Post on 02-Jul-2015
description
Clio Cloud Conference 2014 #ClioCloud9
Law Firms in a BYOD World
by Brian Focht
@NCCyberAdvocate
Clio Cloud Conference 2014 #ClioCloud9
Law Firms in a BYOD World
by Brian Focht
@NCCyberAdvocate
Imagine…
A senior partner plugs his tablet into a
public charger at the airport, hopeful to
have enough juice for the flight…
Imagine…
A junior partner dashes off a quick
work email on her phone before
handing it to her 7 year-old who
downloads a brand new game…
Imagine…
A senior associate laughs when her
friend fumbles with a password to
respond to an email – “phone
passwords are so inconvenient,” she
thinks to herself…
Imagine…
A junior associate finally remembers to
email IT to report that his phone was
stolen on the first day of his Vegas
trip… last week…
Imagine…
A summer associate, after spending all
summer downloading unsecured
documents onto his personal tablet,
leaves the firm to head back to school…
Imagine…
EACH SITUATION POSES A HUGE
SECURITY RISK FOR YOUR FIRM!
#ClioCloud9Clio Cloud Conference 2014
We’re Living in a BYOD World
Businesses Like It
Employers Like It
Employees Like It
#ClioCloud9Clio Cloud Conference 2014
… and it’s a Dangerous World…
Hackers Like It
#ClioCloud9Clio Cloud Conference 2014
… and it’s a Dangerous World…
Incidents of Hacking on the Rise
1. Obvious targets for obvious reasons:
Target & Home Depot - $$$
2. New targets for more insidious reasons:
Personally Identifiable Information (PII)
#ClioCloud9Clio Cloud Conference 2014
… and it’s a Dangerous World…
Increased Convenience
=
Decreased Security
Law Firms are Vulnerable
#ClioCloud9Clio Cloud Conference 2014
… and it’s a Dangerous World…
Law Firms are a one-stop-shop for hackers
• Patent applications & intellectual property
• Confidential business information
• Negotiating strategies & future business
goals
• Personally Identifiable Information
#ClioCloud9Clio Cloud Conference 2014
… and it’s a Dangerous World…
No practice area is immune
#ClioCloud9Clio Cloud Conference 2014
… with Serious Consequences.
Stakes Keep Going Up
1. Financial Responsibility
2. Ethical Responsibility
3. Your Professional Reputation
#ClioCloud9Clio Cloud Conference 2014
… with Serious Consequences.
Consequences of being hacked are on the rise!
The Wrong Security Breach Could Ruin Your Firm!
#ClioCloud9Clio Cloud Conference 2014
Four Key Steps
1. Breathe
2. Assess
3. Plan
4. Implement
#ClioCloud9Clio Cloud Conference 2014
Step 1: Breathe
#ClioCloud9Clio Cloud Conference 2014
Step 2: Assess
There is no one-size-fits-all solution
Know Thyself
#ClioCloud9Clio Cloud Conference 2014
Step 2: Assess
Know Thyself
1. What are you trying to protect?
2. What resources do you have?
3.What other factors are there?
#ClioCloud9Clio Cloud Conference 2014
Step 3: Plan
Any Plan vs. The RIGHT Plan
NOT a Fire-And-Forget Issue
REQUIRES Universal Buy-In
Involve Everyone
Respect Concerns about Privacy
#ClioCloud9Clio Cloud Conference 2014
Step 3: Plan
Essential Components
1. BYOD Manager
2. Implementation
3. General Security
Requirements
4. Permissible Devices
5. Business vs. Personal
6. Apps
7. Mobile Device
Management
8. Updates
#ClioCloud9Clio Cloud Conference 2014
Step 3: Plan
Other Considerations
Employment Contract
Is BYOD Optional?
Privacy Bill of Rights
Who Watches the Watchers?
#ClioCloud9Clio Cloud Conference 2014
Step 4: Implement
Remember:
Only Effective if Applies to Everyone
No Waivers, No Exceptions
Not a Fire-And-Forget Policy!
Constant Vigilance
Clio Cloud Conference 2014 #ClioCloud9
Thank you for listening!