At iManage ConnectLive 2022 in Chicago

On October 12th and 13th, iManage held their first in-person ConnectLive conference since 2019. It was at the Willis Tower in iManage’s home town of Chicago. Attendance was very good. Attendees reported that they were very pleased with the content of the sessions. The venue, Convene in the Willis Tower, was wonderful, adding to the friendly ambiance.

Meredith Williams-Range and Neil Araujo at iManage ConnectLive, Oct. 12, 2022

One of my favorite sessions was a fireside chat between Meredith Williams-Range, Chief Knowledge and Client Value Officer at Shearman & Sterling, and Neil Araujo, iManage’s CEO and co-founder. Ms. Williams-Range is a leader in the world of digital knowledge management. In 2018 Williams-Range arrived at Shearman and Sterling, a firm founded in 1873. The firm had one billion documents in locations across the globe, an aged document management system, and very little process around associating files with a Client-Matter and filing to DMS.

They studied the way forward and decided that they would migrate to a cloud-based document management system. This was not a minor decision for a Big Law firm in New York City. Risk averse clients, including those in financial services, have historically been opposed to cloud storage. However, the team worked with their clients to educate them about the change. Ultimately, there was no client resistance. Kudos!

Of course, then COVID hit. Their decision served them well. They were able to migrate to iManage’s Work 10 Cloud during the pandemic. The migration was a success.

For more background on Ms. Williams-Range’s pioneering career and her work at Shearman, I recommend this Profile Magazine spotlight, Meredith Williams-Range Builds the Law Firm of the Future.

To all of the attendees, heavens, it was wonderful to see you again and to show you the latest enhancements in our LINK app. I have to say that the most appreciated new feature in our LINK app was automated check-in after editing.

Here’s what I mean. In our LINK app, check a file out of iManage Work. Edit it in the Word app. Then there is an easy process for the lawyer to check the edited version back into iManage Work. But…if the lawyer does not check the edited version into iManage Work, LINK will automatically check it in. Voila! Lots of love for automatic check-in.

ConnectLive 2023 may be back in NYC. We’ll see you there!

-Maureen

The Modern Lawyer Report from Above the Law and Litera

How Technology, Mobile Devices, and AI Are Shaping the Legal Industry in 2022

In February of 2022, Above the Law interviewed 500 attorneys on their views on technology, mobile devices, artificial intelligence (AI), and more. Of those 500, Associates made up 32%, Partners were 26%, and in-house counsel were over 12%. Above the Law and Litera have published their findings in The Modern Lawyer Report.

Over 58% over these lawyers consider themselves to be slightly ahead of the curve or a trendsetter in terms of use of technology. The lawyers who agreed to participate in this technology survey appear to be more tech-savvy than the general lawyer population.

Above the Law / Litera

Mobile Device Usage

Roughly 57% of attorneys reported that they can do “many things” or “everything” on mobile devices. From our vantage point this seems high, but consider the point above, that the majority of the attorneys who responded self-report that they are ahead of the curve in using technology. From our view of law firms, the third option, “I can follow email on mobile but that’s about it,” is the the common state of the art in law firms today.

Above the Law / Litera

Document review and approval is certainly the greatest need which attorneys and legal professionals have on mobile devices. Our clients tell us that the ability to review, annotate, compare, sign, and email documents in order to have complete workflows is their goal.

Above the Law / Litera

What is delaying mobile device adoption?

The report cities, “One partner stated, “My vision is too poor to work on such small screens,” while an in-house respondent noted that “security risks preclude the ethical use of mobile for most legal tasks.”

Artificial Intelligence

Artificial Intelligence or AI is a somewhat amorphous term, granted. Over 60% of these advanced technology users consider AI to be valuable to business success in legal services.

Above the Law / Litera

One of the conclusions of The Modern Lawyer Report is that, especially with respect to mobile devices and artificial intelligence, lawyers are not taking advantage of technology’s full capabilities. There is plenty of opportunity for them to adopt these technologies further.

Update: Here is a link to register and download the report from Litera.

If you have questions or comments, I’d like to hear from you. Write to: contact at mobilehelix dot com

-Maureen

Maureen Blando is the President and COO of Mobile Helix, the makers of the LINK encrypted app for lawyers. LINK provides simple workflows for Document Management and Email in a single, secure app. Note: the LINK App offers font sizes up to XXL. (See above. for relevance.)

