Management Assistance Program
Protecting Client Information on Portable Devices
By Jim Calloway
What if you copied a lot of documents to a USB flash drive for working offline and now you can’t find the drive? Do you have to report this potential breach to firm management or notify the client of this potential breach? Suppose a hacker has gotten into your laptop and downloaded some files?
The short answer is there is no breach of confidential information if the device is encrypted. We have known for some time that misplacing portable devices with appropriate encryption is not a security breach because the information remains inaccessible. There is also a good case to be made for encrypting all laptop hard drives.
Protecting Portable Devices from Catherine Reach, Director, North Carolina Bar Association Center for Practice Management, was published in ABA Law Practice Magazine this month and she has republished it on her blog. It is a comprehensive treatment on securing portable devices, from encryption, to remote wiping, to office policies.