Mobile Device Security for Lawyers: How Solos and Small Firms can Ethically Allow Bring Your Own Device, by Will Harrelson, Curo Legal Blog (with hat tip to Jeff Richardson, iPhone J.D. Blog!)
The Start of Bring Your Own Device Policies
It really is the iPhone’s fault. Yes, Apple is to blame for designing the most desirable piece of technology of the last decade. So desirable, in fact, that employees of all stripes requested (and, often, begged) their IT departments to toss the increasingly-‘corporate’ Blackberry out the window and allow the use of their personal iPhones for corporate emails and calls. As a result, we have been living in the age of ‘Bring Your Own Device’ where employees use a single personal mobile phone (or tablet) for both their personal email, texting, and social media while also using it for work email, word processing, and other enterprise applications.
Before the Bring Your Own Device era, a company’s greatest out-of-office security concern was an employee who left a briefcase in a taxi. Today, the worry is an employee misplacing a device the size of wallet containing almost limitless amounts of data that criminals or hackers would easily and quickly exploit if given the chance. Clearly, there is an obvious financial motivation for all businesses to protect their own or customer’s sensitive data.
However, lawyers face particular ethical consequences if they fail to take reasonable efforts to either investigate the technologies that they implement or protect their client’s confidential information. . . .