Security Outside the Office.

In today’s world, just about anywhere you go you can get online.  If you have your tablet or laptop with you, you can usually find free Wi-Fi service somewhere nearby.  If you don’t have a device handy, places like a hotel or library may have a business center where you can get online with one of their computers.  You may decide you want to log into your cloud software and check to see what you have going on that day.  But in this connected world, there will always be those trying to get information from you.

While perusing an old issue of the Illinois Bar Journal (August 2014 | Vol. 102) http://www.isba.org/ibj/2014/08/mysterymissingmiles , I came across an interesting article called The Mystery of the Missing Miles.  It tells the story of a person who found their frequent-flyer mileage balance had all but disappeared, and they hadn’t used them.  It brought the light the risk of using public computers and, going a step further, even public Wi-Fi to access personal data.

The author had logged into her frequent-flyer account a couple of times while staying at her hotel.  Unbeknownst to her, someone had infected the computer with keylogging software.  Keylogging software is used to record the keystrokes on the infected computer and then transmit that data to a third party, usually a website or an email address.  That information is then easily decoded by the third party, and voila, the party has access to the website that you visited, your user name, password, and any other information that you have entered in while viewing the website.  If you use cloud-based software that requires you to log into a website to see information, a public computer is probably the worst possible way to access it.  You are leaving yourself and your clients open to the possibility of having that information accessed by a third party.

As for free public Wi-Fi, they are usually unencrypted.  How often do you access Wi-Fi and it does not ask for a user name or password?  While you are logged onto the network and surfing or gathering information, there could be someone else in the area on the same network “snooping” via their own computer; in other words, watching what you are doing.  On unencrypted web pages, they could actually see what you are looking at and what you are typing.  On encrypted web pages, they would know where you are, but not what you were doing there.  Also, there could be another computer connected to the network that has been compromised by malicious software and the owner may not even know it, and their infected computer is mining data from the others on the network.  Or the network itself could be compromised or even have been setup to look like a company’s free Wi-Fi hotspot when in actuality it is another party’s site collecting data from users.

For ways on how to protect yourself, the lifehacker website has some good tips on staying safe while using public Wi-Fi (http://lifehacker.com/5576927/how-to-stay-safe-on-public-wi-fi-networks).  This particular blog is not meant to scare you, but let you know to take precautions while using either other computers or free Wi-Fi networks.  Simple things like not logging into your bank account on a different computer can save you heart ache in the future.  While our connected world has made life easier for the lawyer to see their information while out of the office, it does come with some risks.  There will always be others trying to take advantage of the system wherever possible.  So not only keep yourself safe, but also remember to take care of your clients’ information as well.   While on the road, take the advice of lifehacker:  turn off sharing, enable your firewall, and use SSL whenever you possibly can.  Be proactive out there, and the chances of anyone seeing your data will be greatly reduced.

About Duane Cary

I have been with LexisNexis for over six years. I train customers in Time Matters, Billing Matters, PCLaw, and Juris. I have played many roles during my time with Lexis; tech support, escalations team, NPS team, and customer support when needed. My primary goal is always to make the customer happy. I believe we have some of the greatest software available to support lawyers in their daily routines, and I want them to believe that to by the end of a training session. If at the end of the day the customer is not satisified, then I am not satisfied. The customer experience is always my primary goal when teaching a class, whether is a virtual class, web-based, or in a classroom setting.