🔒 Cybersecurity for lawyers

• Change all default passwords
• Disable access from the Internet
• Make sure someone in the firm has the admin usernames and passwords, or admin access
• Have a means of preventing former staff from connecting to your network
• Only offer secure guest access

If your network equipment comes with default passwords, make sure you have changed them.

If someone is able to access your Wi-Fi equipment, or your router, they could easily control the traffic on your network.

Unless you specifically need it (in which case, set it up securely), disable access to you Wi-Fi equipment / router from the Internet.

Especially if you outsource your IT support, make sure someone in the firm has either a copy of all the usernames and passwords, or else admin access, and other information necessary to configure and control your Wi-Fi (and other elements of your firm's IT, for that matter).

You do not want to find that, if your IT support provider ceases to support you, you are unable to manage your network.

If you have “enterprise grade” Wi-Fi equipment, you are probably authenticating users to your network by unique usernames and passwords, which can be readily revoked.

If, however, you are using consumer-grade equipment, and are using a common password for access to your Wi-Fi network, you'll need to think about how you deal with someone who leaves the firm: how do you make sure that they cannot continue to access your network. This might entail changing the network password, and distributing the new password to all remaining members of staff.

Offering guests — including clients — access to Wi-Fi may be nice, and perhaps even expected.

Only let guests connect to a network which is segregated (logically or physically) from your office network.

If you cannot do this securely, you are better off not offering it at all.