Digital White Papers

MANAGING RISK IN A SEA OF SMARTPHONES ILTA's 2012 Technology Survey notes 66 percent of respondents do not have or use a thirdparty system for mobile device management (MDM). In response to the question "Are there certain devices you WON'T allow to connect to your email system?," 72 percent answered "No restrictions." It will be interesting to see if the upcoming 2013 ILTA Technology Survey shows any appreciable rise in MDM adoption or fluctuations in the percentages of respondents who currently have no device restrictions. Survey Says: No Restrictions! As legal technology professionals, we know it is not that simple. Connecting any brand and model of device as it is brought to us is not always feasible. We know that a policy of BYOD without considering risk mitigation and governance practices is not in the best interest of our organizations. We also know it isn't sustainable. It isn't us, however, we need to convince. Tempering that view of BYOD with good governance practices and sustainable approaches can be a hard sell to the attorneys at your firm. After all, attorneys are consumers too. They are not immune to media hype and the desire to appear trendy or a few steps ahead of their peers when it comes to technology. You need to manage expectations at the attorney level. We all want our users to have access to the best technology to support their practice of law both inside and outside the office, but not at the expense of firm security. PRESENT BYOD AS A FIRMWIDE CONCERN Start by getting buy-in from the top down. Risks the legion of available devices brings to your organization are best understood and agreed to by executive management. An understanding of these risks at the executive level goes a long way in preventing risk management from being viewed as edicts from an overly cautious or controlling IT department. Determining the level of risk executive management is willing to accept goes a long way in managing their expectations. Cloud storage accessibility, user behavior, malware exposure, server synchronization, voicemail speech and text transcription all contribute to the security risks mobile devices introduce. Educate your firm's leaders fully on the ramifications to the organization should any of those risks be realized. Outline the short- and long-term benefits, and then let them take it to the partners (with your support). Their knowledge of where they want the organization to be and how it should get there places the issue of BYOD within an overall firm context. Their shared interest as partner shareholders in the firm sells the need for sustainability. DEVELOP FIRMWIDE POLICY Take those governance practices and ground them in firm administrative policy. Addressing

• Cover