Table of Contents
🔒 Cybersecurity for lawyers
The wiki is a primer for lawyers on practical cybersecurity, to improve the security of your law firm. It is run by Internet, tech, and telecoms law firm, decoded.legal (decoded.legal on Tor).
It is aimed mainly at lawyers in small law firms, without security expertise readily available.
It is a wiki so, if you want to contribute, please do.
If you want to access this site within Tor, it is available as an .onion service.
This is free, and at your own risk
This site is not a substitute for taking your own, expert, advice, and not all guidance will suit your needs or threat model. If you face particularly severe threats, or attacks aimed specifically at you, get professional support.
It is not a complete guide. There will be threats it doesn’t mention, things some might do differently, and simply differences of view as to the best way to do something.
Basically, if this helps you, great. But whatever you do or don't do, it's all at your own risk.
Everyone's skill level varies
Everyone's level of technical skill varies. If you are not confident implementing guidance which is relevant to your needs, take advice.
Not all the guidance will suit your needs or threat model
The security that's appropriate for your needs will depend on your own specific situation. Hopefully, the information here is useful, and helps you head in the right direction. But it's a free online resource, written by people you do not know, so you should not trust it.
Implementing this will not make you unhackable
It will, hopefully, make you more secure, but it will not make you unhackable. If you want more assurance than you get from a free website, take professional advice.
Where should I start?
The sensible starting place is "Thinking about security" and then "Identifying risk and prioritising your approach".
If you have a heard a term and you are not sure what it means, check our Glossary.
Otherwise, jump straight in to what you want.
I want to...
- use alternatives to email (including file transfer tools)
- secure my Internet traffic when working remotely: VPNs and Tor
- get some help with passwords (including password managers)
- secure my documents (including wiping metadata)
Can I help?
You can read this site without registration.
If you want to edit or add to this site, you'll need to register an account. You'll be sent an email with a default password, which you will need to change on your first login. You will also set up authentication code for the two-factor authentication.
Although registration is automatic, you won't be able to create or edit anything until Neil has approved your registration. This approach is, hopefully, a trade off between convenience of registration and minimising spam / vandalism.
Can I promote my own product or service
No. If it's that good, one of your users will hopefully add it.