For Law Students

Join Now

Security and lawyers working on their mobile phones – do they mix?

Mobile Security

There is no denying that mobile phones have taken over how business is being conducted in almost every industry. This is not surprising given that mobile phones surpassed the use of desktop and tablets combined already in 2015. The legal field has also been affected, albeit the tools being used remain (comparatively speaking) fairly old and basic, email still being the most utilized tool on mobile devices.

To most of us, it would seem a bit archaic (not to mention inefficient) to have to rely solely on emails when on the go, filtering messages to find the right attachments, not having access to documents, databases, etc… Yet, that is the reality of mobile working for the vast majority of lawyers still today. The systems being used by most law firms are simply not very advanced from a mobile perspective.

So, why is it that lawyers are not using better tools, with better mobile adaptability? The classic excuse has been security: “We simply can’t work on mobile because it’s not secure.” At this day and age, when literally everyone else is on mobile, including banks and stock trading platforms, can this still be regarded as a valid argument?

Lawyers adopt technology last

Because lawyers are traditionally quite risk averse (or so they say!), they also tend to adopt technology at the tail end. So when the rest of the world went cloud-based and mobile, lawyers were still clinging to their on-site servers and desktop systems.

It’s only now that law firms are starting to realize the potential that lies in mobile working, and are starting to build the right tools to enable it.

Mobile working and security

When it comes to security, there is certainly some truth to the notion that all apps can’t, or shouldn’t, be used by lawyers for work purposes.

That having been said, there has to be a way for lawyers, too, to have modern systems that can be accessed (like everything else in this world), wherever, whenever, and on any device. The answer lies in digital workplace apps.

A common misconception is that desktop applications are always more secure than mobile apps. This is not true. The key to achieving secure mobile working lies in adopting sufficient security measures and selecting tools that were designed from the get-go for mobile use with the appropriate level of security in mind.

Security measures

A mobile app has many components that play an important role when it comes to its security: there’s the software code itself, the network, databases, APIs, the device and its operating system, and the user.

Here are a few security measures that can be taken into account when developing a secure mobile app for use by law firms.

Identification, Authentication and Authorization

Multi-factor authentication is one of the security measures that can be implemented on a mobile app. (In some cases, this security feature is actually implemented on a mobile app, but not the desktop version of the same software, making the mobile application arguably more secure than the desktop.)

In addition to multi-factor authentication, technologically advanced apps may capture a digital footprint of your phone that prevents another device from being used to get into your account.

Identification, authentication and authorization extends to the API security of the app. APIs are the main conduits for content, functionality, and data, so ensuring proper API security is an important part of the chain when building a secure mobile app.

A Good Mobile Encryption Policy

Well-designed mobile apps avoid storing data locally on the device. The more data that’s stored on the device (whether that’s permanently, or just temporarily), the more vulnerable it is.

A good mobile encryption policy includes end-to-end encryption of communication, file level encryption, mobile database encryption, and encrypted storage.

Network Security

Implementing a VPN is a good way to create a secure connection that’s less likely to be vulnerable to hackers listening in over an unsecure network.

In the minimum, any law firm with a digital workplace app should adopt a policy by which its staff members are not allowed to log onto the secure mobile app over public WiFi.

Device Security

A law firm adopting a mobile digital workplace solution should also adopt policies and security measures to maximize the security of the devices being used to access the app in question. These include taking appropriate steps to protect the devices against malware, blocking unauthorized devices, and securing cleared devices with firewall, antivirus, and anti-spam software.


Law firms seeking to remain competitive and maintain high employee satisfaction, as well as customer satisfaction, should be looking at implementing tools for mobile working. Lack of security can no longer be regarded as a valid argument for not implementing such tools. When done right, mobile apps can provide even better security than equivalent desktop applications.

Intraboom Intraboom is a digital workplace software company founded by Christine Ziebell, a former attorney from Finland. After a successful career in the legal industry spanning over two decades, Christine switched gears into software development. Her company focuses on developing intranet and workflow solutions for law firms and legal departments, with a particular emphasis on mobility.