Practical Encryption: Files on the Go

Scenario: You’re headed out of the office for a series of meetings and you want to bring some electronic documents with you –open files you’re working on, a draft of a presentation, etc. – but you don’t want to carry around your full laptop.

Typical Solution: Grab one of the thumb drives from the pile you probably have in your desk drawer, copy over the folders full and files you think you might need, and hit the road.

Problem: This is a case where convenience often trumps good sense.  Throwing files onto a thumb drive and tossing it into your bag is fast and easy, but thumb drives are also easy to lose.  Maybe it falls out of your pocket in a cab, maybe you plug it into a client’s computer and forget to take it with you when you leave. Either way, losing that thumb drive is equivalent to losing a file cabinet: there’s tremendous risk of exposing sensitive data.

Solution: You don’t need to entirely abandon convenience to get security. You can still use a thumb drive, you just want to make sure the contents of that drive are properly secured.  There are a variety of specialty thumb drives on the market like the IronKey that come pre-loaded with sophisticated encryption software.  If you want a cheaper route, the popular free encryption tool TrueCrypt can be used to turn just about any thumb drive into a highly secure encrypted drive.

A few cautionary notes:

  • Encrypted or not, you still need to be careful about where you use the thumb drive. It’s generally smart to avoid public terminals (e.g. hotel common area computers) as they may harbor keyloggers or other malware that can expose your data.
  • Don’t leave open/decrypted files unattended.  If you plug in your thumb drive, decrypt the contents, and then proceed to wander away from your computer for a few hours, there’s no telling who will be able to access your data.
  • Any time you copy data offsite, you’ll want to have a plan for re-integrating that data when you return.  If not, you run the risk of creating a versioning nightmare where you can’t tell which version of a file is the “active” version.

About Joshua Poje

Joshua Poje
Joshua Poje (@poje) is the Director of the ABA's Legal Technology Resource Center, where he provides technology and practice management guidance to attorneys throughout the country. He is the editor of the annual ABA Legal Technology Survey Report and a frequent speaker and writer on legal technology topics. Follow him on: Twitter | LinkedIn | Google+

Check Also

Cyberattacks

Firms Go on the Defense in the face of Cyberattacks

While 2016 was a rough year for data breaches and cyberattacks, there is little reason to think 2017 will be any easier for law firms.