Here’s how sharing passwords securely with a team works in real life.

Add them as full team members

Make sure each member is added to the team password manager. This way, everyone can not only keep their own passwords protected, but also can share them with other team members in a protected environment. All it takes is just a few clicks to remove all data security doubts.

Hierarchy of access

If not all firm members need to get access to the top-level cases, use Multi-tier sharing to solve that. Share a client’s password with the senior lawyers only. Then, in case they’ll need additional help, they will be able to share the password with people they need by themselves.

Multi-tier sharing and unique item-based encryption ensure that passwords are delegated only to the people needed, not everyone in the team.

Pro tip

If you choose PassCamp password manager for sharing passwords securely, all your data will be protected with zero-knowledge proof and other advanced cybersecurity technologies. That means, neither us, the creators of PassCamp, nor the adversaries will be able to access your own and your clients’ sensitive data.