By following these core principles, you can protect your firm against unauthorized activity while ensuring your team has exactly what they need to stay productive.

___________________________________________________________

1. Master the "Principle of Least Privilege"

Not everyone needs the keys to the castle. While Administrators have full site access, most team members only need specific tools to do their jobs.

Be Selective: Assign permissions based on roles. For example, allow a clerk to add payments and search transactions, but restrict their ability to process refunds.

The Goal: Limit your firm's vulnerability to internal errors or unauthorized actions.

- Be Selective: Assign permissions based on roles. For example, allow a clerk to add payments and search transactions, but restrict their ability to process refunds.
- The Goal: Limit your firm's vulnerability to internal errors or unauthorized actions.

2. One Person, One Login (No Exceptions!)

LawPay Link offers unlimited users, so there is no reason to share credentials.

Maintain Integrity: Every action in the system is "stamped" with a username.

Accountability: Individual logins create a clear audit trail. If a mistake happens, you'll know exactly where it originated, making it easier to fix.

Security: Sharing passwords is the fastest way to compromise your firm's data.

- Maintain Integrity: Every action in the system is "stamped" with a username.
- Accountability: Individual logins create a clear audit trail. If a mistake happens, you'll know exactly where it originated, making it easier to fix.
- Security: Sharing passwords is the fastest way to compromise your firm's data.

Your user list should only reflect your current team.

Offboarding: As soon as an employee leaves the firm, delete their user profile immediately.

Prevent Breaches: Deleting inactive accounts is a critical step in preventing post-termination security breaches.

- Offboarding: As soon as an employee leaves the firm, delete their user profile immediately.
- Prevent Breaches: Deleting inactive accounts is a critical step in preventing post-termination security breaches.

Properly maintained user controls aren't just about restriction—they are about building an airtight operational environment. Take five minutes today to review your <a href="https://supportcenter.lawpaylink.com/en/articles/9343021-adding-and-managing-users">User Management</a> settings and close any potential gaps.

Securing your firm’s financial data starts with a simple question: Who has access to what?

🛡️ Best Practices: Managing Your Firm’s Users

Looking for LawPay Classic Articles? Click here.

Phone

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Home

Search

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

No tickets created by you

Try using different keywords or checking for typos.

No tickets found

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Tickets

No access to tickets portal

English

url(https://downloads.intercomcdn.com/i/o/546633/21eb67d2f0d8033851100cc1/46b2f9659b4b79a137a09518119e5381.png)

🛡️ Best Practices: Managing Your Firm’s Users

Overview

1. Master the "Principle of Least Privilege"

2. One Person, One Login (No Exceptions!)

3. Keep a Clean House

💡 The Bottom Line