Law Practice Today

Once you leave the safety of your office, with its comforting firewalls and other security features, you'll find it's a big bad world out there, with hackers, phishers, and rogue hotspots just itching to get control of your data. With a little planning, and a lot of common sense, you can make sure your mobile experience is safe and secure.

Basic Security

It goes without saying that whatever security you use in the office, you should use the same types of tools when you're out on the road. But I'll say it anyway -- make sure your laptop, netbook, or other device has a firewall as well as antivirus and anti - spyware software -- and if you're using Windows, be sure to run Windows Update on a regular basis. My current favorite security suite is Norton Internet Security (http://bit.ly/Norton , $59) -- although Norton has gotten a bad rap in the past, the latest version is lean, fast, and provides rock- solid security.

Backup and Synchronization.

Routine backup of mobile devices should be a part of your security plan. Your mobile data is less likely to be backed up or synchronized. Therefore, you should have a backup tool that can work while you're on the road. Those of you in larger firms will likely already have procedures for keeping your critical data backed up; if not, or if you're in a smaller office, I recommend using an online service such as Mozy (www.mozy.com ) where you can back up 2GB for free and unlimited data for only about $60 per year. There's also a Pro version that is available for enterprise users. An alternative is Carbonite (www.carbonite.com ) is also a good online backup alternative that has a free 15 day trial, has an unlimited backup for $55.00 per year.

If you have a solid backup program at the office and simply need to ensure that you keep your laptop files synched up with the documents in your office there are several synchronization services currently available online. One such service is DropBox (www.getdropbox.com , 2GB free, or 50GB for $99/year), which essentially sets up a folder on your computer that you can use to "drop" files -- those files are then synchronized to an online server, where they will be available to you on any other computer linked to your account. Another well regarded synching tool is SugarSync (www.sugarsync.com , plans from $4.99- $24.99/month). SugarSync allows you to back up all your computers to the same personal website, which of course is available via any Internet connection. You can also grant access to others, so they can view or otherwise share files with you.

Encryption.

Ideally, your laptop will have disk encryption built in; with that feature enabled, the computer will not even boot up until the correct password is entered. If that option is not available or otherwise enabled, try TrueCrypt (www.truecrypt.org , Free), which can encrypt basically anything -- files, folders, entire hard drives, or even USB drives. Another good encryption product is PGP (www.pgp.com , various prices) -- it offers both whole disk and email encryption. Encryption is perhaps the single best way to protect your computer while you're on the road; if it is lost or stolen, you can guarantee that the data will be inaccessible.

Remote Disk Wiping.

In the event your laptop is stolen or lost, you may want an extra level of protection, even if you have encrypted your hard drive. LoJack for Laptops (www.lojackforlaptops.com , $90/3 year subscription) is one of several services designed to not only track your laptop, but also remotely erase the data on the hard drive if necessary . When the thief connects the computer to the Internet, the installed software quietly connects to the monitoring center, and relays the laptop's location to the proper authorities. If the laptop is not in a place where it can be recovered, the premium version of the software can send a signal to the computer so that the entire hard drive is erased and overwritten.

Wireless Security.

Of all the activities that can cause problems for the security- minded lawyer on the road, access to and use of the Internet is probably the greatest concern. And with the now-widespread deployment of wireless Internet access just about anywhere you go, safe computing is even more important; wireless technology is just not completely secure -- yet. Here are a few tips to make sure your wireless Internet experience doesn't attract hackers or the like.

• A Real Connection. First, make sure you're really connected to a legitimate access point. The bad guys can create "rogue" access points that fool you into believing they are real; it's only after you have given up your credit card information that you realize you've been duped. Use a site like JIWire (www.jiwire.com ) to confirm the location of a legit wireless provider, and don't configure your laptop to automatically connect to any available network.
• Disable print and file sharing. There's a setting in Windows XP that allows you to share and print files with other computers on a network. However, this feature also provides a gateway for anyone wanting easy access to your laptop. Fortunately, it's a snap to fix. Just open the Control Panel and select Network and Internet Connections, then click on Network Connections. Find your wireless connection, right- click on it and select Properties. On the General tab, scroll down the list of items used by the wireless adapter, and uncheck File and Printer Sharing for Microsoft Networks. Click OK. These same
• Consider Encryption. While data that you send and receive from secure web sites (those beginning with https: ) is generally protected, information sent through other sites can be intercepted easily by someone nearby using something called a “packet sniffer. ”Think about using a program (for example, Pretty Good Privacy, see PGP above) that will encrypt your e- mails and attachments.
• Use a Virtual Private Network (“VPN”). If you have access to a VPN then you will be able to use a wireless connection with a relatively high degree of security.

Using a Public PC. One word of advice when using public computers to access e- mail or work files: don't . It's just not safe to use a system with which you are not familiar. But if you must use a computer at an Internet cafe, library, or airport, follow these basic rules:

• Be Aware. Look around to make sure no one is looking at your screen or keyboard while you're typing.
• Watch Out for Keyloggers. Hackers have been known to install "keylogging" programs that can capture your keystrokes -- and therefore your passwords, credit card numbers, or anything else you type on a keyboard. There are two ways to get around this. First, use the onscreen keyboard to enter passwords with your mouse. Just select Start, then Accessories, then Accessibility, then On Screen Keyboard. Another way to enter passwords is to type your password with a lot of other letters/numbers in the middle, then remove those items with your mouse.
• Erase Your History. If you use a browser on the public computer, make sure to clear your browsing history before you go. In Internet Explorer: Tools, then Internet Options, then click Delete Files, Delete Cookies, and Clear History. In Firefox: Click Tools, then Clear Private Data , if you're using a more recent version of Firefox. For older versions, select Tools, the n Options, and then Privacy, and clear your Cache, History, Passwords, Cookies, and other history items.
• To- Go Software. Better yet, use a browser, word processor and password manager that leave no trace of your computer activity when you're done. Carry a USB Drive with PortableApps ( http://portableapps.com ) and Pass2Go ( www.jiwire.com ) installed; you can surf the 'Net, edit documents, and fill in forms securely. When you unplug your USB drive from the public PC, all traces of your activity go with you.

Mobile device security. While you are protecting your laptop and hard drive, don't forget to secure the device most often lost or misplaced -- your smartphone. Often, our smartphones contain much of the same confidential information found on the average laptop -- email, contacts, and even client documents are routinely stored and viewed on our phones. Fortunately, Blackberries, iPhones and other mobile devices provide several different security options. No matter which smartphone you use, consider these easy-to- implement security functions.

• Password protect at startup -- most phones can be programmed to require a password before they can be accessed. Even better, configure your phone so that the data on it is erased after the password has been entered incorrectly a certain number of times (usually 10).
• Encrypt data -- Blackberries and Windows Mobile devices have the ability to encrypt data stored on them -- take advantage of it. Unfortunately, the iPhone does not offer encryption.
• Secure passwords -- never save passwords in your phone's browser cache -- they are too easy to retrieve by anyone who finds your device. Blackberry users can take advantage of the Password Manager utility installed on the phone, while other smartphones allow the use of third - party password managers like KeePass ( http://keepass.info/) to manage and keep passwords secure.
• Lock down Bluetooth -- on some smartphones, the Bluetooth connection is on by default. In addition to draining your battery, you could find yourself open to Bluetooth attacks. Turn on Bluetooth only when you need it, and configure your smartphone so that your B luetooth connection is not visible to others.
• Clear memory -- it's a good idea to clear your browser history and cache every now and then, to delete the web pages you view from the phone's memory. Blackberries allow you to delete unencrypted email message s as well as username, password, and other certificate- related information.