As ILTA’s content curator, I’m always monitoring the discussion forums to discover what topics are top-of-mind among the members. Each week, I’ll focus on a few areas that sparked your interest, and I’ll provide some curated resources to assist your own information-gathering on the topics. It’s not surprising that many of the best resources sit within ILTA’s treasure chest. If there are specific topics you would like assistance exploring, please contact me at joanne@iltanet.org.
This past week, members discussed BYOD policies at termination, livening up Lunch & Learns, password sharing, and Single Sign-On solutions.
BYOD
In the 2014 ILTA Technology Survey, 47% of respondents had a BYOD policy. BYOD has some pluses and some minuses. Your phone = your responsibility. Yet, when an attorney leaves the organization, what is she taking that does not belong to her? Furthermore, how do you keep your organization’s information and your client’s information secure at all times?
For reading on developing a policy on BYOD at termination see these resources:
“BYOD Blues: What to Do When Employees Leave” from InfoWorld.com.
“BYOD: Three Lessons for Mitigating Network Security Risks in 2015” from Risk Management Monitor.
ILTA offered a webinar in 2014, “Beyond the Fortress – Fortify Content Before it Travels Outside Firm Walls” on keeping data secure on all devices. The ILTACON 2014 session, “CYA with BYOD Policies,” demonstrates how some of your fellow members manage BYOD.
TRAINING
Many of you offered great suggestions to liven up Lunch & Learns in the discussion forums. Beyond focusing on what we train, we can focus on how we train. I uncovered a recent PeerShare on gamification use. See where ILTA members are trending on the use of gamification in “Training PeerShare: Gamification.”
ILTACON 2014 presented “Gaming the Lawyers: Driving Adoption and Contribution and Change.” It focused on better implementation of knowledge management through gamification. This translates well to gamification of technology training.
Consulting company Deloitte implemented a gamification model for corporate training in 2012. CIO.com describes Deloitte’s model in “How Gamification Reshapes Corporate Training.”
Password Sharing
We can all agree that password sharing is ill-advised. We can all confess to having shared a password. When IT troubleshoots, the user often steps away from their device(s). IT needs password access. To stay secure, change the password at the onset of troubleshooting and require the end user to again change the password upon completion of the work. This solves the IT department’s password security compliance issues, but what about compliance within the rest of the firm?
Does your organization’s password policy need updating? For guidance, see the Fall 2014 Peer to Peer article, “The Business Case for Stronger Password Policies.”
Without follow-up and education your organization’s policy will not be fully implemented. Techradar.com provides suggestions on implementation and monitoring password policies in action: “Password sharing: How to Stamp out a Dangerous Habit.”
After passwords, what’s next in authentication? Read this summary and video about the FIDO (Fast Identity Online) Alliance. If you already know FIDO, jump 18 minutes and 10 seconds into the presentation for the section titled "Biometrics: The Weird and the Wonderful" just for fun.
“Will online authentication ever be free of passwords?” from TechTarget.com
Single Sign On
Is Single Sign-On (SSO) right or even possible for your organization? In the Fall 2014 Peer to Peer “Ask the Vendor,” Alan Rich advises that SSO can improve security. The links below contain useful tips on assessment and development of SSO.
“Prerequisites for Implementing Single Sign-On.” from TechTarget.com
“Best Practices for Deploying Enterprise Single Sign-On” from TechTarget.com
“Microsoft Gears up for Cloud Domination” from Inforworld.com discussing Windows Azure Active Directory.