mobile security

The holiday season is upon us when, in the hustle and bustle, we can sometimes overlook securing one of the most important communication and productivity tools in our modern lives: mobile devices. Mobile phones, laptops and tablets are ubiquitous. Whether BYOD (bring your own device) or company-provided, we take for granted when this technology works day in and day out. We are lost—and your law firm's security is threatened—when they fail or get damaged, stolen or compromised. Here are some tips to help you minimize technological difficulties during this busy time of year.

The U.S. Department of Homeland Security defines threats and risks in five separate layers. We'll cover each with one or more methods to secure your device.

1. Mobile Device Technology Stack: The first thing employees or IT staff can do to ensure a solid foundation of up-to-date features and security fixes is to use the manufacturer's latest software update for the device(s) being used. Whether you utilize iOS, Android, Windows or a combination of each, regularly checking for device updates will ensure that you are taking advantage of an operating system that has closed any recently found holes attackers can compromise.

Some new OS updates may introduce compatibility issues, so be sure to check that all your applications will work prior to updating. Keeping your applications updated will also help secure your devices.

Make sure your device is regularly backed up. This will allow you to “roll back” to the last known good configuration if an update causes a problem. Backups should never be overlooked!

2. Mobile Networks: All devices connected to the internet to share data need to be part of a network. These days you can find a way to connect almost anywhere you are. From the local coffee shop to a hotel you are staying at, all have convenient methods to communicate with your colleagues and families during the holidays.

An important thing to remember is to ensure that the Wi-Fi network you are connecting to is legitimate and secure. Does it require a password that will ensure encryption (preferably WPA2) or is it open to anyone with no security at all? The former should be a requirement for anyone traveling away from the office.

Be mindful of any access points that are not sanctioned by the establishment you are in and resist connecting to them. Always use a VPN (virtual private network) regardless of where you connect as that will add another layer of encryption and security to your connection. Connecting to an open access point risks allowing anyone monitoring or “sniffing” that network to procure your passwords and wreak havoc. Finally, using two-factor authentication can also create another important layer of security when connecting to corporate networks over these public wireless access points.

3. Device Physical Systems: An obvious way for anyone to gain access to your device is via physical manipulation. If you do not protect your device with a strong password that includes a combination of uppercase, lowercase, numbers and/or special characters, you make it easier for someone to “brute force” a way into your device by guessing your password. If you don't have a password, anyone can pick up your phone or tablet and view the data on it or, even worse, send data out to others in your name.

One way to take security one step further is to utilize the biometric password features of your device. This will include options depending on your hardware such as facial recognition or fingerprint readers. These technologies are very hard to bypass, and you carry your password with you wherever you go.

The next step is to set up your device to automatically lock the screen after sitting idle for a minute. This will require you or anyone who wants to use the device to enter the password, thwarting unauthorized tampering or snooping.

4. Mobile Applications: There are applications you can download for your laptop, tablet or phone that can open the door for malicious use or privacy intrusion. Most “app stores” are closely controlled, but sometimes there are applications that get past the vetting process. Laptops are more at risk due to the ability to install any software if you have the privileges to do so and not being limited to a specific app store.

Having a proper first line of defense by installing a modern anti-malware and anti-virus product from a reputable software publisher is paramount to keeping the bad guys out. This will also help secure your machine from software downloads and installs that are infected with digital bugs or viruses. Sometimes these infections can occur by casually clicking on a pop-up ad by accident. Updating your anti-malware and anti-virus product as needed will keep it smarter and able to detect the latest threats.

5. Mobile Enterprise: Work with your IT department or IT vendor prior to taking your vacation or holiday to ensure that your device(s) are fully protected, updated and tested to connect back to your office. You don't want to be thousands of miles away and unable to work or communicate with your peers or clients after you find out your password has expired or there is some other problem blocking your connection. Take the time to speak to your technologists and have them check your software and hardware for updates, a cleanup and any other items you may need for travel such as power converters for plugging your devices in to charge in another country.

Time spent on these activities will save you potentially hours of frustration while out of the office and trying to troubleshoot problems over the phone. Or worse: without a connection to the internet, your IT staff or vendor won't be able to remotely connect to help troubleshoot your problems.

