Byte of Prevention Blog

by Dan Pinnington |

Avoiding Cybercrime Dangers: Be Safer When Using Remote Access and Public Computers

Pin on Pinterest Share on Google+ Share on LinkedIn

Secure access[This post is the eleventh in a series. The original post can be found here.]

Being able to access your work network while you are out of the office can provide increased productivity and flexibility. However, opening your systems to remote access creates a number of security risks as external network connections are a ripe target for cyber criminals. And you should think twice about using public computers for firm work.

Setting up safe remote access

There are many tools that allow you to easily set up remote access (e.g., PCAnywhere, GoToMyPC, LogMeIn, TeamViewer, SplashTop). If properly configured, these are suitable for a smaller law office or home setting. Virtual private networks or VPNs may make remote access more secure. A VPN is a network connection constructed by connecting computers together over the Internet on an encrypted communications channel. VPNs are secure and fast, but may be expensive and harder to configure.

Securing remote access may require a degree of technical knowledge and advice from a computer expert. To make your remote access safe, you must secure your network and your remote access devices.

Do the following to secure your network:

  • Use a firewall and security software to keep out unwanted connections.
  • Only give remote access to people who really need it.
  • In order to protect sensitive information, restrict the type of data that can be accessed remotely.
  • Make sure all computers connecting to your network, including personal home computers, have up-to-date security software installed.
  • Review firewall and other server logs to monitor remote access and watch for unusual activity.

Do the following to secure remote access:

  • Ensure installation of remote access clients is done properly.
  • Restrict access to the minimum services and functions necessary for staff to carry out their roles.
  • Ensure that all staff use strong passwords on devices accessing your network remotely.
  • Change remote access passwords regularly.
  • Make sure that staff do not set their devices to login automatically and that they never store their passwords on them.
  • Use strong authentication that requires both a password and token-based authentication.
  • Have a formal remote access policy that clearly describes what staff are to do or not do with remote access.
  • Delete staff remote access privileges if they are no longer needed, and immediately when a person leaves or is terminated.

The extreme dangers of using public computers

Public computers in libraries, Internet cafes, airports, and copy shops are an extreme security risk. While you can take steps to reduce these risks, it is still very dangerous to access sensitive client information on them. Start with the assumption that most public computers will have malware on them and let this govern your activities accordingly.

The following steps can reduce some of the risks associated with public computers:

  • Try to turn on the “private browsing” feature.
  • Watch for over-the-shoulder thieves who may be peeking as you enter sensitive passwords to collect your information.
  • Uncheck or disable the “remember me” or “log in automatically next time” option.
  • Always log out of websites clicking “log out” on the site. It’s not enough to simply close the browser window or type in another address.
  • Delete your temporary Internet files, cookies and your history.
  • Never leave the computer unattended with sensitive information on the screen, even for a moment.
    Never save documents on a public computer.

These measures will provide some protection against a casual hacker who searches a public computer you have used for any information that may remain on it. But keep in mind, a more sophisticated hacker may have installed a keylogger to capture passwords and other personal information entered on a public computer. In this scenario the above steps won’t prevent your information from falling into the hands of the hacker. This is why it is not a good idea to access sensitive client information or enter credit card numbers or other banking information on a public computer.

Dan Pinnington is the Vice President of Claims Prevention at practicePRO. This article first appeared in the December 2013 issue of LawPro magazine. Reprinted with permission. For more cyber safety tips, visit www.lawpro.ca.

About the Author

Dan Pinnington

Dan Pinnington is the Vice President of Claims Prevention at practicePRO. This article first appeared in the December 2013 issue of LawPro magazine. Reprinted with permission. For more cyber safety tips, visit www.lawpro.ca.

Read More by Dan >

Related Posts

LM Portal Access your LM Portal for policy information and forms.
Need Insurance? See the difference service can make.
Payment Due? Make an online payment now.
Lawyers Mutual NC Logo

Get In Touch

Lawyers Mutual Insurance Company
1001 Winstead Drive, Suite 285

Cary, NC 27513

919.677.8900
 | 
1.800.662.8843

Fax: 919.677.9641

Latest Alerts

The Corporate Transparency Act: What North Carolina Law Firms Need to Know

Lawyers Mutual has published previous alerts regarding the new filing requirements under the Corporate Transparency Act (“CTA”) that went into effect January 1, 2024. After reviewing additional resources, we want to emphasize concerns that we have about the risks and increased potential liability for lawyers undertaking the reporting requirements. This is especially true for the continuing reporting requirements after entity formation and initial reporting.  

Learn More

eCourts Expansion Announced for 2024

The North Carolina Administrative Office of the Courts (NCAOC) recently announced additional go-live plans for counties transitioning from paper files to Enterprise Justice (Odyssey), which currently serves Harnett, Johnston, Lee, Mecklenburg and Wake counties. Twelve northeastern counties comprising Track 3, as previously announced, will go live on February 5, and 10 counties comprising Track 4 (Alamance, Chatham, Durham, Franklin, Granville, Guilford, Orange, Person, Vance and Warren) will go live on April 29.   

Learn More