Login | December 13, 2018

Discussing telecommuting and security

RICHARD WEINER
Legal News Reporter

Published: April 6, 2018

Making bucks on the beach. Can’t get away from work. You decide.

A recent study found that upwards of 57 percent of law firms allow their attorneys to telecommute, a figure that was up four percent from the year before. This is either the most freeing development in the history of legal work or the most intrusive. Or both.

While the mobile attorney is definitely the trend, that development brings obvious security problems.

The folks at Law Technology Today have some pointers on how to make sure your telecommunicated work is secure.

The first step is to be aware of and train into the security procedures of your law firm. It is amazing how this can still be an issue in this day and age, but it really is. I wrote about this a few weeks ago, but it is worth noting again that all of the top 40 law firms were hacked last year, and that 95 percent of firms in one survey were non-compliant with their own security measures. Think there’s a connection between those two things?

While most firms now at least acknowledge that data files should be secure, telecommuting brings up a whole raft of other potential security gaps.

Firms should have specific telecommuting procedures in place, addressing issues like how employees access files, protocols for paper copies of files, permissions for storing paper files at the remote office (home), and processes for file sharing and review.

One particular problem that is easy to overlook is the use of voice or video files.

Voice files—voicemail or dictation files stored in the cloud, are inherently un-secure. Same with video. These files need to be encrypted before they are uploaded to the cloud or transmitted to the firm or the client. Use a secure, encrypted, cloud-based dictation management system.

The remote worker need to be on a VPN at all times. Beyond just that, there are several ways to make the VPN more secure, including two-factor authentication and personal identification numbers and tokens that change each time the user accesses the VPN. Then, if a device is stolen, it can’t be broken into.


[Back]