Strategies for Managing Mobile Devices in Law Firms

By Joseph Raczynski

Christopher B. Hunt – Tarlow, Breed, Hart & Rodgers, P.C.
Kris Snyder – VoxMobile


Today at the typical law firm the onslaught of various mobile devices abound.  The firm is now confronted with requests to support a fractious market of iPhones, BlackBerries, and Androids.  Not only must they deal with devices, they also grapple with various platforms and specific (Apps) applications.   This hodge-podge environment of disparate devices can be a major challenge.  This session at ILTA explored how firms deal with mobile devices and policy.

Firms have taken three approaches to mobile device management:

  • Big Brother: The firm issues devices to users

In this scenario a firm decides to keep things simple and provide users with one device, this typically creates the least pressure on the technology group.  In the past firms chose this route because it is easiest to manage and the most secure.  However, recently this “one device” management has become increasingly difficult to sustain.  Users are demanding use of their own devices which are not supported.

  • Free-for-all: The firm allows all personal devices to be connected to the network

This typically engenders tremendous support among users as they can use any device to their liking.  The attorney is responsible for purchasing the device.  However, all other aspects are placed in the hands of the firm who is tasked with managing the multitude.  The downside is that the firm is responsible for dozens of varying platforms, operating systems and devices.  Security can be a huge concern under this “free-for-all” policy.

  • Hybrid: The firm allows for multiple devices within set limitations

This approach allows some devices to be brought in from outside, but those units are from an accepted list.  This seems to be the trend among law firms as they find more flexibility with users, thus offering them a choice.

When crafting your policy consider these lessons learned from experienced firms:

  • Understand your firm culture, i.e. would your firm support a single device approach, or is the “hybrid” a better option?
  • Does the firm have the resources to support multiple devices, their unique security, maintenance, and associated apps?
  • What happens when the user leaves the firm? Should you wipe the entire device, or just the enterprise content?
  • Treat security and manageability as the primary requirements of your policy
  • In the long run, supporting multiple devices will probably not be the best plan so attempt to find common ground without causing a mutiny among your users
  • Lastly all firms should require: passwords, encryption and time-out periods

At the end of the day, when crafting your policy for mobile devices the juggling of security, firm culture, and manageability of the devices will be the most important variables to consider.   Each of these aspects will vary depending on the firm and should be weighed and adjusted accordingly.


Social Media Policy Development

By Joseph Raczynski


Julia Montgomery, Technology Projects Manager, Arent Fox LLP

Karen M. Sheehan, Head of PLC Law Department at Practical Law Company, Inc.

Mary Abraham, Counsel, Debevoise & Plimpton LLP (Moderator)


As social media has ballooned in popularity and use, law firms have had to wrestle with the myriad of implications on the organization.  Staff and attorneys who increasingly use of Facebook, Twitter and Youtube can cause serious issues for the firm.  This session at ILTA (International Legal Technology Association) focused around the various aspects of a firm developing a social media policy.

Here are some important points to consider when crafting you social media policy:

  • A firm should gather a wide internal audience for a complete perspective. These individuals should include: a partner, junior associate, the marketing department, and the “grandmotherly secretary”
  • It should involve a cross-disciplinary drafting team: IT, HR, marketing, ethics department, and someone who has used social media in the past
  • A policy should keep the policies broad so as not to get into specific types of social media like Youtube or FourSquare
  • The policy should not be crafted unless you actually play in the field. That is, that policy owner needs to know how each works, e.g. Twitter, Youtube, LinkedIn

Some recommendations for a firm to its users:

  • Firms are using social media to look at people for hiring and firings.
  • You may need to educate people about privacy settings and work with IT to adjust sites at the firm
  • You should have a designated individual at the firm whom users could visit to ask if it makes sense to post something
  • The best rule of thumb is to keep in mind if what you are doing or saying is “in public.” In most cases, what you write online is public or can be made public
  • Some firms are blocking all users from social media, some firms merely block staff, and others actually select individuals who have a reputation for abuse


Educational Issues:

  • If a policy is not accompanied by education, it will be hard to enforce
  • Be sure the employees of your firm understand the opportunities and the dangers of social media
  • A firm can dictate what you can or cannot write on Facebook, if you are on company time and using company resources. There should be no real expectation of privacy if you are posting on Facebook and are associated with a firm.  However, the firm must have a business justifiable reason to take action.

Ultimately with the rapid adoption of social media, a carefully crafted social media policy is highly recommended.  It must be broad in its scope to include all possibilities and use cases as it is easier than ever to break the client confidentiality rules via social media.  Lastly, users must be aware to be honest about who they are, making it clear their views or their own and understand that even those statements potentially have an effect on the firm.