Meet LINK: The Easy Way To Handle All Your Document Workflows On Your Mobile Device In A Single App

By Stephanie Wilkins

From Above the Law, a new product profile on our LINK app.

Here’s an excerpt:

Do Everything, Everywhere With LINK

When you think about the tools you use most in your day-to-day work, your document management system (DMS) and Outlook are probably at the top of the list. Working in both on your mobile device, though, has historically been a huge struggle, if not impossible. LINK brings them together in a single, secure, easy-to-use app.

LINK is designed to support the workflows attorneys use all day, every day. The app works with today’s most popular mobile devices – iPhones, iPads, and Android phones and tablets – and supports the three leading document management systems, iManage Work®, NetDocuments, and eDocs by OpenText.

LINK for Smartphones and Tablets

LINK is solving the pervasive problem of lawyers being unable to adequately work on their mobile devices. With LINK, lawyers can fully access their documents, compare them, mark them up, edit them, email them, and more, as easily and securely as they can on a computer.

Read the full profile here.

Questions? Write to us at: contact at mobilehelix dot com.

-Maureen

The LINK App for Android is here!

Yes! LINK is in production for Android smartphones and tablets.

Now you can use LINK’s workflows including annotation, comparison, and Word app editing with Manage Work® 10 on Android. NetDocuments and eDocs are supported, too! LINK is an encrypted container app therefore your files are separate from device access.

It looks fantastic, if I do say so myself. 🤩

Take a look at this brief video to see the LINK App’s easy workflows with DMS, Outlook, and web resources.🔽

LINK App for Android Video – 3 minutes

Let me know if you want to see a demo or to do a trial including Android, iOS, and iPadOS

-Maureen write to: contact at mobilehelix dot com

What is the LINK App? Find out in 112 seconds.

In this short video, view the major features of our encrypted LINK app.

LINK is integrated with iManage, NetDocuments, and eDocs DMS as well as Outlook and SharePoint. LINK enables essential workflows in a single app. Review, annotate, compare, and email files. Edit securely with the Word App.

Want to learn more? Email us at: contact at mobilehelix dot com.

-Maureen

REvil has struck again. What can we do? Design for explicit access.

At a glance… 

  • Kaseya VSA is used by IT organizations and many Managed Service Providers (MSPs) to track IT assets and to deliver software installations and patches to a network of endpoint nodes.  
  • Over the 4th of July weekend, a ransomware attack perpetrated by the REvil gang and its affiliates was delivered through the Kaseya VSA remote management software.  
  • Each Windows node on the network runs a Kaseya agent, which is responsible for downloading and installing patches and software packages from the VSA server. It is common practice for an MSP to use a single VSA server to manage all of the MSP’s client networks, meaning that one compromised VSA server can create a downstream impact on hundreds of individual businesses. 
  • 1,500 businesses may be effected. 

The fascinating anatomy of the hack 

REvil’s successful hack began with an SQL injection attack against the VSA server. The attacked VSA servers were exposed to the Internet, presumably to allow for remote access to the VSA server by an MSP’s employees. An SQL injection attack was crafted by the hackers to (a) bypass authentication, (b) upload a file, and (c) inject a command to distribute a malicious software patch. This software patch was then dutifully downloaded by Kaseya agents installed on Windows endpoints attached to the compromised VSA server. The technical details of how this was accomplished are explained quite clearly in this article by Sophos

The hack itself is fascinating from a technical perspective in multiple ways. First, an authentication bypass renders an entire stack of security technology (authentication providers and MFA) entirely irrelevant. There is no password guessing or credential stealing involved in this attack. Second, the MSP model where client networks are intermingled in a single VSA instance is inherently dangerous in that a single compromised server (whether it be a via a 0-day exploit or a more traditional stolen credential) can spread malicious software across many disparate organizations, geographies, and networks. Third, it is perturbing that a piece of software like the VSA server was directly exposed to the Internet. The lack of any intervening, independent authentication (e.g., a VPN or IIS authentication using certificates or Kerberos) places an inordinate amount of trust in the security architecture of a single piece of software (the VSA server). 

