How to securely work remotely Paul Delahunty offers practical tips for practice owners to balance work flexibility with security.

Remote work is here to stay – and for legal professionals, it brings a unique set of challenges. Whether you're drafting contracts from your home office or attending hearings over Zoom or Teams, security isn't optional, it's a professional obligation.

When you work in law, you're handling sensitive client data, confidential court documents, and privileged communications. A security misstep could have serious legal and ethical consequences.

The good news is that with a few good habits, you can stay secure, productive, and compliant no matter where you’re working from.

Secure your devices

Your laptop and phone are your command centre. Treat them accordingly.

• Use strong passphrases or biometrics. No more "Lawyer123" passwords. Use a password manager to create and store strong, unique passphrases.

• Enable encryption. If your device is stolen, encryption keeps your files unreadable. This is especially important for client documents.

• Keep software up to date. Security patches are your best friend – don’t delay updates.

Tip: If you print documents at home, make sure they're stored securely or shredded immediately after use. Privileged material should never be left unattended.

Use a VPN (Virtual Private Network)

A VPN encrypts your internet connection, which is crucial when you're outside the office.

• Why it matters: Without a VPN, someone on the same network could intercept your traffic. That’s a big risk when handling legal files.

• Choose a trusted VPN. Free VPNs can be risky. Use a firm-approved VPN or a reputable provider.

Tip: Make VPN use mandatory for all staff accessing firm systems remotely. Some case management systems require it, and for good reason. For additional protection, enforce MFA when accessing the VPN.

Be smart about Wi-Fi

Your internet connection could be the weakest link.

• Secure your home network. Change the default router password, use WPA3 encryption, and hide your SSID.

• Never use unsecured public Wi-Fi. If you need internet access while away from the office or home, enable a Wi-Fi hotspot on your phone and use that instead. For additional security, use a VPN and avoid accessing sensitive documents.

Tip: Consider using a separate, secure network just for work devices. That keeps your smart TV, gaming consoles, and kids' devices isolated.

Enable Multi Factor Authentication (MFA)

Passwords (or preferably “Passphrases”) alone are not enough, especially in law.

• What it is: A second layer of login protection using a code from your phone or app.

• Best method: Use an authenticator app instead of SMS.

• Where to enable: Email, cloud storage, legal case tools (Clio, LEAP, etc.), and communication platforms.

Tip: Client data, court documents, and communication platforms should always be protected with MFA. This is non-negotiable.

Watch out for phishing

Phishing is one of the most common ways legal professionals get compromised.

• Double-check emails. Look for misspellings or strange links – even if it looks like it came from the court or a colleague.

• Avoid clicking on suspicious attachments. Call the sender to verify.

• Use anti-phishing tools. Your email client or firm’s IT team can help set this up.

Tip: Law firms are high-value targets. Train your team to spot phishing attempts and report them immediately.

Keep work and personal lives separate

Blurring the lines can compromise confidentiality.

• Use separate devices. Ideally, use firm-issued hardware with security policies in place.

• Avoid mixing accounts. Never check work email from a personal browser profile or device.

• Lock your screen every time you step away, even at home.

Tip: Disable smart assistants (Alexa, Google Home, Siri) in your workspace. They can accidentally record privileged conversations.

Stay educated

Security isn’t static – neither is your obligation to stay informed.

• Stay on top of compliance requirements such as GDPR when working remotely.

• Take firm training seriously. It’s not just for compliance—it’s for your clients’ protection.

• Follow reputable cybersecurity sources such as The Hacker News, the NCSC, or The Law Society’s Cybersecurity page.

Extra step: know your ethical responsibilities

Working in law comes with ethical obligations that extend to your remote environment.

• Maintain lawyer – client privilege at all times.

• Have a remote work policy. If you run or manage a firm, ensure all employees are trained and following approved procedures.

• Document your compliance. This can protect you in the event of a breach or investigation.

Remote work gives legal professionals more flexibility—but it also requires more responsibility. By building smart digital habits, using secure tools, and staying educated, you can protect your clients, your firm, and your professional license.

In the legal world, security isn’t just best practice, it’s an ethical duty.

Paul Delahunty is Chief Information Security Officer at Stryve, a leading Irish multi-cloud and cybersecurity company and ICTTF Cyber Security Company of the Year 2022. Paul is CIO and IT Leaders Security Leader of the Year 2023 and 2024, and is the Tech Excellence Awards CIO of the Year 2024.