With the New Year, Let’s Look at Your BYOD set-up.
/As part of my New Year's purge, I have been cleaning out some old paper copies of The National Law Journal. (Remember the days when we used to get it in print?) I was reviewing an article from the November 19, 2013, edition titled "Perils of the 'Bring Your Own Device' Workplace." Authors Fabio E. Marino and Teri H.P. Nguyen discussed some of the risks companies face allowing BYOD use in their operations. It gave me pause to think about how BYOD use may be handled by lawyers working from home in this COVID Era.
Marino and Nguyen appear to focus their concerns on the "control" of data. That is, to be frank, the number one concern any technology users should have for themselves. They want their private information, like bills, bank and investment accounts, medical documents, and personal communications, kept from prying eyes. This information tends to include social security numbers, date of birth, bank and investment logins & passwords, and medical information. Third parties are always looking to obtain this kind of information from an unwitting subject to drain bank accounts, open new credit card accounts, steal your home, or other nefarious reasons. For the lawyer, regardless of firm size, the primary concerns remain the same – keeping your clients' similar information secure and private. It does not matter if the firm or employee owns the device. We have to take some reasonable steps to secure this information. So, how do we attorneys do that?
The most straightforward step is to password protect your devices. Yes, even at home, you want to make sure your devices are locked with a password. Whether it is a family member snooping where they should not, a house guest who is not really a friend, an untrustworthy maintenance person, or a thief, password-protected technology is the easiest step to safeguard your client's personal information. When they cannot log into your tech device, they can't steal the information!
Use a separate Wi-Fi network connection at home. Create a work Wi-Fi network apart from your family's and your personal use. You do not need to go out and buy another provider. Your router should allow you to create separate networks, e.g., "Mike's Work Network" and "Mike's Family Network." These different networks will enable you to monitor who is (and should not be) on your work network, e.g., the neighborhood kids when they want to play X-Box or PlayStation with your kids or neighbors trying to leach off your network (don't forget to password protect all of your Wi-Fi networks and use different passwords when you do!!!).
Lastly, make sure you have a password vault. It serves two purposes. One, obviously, you will have more than one password, and keeping track of them should be both simple and secure. Two, the various passwords need to be more complicated than "12345678" or "password"! A password generator can help you create unique, complex, multi-variable passwords. This will make it much more difficult for the thief to access your technology, accounts, and client information.
* Note: I don't think you need a VPN at home unless you are worried about "Big Brother" looking over your shoulder!
Happy New Year and Happy Lawyering (from home)!