In general, the best way to mitigate hacks of all varieties is to apply a few principles: 

  1. Keep independent networks as separate as possible, and always require authentication to move between them. 
  1. Authenticate users and devices in layers that rely on disparate software stacks. Software is built by humans, and humans make mistakes that cause security vulnerabilities. Using independent software stacks to layer together multiple forms of authentication ensures that a hacker has to find multiple, independent mistakes that are exploitable in conjunction. 
  1. Because there is still no perfect way to prevent endpoint attacks from happening, effective endpoint protection is essential. The Kaseya exploit relied on anti-virus exceptions on the endpoint to allow a malicious file to be downloaded, decoded into an executable, and run via a shell command. This malicious executable then executed a side loading attack to actually launch the encryption process. Effective anomaly detection could have shut down the encrypting process before it got too far, and an alternative approach to using an anti-virus exception would have stopped the attack when it tried to execute the downloaded executable. 

A collective reconsideration of how we protect networks and endpoints is overdue 

This latest attack from REvil confirms the obvious – the business of ransomware is here to stay. Whether it is REvil, a spinoff from REvil, or an entirely new organization that is inspired by REvil’s success, a collective reconsideration of how we protect networks and endpoints is overdue. It has become standard practice to disable security software in order to enable functionality, rather than demanding the opposite – that software declare its intended behaviors in order to enable security software to detect anomalous behavior. 

A system of specific access vs. access to the entire network 

Our LINK system is architected with this last principle in mind. Rather than assume that all mobile devices need access to the company network (e.g., via VPN), LINK assumes that only a small number of applications and data repositories should be mobilized. To configure LINK, IT specifies exactly what intranet applications, email servers, and file repositories (Document Management Systems, One Drive, SMB shares, etc.) should be accessible from a mobile device, and this specification is role-based so that IT can take a pessimistic approach to mobile access (i.e., you can’t access anything unless permission is explicitly granted to you). LINK also uses multiple, independent layers of authentication – SSL certificates to authenticate the device, then traditional password-based authentication if the SSL authentication succeeds. Finally, each LINK installation acts as its own certificate authority for the purposes of SSL authentication. Hence, stealing a certificate for one installation does not grant access to any other installations. 

As we expand LINK beyond mobile, our goal is to promote a different approach to endpoint computing. This approach starts with the idea that users, applications and data need to be integrated explicitly, rather than implicitly. This creates a work environment that is easily encapsulated, encrypted, and protected with limited entry points and exit points to move data in and out of this environment. While no approach is perfect, the more explicit we are about how users, applications, and data interact, the better chance we have to stop the ransomware business before it expands any further. 

-Seth Hallem, CEO & Co-founder, Mobile Helix

Word App Editing Just Got Easier for Lawyers with LINK

We have developed several editing workflows using the Word app over the years. Our newest one is the easiest one which we have seen anywhere. This is in part because our LINK app securely integrates your Document Management System and Email with the Word app. Therefore, you can choose to edit a file from DMS or an email attachment and it will open directly in Word.

Take a look at our 2 minute, 44 second video to see this workflow.

Here’s what you don’t have to do in our workflow:

  1. No need to copy the file in the Word app. LINK encrypts the file and moves it to Word.
  2. No need to save the file as .docx in the Word file. LINK converts .doc to .docx for you.
  3. No need to delete the file from the Word app after editing. LINK deletes it.

This video shows how straightforward it is to edit from LINK with the Word app.

LINK is integrated with iManage Work® 10, on-prem and in the Cloud; NetDocuments DMS; OneDrive; Network File Shares; and OpenText eDocs is in development. LINK is also integrated with Microsoft Exchange, therefore, you have your Outlook Email, Contacts, Calendar, Tasks, and Notes within the LINK App.

If your attorneys are looking for a simple way to edit files in DMS or in Outlook email with the Word app, email me. We are happy to show you a demo of this workflow.

-Maureen

contact @ mobilehelix dot com

Annotation Just Got Easier – New LINK App Release

Attorneys have always loved the annotation in LINK because anytime you open a file in LINK, annotation is immediately on the same screen. Whether the file is in DMS or another file share, or whether it’s an attachment to email, it just takes a tap to bring up the annotation menu. Annotate, then tap to email or upload to DMS or a file share.

