For the past five weeks we’ve been running a blog series on how modern attorneys now have the opportunity to manage their practice from mobile devices thanks to cloud technology. While mobile practice management has been a boon to many lawyers in terms of convenience, productivity, and accessibility, it’s important that those using mobile solutions take the necessary precautions to protect the firm and client data. At this point, mobile security is crucial.
As legal practitioners, you owe it to your clients and your practice to ensure that the security measures you are taking are up to snuff. Failure to do so can mean a lost client, and at worst disbarment. Just like you manage and maintain the security of your firm’s office and your computers (we hope), likewise it’s important to consider the mobile aspect. So, what can you do to protect your firm’s privacy, data, and client confidentiality while using a smartphone or tablet?
Password protect your mobile device. It may be a bit inconvenient to type in a password every time you need to use your phone, but it is the simplest step to securing your device. ILTA’s 2013 Technology Survey of 189,000 legal professionals showed that 21% of respondents didn’t lock their phones at all, leaving a lot of data at risk in the event of a lost device.
Your password on iOS devices is usually a 4-number combination, while Android devices allow for pattern, pin, and text passwords in many cases. We highly recommend that you also look into apps that allow for other types of password protection, such as a fingerprint or retinal scanning, or at least an app that scrambles the numbers on your phone’s pin pad.
Back that data up
Back up your device regularly. Most devices allow you to back up your data either to a local computer or to a cloud service. Back up often, and be sure to encrypt your backup if you have the option. Google has this service built in to most Android devices, and for many devices this service is available once you connect your Google account to various apps. Apple has a iCloud service similar to Google’s, allowing you to schedule regular backups.
Location is everything
Register your device with location services. For example, Apple offers Find-My-iPhone as a free service to help track down lost devices and Google has released an Android Device Manager app that you can use for Android devices. If your device is lost or stolen, you can locate it on a map, lock your device, or even wipe or reset it if you feel your data is at risk.
Put your head in the cloud
Do not store sensitive data locally on your phone. Instead, use the phone as a portal to your data that is stored in the cloud. That way, even if your device is lost, stolen, or confiscated, you always have access to your data through other devices—you also have the additional layer of security that cloud services provide. Should you lose access to your device, you can always login via your computer or a secondary device and change your credentials, locking access from your device to your account.
For example, Clio’s app has several layers of security. Upon installing the app you need to log in with your Clio credentials, and once you have done so you will be asked to set up a mobile PIN – a four digit code you will need to enter every time you wish to access the app. We recommend this PIN be different from the PIN you use to unlock your phone, for enhanced security. Clio also allows you to view who’s accessing your data, identified by IP address.
Account administrators can access all active sessions on your Clio account via the ‘Account Sessions‘ setting. Cloud technology and mobile access are fast becoming the norm in the legal sector, and it’s imperative that security standards and guidelines keep pace with the rapid adoption of technology. In the information age, data is currency—treat yours as such.