Top cybersecurity expert and Filevine’s VP of Information Security, Dean Sapp, shares his tips on keeping your information safe.

Cybercrime is still on the rise. The latest 2022 Verizon Data Breach Investigations Report found a 13% increase in ransomware in 2021  — an increase as big as the previous 5 years combined. 

Though legal professionals have an ethical duty to protect their client’s information, cybersecurity can feel intimidating and overwhelming. The latest ABA TechReport found that 17% of respondents said they had no security policies, and an additional 8% said they didn’t know any security policies. 

Our team at Filevine has built industry-recognized, best-in-class information security tools and technology to safeguard your data. But every firm and legal team should dedicate time and attention to building and strengthening their own security policies.

This Cybersecurity Awareness Month, take these 4 quick and easy steps to strengthen your security posture and significantly reduce the risk of a hacker targeting your data:

4 Actions You Can Take Today to Improve Cybersecurity  

1. Enroll in two-factor authentication (2FA) for your case management software and email.

One of the simplest ways to strengthen security is to enroll in two-factor authentication for your Filevine account, your email, and your mobile service provider accounts. With many forms of 2FA, when you log in to an account you are sent a time-sensitive verification code on your phone. 

Without 2FA, scammers only need to steal your username and password to access your sensitive information. But 2FA provides an extra layer of security by giving bad actors an additional obstacle.

2. Start using biometrics.

A password can be guessed, but a thumbprint or facial recognition profile is much more difficult to do so. Where possible, enroll in biometric security for your smartphone or mobile device. A biometric login, which typically uses a fingerprint or facial recognition, is far more secure than a username and password on its own. It’s also a faster way to log in.

The latest ABA TechReport found that about 11% of law firms are already using biometric login to protect their information. 

3. Change your duplicate passwords and usernames.

With so many accounts to sign into, it’s no wonder that we end up ‘recycling’ the passwords and usernames we can best remember. A 2019 Google poll found that 65% of respondents reuse passwords at least some of the time.

But every time you reuse a password, you make it more precarious. Scammers purchase compromised login credentials from the dark web and then test them on hundreds of websites to find people who reuse those credentials for multiple accounts. Your reused password becomes the skeleton key that opens multiple locks.

Don’t let them find you! Create unique passwords and usernames for each of your accounts. A reputable password manager can help you securely store your unique passwords and usernames so you can still access everything you need.

4. Learn about social engineering techniques. 

Even the most advanced security architecture is only as strong as its weakest link. Unfortunately, that ‘weak link’ is usually a person.

Social engineering refers to techniques to manipulate or deceive people into clicking on malicious links or giving away their login credentials.

Social engineering scams are the number one way cybercrime begins. It most often looks like a phishing email with a harmful link or attached document, or it could be a text message or a spoofed or compromised web page. Be wary of anyone who claims to be from IT services, alleges that there’s a virus on your device, requests remote access to your computer, or asks for a password or a one-time PIN.

No one is too smart to be tricked by scammers. But your best defense is regular education. Make sure you and your team are regularly learning about common social engineering tactics so you can spot malicious behavior.


Cybersecurity threats are always changing, and security efforts must be an ongoing process. But these 4 steps are a great place to begin making your information more secure. For support in this evolving landscape, learn how Filevine can help you protect your clients’ information.