Mobile devices provide lawyers with increased opportunities to unwittingly share confidential or private client information. One of the more common scenarios is when a lawyer or law firm staff has left the office and is using a wireless network connection. It is common to focus our hand-wringing on coffee shop wireless networks, but a home network or one in an airport, public library, courthouse, or opposing counsel’s office poses the same issues.
You can secure your activity outside the office by using a virtual private network (VPN) to encrypt your activity. If your practice is entirely cloud-based, working through an encrypted Web browser connection, you can probably stop reading here. But if you want to connect securely to systems back at the office, VPNs are a good option.
Alternative to Virtual Desktop
Virtual private networks used to be relatively difficult to put into place. The computer sending the transmission and the one receiving the data both have VPN software installed and configured. For solos and small firm lawyers, it can be easier to forego this and connect directly to your computer using a virtual connection like LogMein or Citrix’s GoToMyPC. You would connect to the virtual provider’s Web site, they would relay you to your office PC, and you would use it as though you were sitting in front of it.
VPNs work a bit differently. You do not need to load your remote PC’s desktop, which can sometimes be a slow process. Instead, the VPN turns your remote device into a member of your office network. Connections to network drives and other internal applications will work as if you are in the office. This means that, while the VPN is encrypting your connection and it will be slower than if you were in your office, you do not need to leave a PC running in your office to which you can connect for a virtual session.
By securing your connection, VPNs create a private Internet pipe within the public Internet pipe. Picture it as if you were sticking a really thin coffee stirrer (a hollow one) inside a larger soft drink straw. While your information is traveling across the VPN, it will go more slowly than it would with a direct connection. As more lawyers and staff at your firm use the VPN, your VPN will need to grow as well.
Your network hardware may already include a suitable VPN but otherwise there are dedicated pieces of hardware that do nothing but handle VPN connections. The larger your firm, the more likely you are to have a hardware VPN. Even consumer-oriented hardware sometimes comes with an option to add VPN support. If you don’t have a router that supports a VPN already, you can include that in your requirements the next time you upgrade your network hardware.
VPN Software Options
Not surprisingly, VPN technology is available in an open source variety, known as OpenVPN. This software can be installed on your two devices – servers, desktops, laptops, tablet, or phone – and you can create a VPN tunnel between them. In practice, this requires more than average technology skill because you also need to configure your network hardware to enable an outside device to connect to an internal one. It means that there is no intermediary server, though, in case you are concerned about transmitting information, even when encrypted, through a third party’s computer. A simpler choice for most lawyers is to go with a service that creates the VPN and manages the encrypted connection between your systems.
An exceptionally easy one to use and set up is LogMeIn’s Hamachi, which online game enthusiasts like for creating private environments for games like Minecraft. It works similarly to the virtual desktop product from LogMeIn, except that you connect to the network resource, not to a remote virtual desktop. Products like Hamachi allow you to have multiple users on the VPN, unlike the one-to-one connection with a virtual desktop. If 3 of your staff all need to access the network, whether to reach a file server or billing system, the VPN can handle all the connections at the same time. Your encrypted connection travels from your computer to LogMeIn’s server and then to your office, and back again.
LogMeIn Hamachi has a free service for up to 5 users. Comodo Unite is another free service, with apparently unlimited connections available. Comodo are known for other consumer Internet security software, and this is a rebranding of a product formerly known as EasyVPN. Your device operating system may determine which product you use. Comodo is only for Windows, for example.
Smart phones and tablets can also use VPNs to connect securely. there are VPN tools for Android and iOS devices as well. You can find them in Google Play and iTunes. A VPN can offer a better experience, since you are not trying to load a Windows desktop on a much smaller screen using your VNC app. Instead, your phone connects directly to the server or sends the print job as if it was connected to the network.
You should still use https (secure sockets) when accessing Web sites and may not want to use your VPN if this is all you are using. Once you turn on your VPN connection, your network activity will travel across the VPN. This will cause it to be encrypted from those around you. If you have a laptop, you may have both a wired network jack and a wireless network antenna. If you use both at the same time, you need to use the VPN on both connections. Otherwise, you may find that, by multi-homing, you are unintentionally transmitting information over the unsecured connection rather than the secured one.
In the end, VPN is another tool you can use to ensure that, when it’s appropriate (you’re accessing confidential or private information) and necessary (you’re not using a secure connection, whether wired or through an encrypted Web browser session). Like most technology, once you’ve gone through the steps of installing and configuring it, you can start to see how it can benefit the way you practice when you’re away from the office.