BYOD Is Top Challenge For Lawyers In 2014
We've covered Bring your own Device (BYOD) for legal professionals several times in this blog- how to implement a BYOD program, how to secure the mobile devices, how to minimize risks of information security breaches in the cloud, and much more. But what does the future hold for BYOD in the legal profession? The increase of successful cloud-based attacks is a red-flag alert for lawyers who deal with sensitive information on a daily basis. A recent survey of legal counsel from Fortune 1,000 companies showed that BYOD will be the #1 e-discovery challenge for lawyers in 2014. So what will 2014 hold for BYOD, in and out of the courtroom?
BYOD hacking
Online attackers (often referred to as hackers) will try to compromise mobile devices in order to gain access to online accounts. While there is a variety of methods used including the use of sniffers, bluetooth hacks, stolen devices, etc., social engineering is still one of the top methods used by attackers for gaining unauthorized access to accounts and information. And since last year's bombshell dropped by Edward Snowden, it's apparent that government snooping into mobile devices will continue to be prevalent in 2014, which poses even more security risk for BYOD users. If a lawyer cannot guarantee that the client's information is completely secure, this can potentially cause legal problems of their own.
BYOD security
While the implementation of BYOD is meant to increase productivity through convenience, increase time-management and save costs, law firms should not allow employees to simply use any device to access sensitive information. The security of the hardware is just as important as the security of the electronic data once it leaves the device. Obviously all BYOD devices must be secured. High-strength passwords and encryption can be used to protect most mobile devices, and if the employees are using devices that do not allow these features, those devices must be disallowed. Many devices offer novelty authentication features such as fingerprint or facial scanning. These features are typically insecure and do not offer any additional protection to the device, as a backup password (which the device users must create in case of a malfunction) can be used to bypass the scan.
Online security is extremely important as well. All cloud-based accounts must be properly secured, so that data is secure throughout transit, from the moment it leaves a BYOD mobile device, until it reaches its destination. High-strength passwords, third-party encryption, two-factor authentication, data loss protection and a secure backup plan can be used to secure online accounts.
Specific accounts and information should only be accessed by those that "need to know." Court workers, research workers, private investigators, and other sources working with the lawyer may need access to some of the information in order to efficiently complete their tasks. But to grant full access to accounts with information on other cases, unrelated client information, or with sensitive law firm information simply opens the door to abuse of information.
Online security is extremely important as well. All cloud-based accounts must be properly secured, so that data is secure throughout transit, from the moment it leaves a BYOD mobile device, until it reaches its destination. High-strength passwords, third-party encryption, two-factor authentication, data loss protection and a secure backup plan can be used to secure online accounts.
Specific accounts and information should only be accessed by those that "need to know." Court workers, research workers, private investigators, and other sources working with the lawyer may need access to some of the information in order to efficiently complete their tasks. But to grant full access to accounts with information on other cases, unrelated client information, or with sensitive law firm information simply opens the door to abuse of information.
BYOD data loss protection and backup
To completely secure data from being lost forever due to a hacking or accidental deletion incident, lawyers should have a secure backup plan implemented. The financial risk of data loss can be high, including uses of blackmail, social security theft, financial information theft and more. If an attacker steals your data, wipes it from your account and blackmails you with it, what will you do? If you don't pay, your data is gone forever. Contracts, case files, client information- any sensitive information that you store online can be wiped out in the blink of an eye. But a powerful and secure cloud backup system can prevent the loss of any data.
cloudHQ is a data loss protection service that protects your data 24/7/365. It works by automatically replicating all cloud data from one account to another. If attackers gain access to your main account, the secondary account remains secure and all data can be instantly restored. Obviously the secondary account should not be linked in any way to the main account (other than through cloudHQ), for instance- don't use email addresses associated with your law firm, don't use the same password, don't give out the account access to anyone, don't use the same (or linked) payment methods, etc. The secondary account should be totally isolated from the other so that when an incident occurs, the attacker has no chance of reaching the secondary account. And cloudHQ will be right there to dutifully backing up your data 24-hours-a-day so that NONE of your data will be lost, even if you are working online when an incident occurs. Protect your online data now with complete cloud protection from cloudHQ.
cloudHQ is a data loss protection service that protects your data 24/7/365. It works by automatically replicating all cloud data from one account to another. If attackers gain access to your main account, the secondary account remains secure and all data can be instantly restored. Obviously the secondary account should not be linked in any way to the main account (other than through cloudHQ), for instance- don't use email addresses associated with your law firm, don't use the same password, don't give out the account access to anyone, don't use the same (or linked) payment methods, etc. The secondary account should be totally isolated from the other so that when an incident occurs, the attacker has no chance of reaching the secondary account. And cloudHQ will be right there to dutifully backing up your data 24-hours-a-day so that NONE of your data will be lost, even if you are working online when an incident occurs. Protect your online data now with complete cloud protection from cloudHQ.
Related Articles
- Beyond BYOD: Welcome to the era of COPE (Corporate Owned, Personally Enabled) devices (business.financialpost.com)
- You can't ignore BYOD and hope it will go away (information-age.com)
- Mobility and Risk, By the Numbers (networkingexchangeblog.att.com)
- Using Bring-Your-Own-Device in Workplace Training (smallbusinessbonfire.com)
- 4 Effective Small Business IT Solutions (b2btechcopy.com)
- 4 Ways to Enhance Data Security in a BYOD Environment (techi.com)
- The BYOD Baker's Dozen: 13 things you should do if you're implementing a "bring your own device" program at your company (globalnerdy.com)
RSS Feed