The legal services community has not been immune to cybersecurity incidents over the past years.  Indeed, a significant number of programs have been compromised and significantly impacted by cyber attacks each year.  As with the broader non-profit, business, and government communities, the incident rates and stakes are growing within our community.  To enhance security in the legal aid community, LSNTAP and Just-Tech, LLC have partnered to develop the 2022 Legal Aid Security Toolkit to help educate the broader community on current cybersecurity technologies and practices.

Executive directors and management may use this toolkit to better understand why security is important for their organization, to start conversations with their IT staff or vendors, to consider their own role on cybersecurity, and to help plan organizational initiatives that will improve security and the protection of confidential data.  IT responsible program staff may use the toolkit to help analyze their organization's security and identify areas for improvement.  IT staff may also find resources that they may share with others within their organization to help raise awareness with management and staff as well as increase buy-in for enhanced security practices and technology.  The toolkit also has information for advocates and other program professionals to help them learn more about security, their role in building a more secure organization, and steps they can take to enhance their security at work and at home.

This toolkit may serve as a check-up or jumping off point for legal aid programs depending on where they are on their security journey.  For some providers, the toolkit may help their efforts to be more intentional and focused on managing for better security. It is not an all-encompassing guide. Instead, it is intended to be informative about higher-priority practices and technologies within the reach of legal aid. This toolkit is not a substitute for working with cybersecurity professionals. You may find this toolkit valuable on its own or it may supplement or enhance your organization's work with security professionals.