You can even save your signature and initials in LINK so that you can sign a file with a couple of taps on the annotation menu.

In our new release you’ll see:

  1. Improved location of the annotation menu
  2. New features, including page display settings and grid view
  3. Enhanced layout of the annotation tools, for clearer discoverability
  4. A lighter interface.

We’ve gotten wonderful feedback on these improvements. Thank you!

You can get a quick look at the new UI in this 17 second video:

LINK App Annotation in 17 Seconds

To see LINK’s annotation in a full workflow, watch this video.

You will see how to use LINK’s split screen, then how to annotate a PDF, and email it.

If it looks simple, that’s because it really is. If you would like to see a demo via Zoom, write to me at: contact at mobilehelix dot com.

-Maureen

Productivity Leap with the LINK App: Multi-task with Split Screen Mode

This is a fun week for us! With this new release LINK gives you the ability to multi-task on a tablet. We have also refreshed the LINK UI with a lighter look. The feedback has been fantastic. We appreciate the enthusiasm!

The key feature which enables multi-tasking is Split Screen Mode:

  • Two screens
  • Multiple live tabs in each screen
  • Tabs are files and apps like DMS, Email, Intranet
  • Drag and drop a file or app
  • Annotate or compare files in either screen
  • Keep email open while you work

Here is a 14 second preview of LINK’s new Multi-tasking capabilities.

Let us know if you would like to see a demo of LINK.

Email us at: contact at mobilehelix dot com

Next, more about the UI refresh!

-Maureen

Okta’s 2021 Businesses at Work Report

Each year I look forward to Okta’s Businesses at Work report. Okta anonymizes data from its more than 9,400 customer entities. These are customers which use the Okta Identity Network (OIN) with its over 6,500 integrations with cloud, mobile, and web apps, and with IT infrastructure providers. The report is free, not even a registration is needed. To my knowledge no other public report provides this level of data on cloud application usage.

For data lovers it’s a treasure trove of facts about cloud usage. There are over 28 charts and tables. Download it here. I’ll share a few of my favorite insights from the report.

Most Popular Apps by Number of Customers

Microsoft 365 wins. I attended a legal technology conference in 2014. In a session on SharePoint, hosted by Microsoft, the roadmap showed that Outlook, Exchange, and, yes, SharePoint were all moving to the cloud in the form of Office 365. People exited the room in fury. At that time, most law firms were adamant – No Cloud. While there will always be law firms, especially “Big Law,” which will keep Outlook, SharePoint, and the Office Suite on-premises, the adoption of Office 365 or Microsoft 365 in the legal sector has been swift over the past two years. The Okta data reflects this.

This chart shows that the gap in usage between Microsoft 365 and all other applications, including AWS and Salesforce, has only widened in the past 5 years.

Most Popular Video Conferencing Apps

This graph highlights the steep curve in Zoom usage which we all lived through in 2020. At Mobile Helix, we started using Zoom heavily in 2017. We even perform our LINK system deployments remotely over Zoom in about two hours. When the pandemic hit, we were easily able to deploy LINK with IT staff who were themselves working from home. Customers favor our over-Zoom deployment over an on-site visit as it ends up taking less of their time.

Customers Authenticating With Each Factor

Phishing has been up 220% during the pandemic per F5’s 2020 Phishing and Fraud Report (an excellent report on phishing). The Okta report quotes, “F5 warns that the login page of our most popular app, Microsoft 365 (M365), is one of the most popular targets for generic phishing because attackers know that stealing Office 365 credentials can grant them access not only to email but also corporate documents, finance, HR, and many other critical business functions.”

Strong Multi-Factor Authentication (MFA) should be used with M365. The chart above shows that of Okta customers authenticating with a factor in addition to, or instead of a password, 82% use Okta Verify. The good news here is that weaker factors such as SMS and security questions are on the decline.

One of the positive conclusions from Okta’s 2021 Businesses at Work report has to be that as difficult as 2020 was, with 38M people applying for unemployment, if it had happened even 10 years earlier, how many people would have been unable to work from home? The growth of web-based applications, cloud-based services, and mobile apps resulted in most office jobs successfully transitioning to work-from-home in two or three weeks.

2020 was The Year of the Cloud.

-Maureen