Tim Sheehan is the director of professional services at Innovative Computing Systems. He can be reached at [email protected].

mobile security

The holiday season is upon us when, in the hustle and bustle, we can sometimes overlook securing one of the most important communication and productivity tools in our modern lives: mobile devices. Mobile phones, laptops and tablets are ubiquitous. Whether BYOD (bring your own device) or company-provided, we take for granted when this technology works day in and day out. We are lost—and your law firm's security is threatened—when they fail or get damaged, stolen or compromised. Here are some tips to help you minimize technological difficulties during this busy time of year.

The U.S. Department of Homeland Security defines threats and risks in five separate layers. We'll cover each with one or more methods to secure your device.

1. Mobile Device Technology Stack: The first thing employees or IT staff can do to ensure a solid foundation of up-to-date features and security fixes is to use the manufacturer's latest software update for the device(s) being used. Whether you utilize iOS, Android, Windows or a combination of each, regularly checking for device updates will ensure that you are taking advantage of an operating system that has closed any recently found holes attackers can compromise.

Some new OS updates may introduce compatibility issues, so be sure to check that all your applications will work prior to updating. Keeping your applications updated will also help secure your devices.

Make sure your device is regularly backed up. This will allow you to “roll back” to the last known good configuration if an update causes a problem. Backups should never be overlooked!

2. Mobile Networks: All devices connected to the internet to share data need to be part of a network. These days you can find a way to connect almost anywhere you are. From the local coffee shop to a hotel you are staying at, all have convenient methods to communicate with your colleagues and families during the holidays.

An important thing to remember is to ensure that the Wi-Fi network you are connecting to is legitimate and secure. Does it require a password that will ensure encryption (preferably WPA2) or is it open to anyone with no security at all? The former should be a requirement for anyone traveling away from the office.

Be mindful of any access points that are not sanctioned by the establishment you are in and resist connecting to them. Always use a VPN (virtual private network) regardless of where you connect as that will add another layer of encryption and security to your connection. Connecting to an open access point risks allowing anyone monitoring or “sniffing” that network to procure your passwords and wreak havoc. Finally, using two-factor authentication can also create another important layer of security when connecting to corporate networks over these public wireless access points.

3. Device Physical Systems: An obvious way for anyone to gain access to your device is via physical manipulation. If you do not protect your device with a strong password that includes a combination of uppercase, lowercase, numbers and/or special characters, you make it easier for someone to “brute force” a way into your device by guessing your password. If you don't have a password, anyone can pick up your phone or tablet and view the data on it or, even worse, send data out to others in your name.

One way to take security one step further is to utilize the biometric password features of your device. This will include options depending on your hardware such as facial recognition or fingerprint readers. These technologies are very hard to bypass, and you carry your password with you wherever you go.

The next step is to set up your device to automatically lock the screen after sitting idle for a minute. This will require you or anyone who wants to use the device to enter the password, thwarting unauthorized tampering or snooping.

4. Mobile Applications: There are applications you can download for your laptop, tablet or phone that can open the door for malicious use or privacy intrusion. Most “app stores” are closely controlled, but sometimes there are applications that get past the vetting process. Laptops are more at risk due to the ability to install any software if you have the privileges to do so and not being limited to a specific app store.

Having a proper first line of defense by installing a modern anti-malware and anti-virus product from a reputable software publisher is paramount to keeping the bad guys out. This will also help secure your machine from software downloads and installs that are infected with digital bugs or viruses. Sometimes these infections can occur by casually clicking on a pop-up ad by accident. Updating your anti-malware and anti-virus product as needed will keep it smarter and able to detect the latest threats.

5. Mobile Enterprise: Work with your IT department or IT vendor prior to taking your vacation or holiday to ensure that your device(s) are fully protected, updated and tested to connect back to your office. You don't want to be thousands of miles away and unable to work or communicate with your peers or clients after you find out your password has expired or there is some other problem blocking your connection. Take the time to speak to your technologists and have them check your software and hardware for updates, a cleanup and any other items you may need for travel such as power converters for plugging your devices in to charge in another country.

Time spent on these activities will save you potentially hours of frustration while out of the office and trying to troubleshoot problems over the phone. Or worse: without a connection to the internet, your IT staff or vendor won't be able to remotely connect to help troubleshoot your problems.

Tim Sheehan is the director of professional services at Innovative Computing Systems. He can be reached at [email protected].