2016 Mobility & Security for the Legal Professional

As we all know, mobile devices have bombarded the market in the last few years. Mobility usage among legal professionals has skyrocketed. Today’s attorneys expect to work from anywhere with any device and have an expectation of reasonable performance. In recent years “Bring Your Own Device” policies have become a norm that has added complexity to the jobs of IT Directors. They have had to engage in a juggling act between allowing attorneys to work with the devices and applications they want while ensuring firm data is secure.

Data security years ago was fairly simple. You bought an appropriate firewall, secured your server, created policies to add an additional layer of security and went about your day. Data protection in today’s climate is much more complex and will only increase in intricacy in the coming years. Below are a few items to consider while working on your list to shore up your data protection plan:

Data Repository. It is essential to have a good security wrapper around you valuable client data. For smaller firms that may not have in-house expertise, hire an expert IT security firm to assist with the deployment of a next-generation firewall, virus control, perhaps network access control software and other more high tech items.

It is also important to ensure that your DMS integrates tightly with Active Directory to increase security around document stored therein.

Perhaps the single largest hole in security is the lack of a good password policy. Make sure everyone understands how important it is to use strong and complex passwords, in my opinion this is the weakest link in the chain, a simple common password defeats even the highest level of firewalls and other technology you put into place.

Data Encryption. Data encryption has been around for some time but has really come to the forefront with all of the news of data hacks and leaks. While a complex subject, simply put, data encryption scrambles your content on your hard drive/servers so only valid team members can unscramble it. Cloud data center providers often inherently encrypt by default, however not everyone is ready or wants to go to the Cloud. There are hardware devices or applications that will encrypt your data at rest (while not in use) so you can leave the office knowing that even if your server was stolen, your content would be unreadable to the thief.

Laptops and Portable Drives. More than ever, attorneys are working remotely with their laptops and copying data to external hard drives and thumb drives. Preventing this is probably not possible at most firms. Steps can be taken, however, to make sure the data stored on these devices is encrypted. There is third party software for laptops that will encrypt content on USB devices and Windows 10 even has this capability built in such that you can choose to encrypt a folder so that its contents can only be accessed with a password. Some of the newer portable devices have built in encryption so that a password is required to access the drive. USB portable drives are great tools but they are a big security risk unless precautions are taken.

Mobile Devices. Using a mobile phone or tablet for ad hoc work is also becoming a norm and most software providers have solutions for the mobile attorney. While these devices can be encrypted with a password, the IT team often has minimal control over enforcing passwords, wiping lost devices or controlling business apps on them using native functionality. The Mobile Device Management (MDM) industry has exploded in recent years to meet these ever-changing demands for ways to control content on these devices. There are now multiple products available that allow law firm IT Directors to have better control over their users’ smart phones and tablets with tools that enable app deployment and a more granular remote wipe functionality.

Paying attention to the above security tips is not just a good practice. It is essential in securing future clients. We have heard many stories recently where a law firm’s client demands certain security protocols relating to how this firm will protect their confidential information. In this new age of mobile computing we all need to increase our knowledge and sense of urgency on protecting the clients’ data.

This article was originally published in the December 2015 issue of Chicago Lawyer Year in Review.


Founded in 1988 and based in Glen Rock, New Jersey, World Software Corporation® is an innovative leader in the Document Management Systems (DMS) category. The company's flagship product Worldox has an install base of over 6000 companies in 52 countries. Click here for more information.

Return to Forefront main page »
Thomson Reuters Elite Headquarters
800 Corporate Pointe, Suite 150, Culver City, CA 90230
© 2016 Thomson Reuters
Thomson Reuters