Sign up for our free newsletter.
By now most everyone is familiar with the “Bring Your Own Device,” or BYOD, trend—meaning the proliferation of lawyer- and staff-owned personal mobile devices used for firm business. But apart from being the latest buzzword, BYOD has distinct security implications for law firms. Let’s look at the way the profession’s use of technology has evolved over the past couple of decades to pinpoint security gaps and best practices.
Prior to the 1990s, the only access to firm data was via PC workstations on the lawyers’ desks. By the mid-1990s, laptops and Internet access allowed lawyers to realize mobility with remotely accessed, centrally managed legal applications and data. However, these early devices were typically firm-supplied and came with stringent personal use policies and controls—laptop data encryption, enforcement of user authentication and restrictions on the installation of personal applications.
True mobility came in the late 1990s, when Research in Motion introduced a pager-sized device with a tiny keyboard and an eight-line LCD display that allowed access to firm email. But, again, these were typically employer-controlled devices: strong security measures, no Internet access and no use of personal applications.
The world of mobility changed with Apple’s first iPhone. Today, mobile device users demand the convenience of using one device for both business email and access to firm data and for personal activities—including access to personal email and the exponentially growing number of personal apps. And they’re expecting the law firm to support their devices—whether an iPhone, an iPad or the various Android and Microsoft mobile devices.
In many ways BYOD is a net positive, allowing faster responses to client demands for document review and exchange, remote accessibility to document and case management systems, and greater flexibility to work remotely and better accommodate lawyers’ and clients’ schedules.
Along with these benefits, however, comes the challenge to the law firm of having to support a wide range of personal mobile devices with competing operating and security environments. Of even greater consequence is the risk of confidential client data breaches. In fact, one of the biggest challenges facing legal IT is the accessing of firm data by personal applications, such as Dropbox-style transfers used to synchronize client data on everyone’s mobile devices. Legal IT must provision mobile devices with technology that allows encrypted and secure download and storage of client data accessed on the devices via email, legal applications or document repositories. The legal and financial consequences of data breaches can be profound for a law firm.
Protecting confidential client data on mobile devices requires close cooperation between a law firm’s IT professionals, attorneys and staff. Whether you’re in a firm with a few lawyers or several hundred, here are some best practices to consider in your mobile device deployment and security program.
Most data breaches are caused by human error and negligence. Even the most sophisticated security technology will be compromised absent obtaining the full understanding and support of legal professionals—including through a formal education program covering mobile device best practices and firm usage policies. Training should focus on:
The bottom line: A solid BYOD usage policy, as well as comprehensive training, should provide unambiguous guidance and focus on meeting security requirements.
Charles Magliato, Legal Program Director for Biscom, has more than 30 years of information technology industry experience, including application development, project management, business development, product marketing and channel and direct sales. He has more than five years of experience working with setting marketing and product direction strategies for managed and secure file-transfer applications. As Biscom’s Legal Program Director, Charles is responsible for legal industry marketing and sales for Biscom’s secure document delivery product line. He can be contacted at firstname.lastname@example.org.
»Top cloud-based practice management software: Free 30-day trial!
»Manage my legal practice from anywhere on any device—HoudiniEsq.
»Quality attorney leads. Reach prospects online. 10 free leads.
»Learn more about the easiest way to get paid.
»Attorney flies solo—and soars—with online practice management.
»Simplify your practice with legal practice management in the cloud.
»Lawyernomics 2013 Conference: Generate more business online.
»Attend the ALA Annual Conference & Exposition, April 14-17, National Harbor, MD.
Sign up for our free newsletter.
Ask the Experts at 2Civility.org: Does your firm have the green light to accept this new method of payment?January 21, 2019 14 1 0