When doing Work From Home you obviously have much less supervision and with that can cause legal staff and attorneys to become more laxed and lenient in their focus and adherence to cybersecurity best practices. It's the legal professional's responsibility to maintain appropriate levels of professional integrity but without realizing it you can inadvertently lower it in a WFH, non-office environment. Doing so can be detrimental to your firm and client confidential info.
Vigilance protecting firm and client data is all of our jobs and therefore you should be taking necessary actions to keep your firm supplied devices safe from hackers, data loss and security breaches. In that effort, your firm device should only be used for work functions. Using it for leisurely activities can put your firm in jeopardy resulting in lawsuits (happening more and more these days), grievances and a bad publicity.
A law professional's ethical obligation to protect client data would certainly include not using your firm devices and resources to check your Facebook, personal email accounts, personal bank accounts, shopping online, watching video services like Netflix, along with many other non-business related Internet and computer uses. Each of these personal uses (and others) all come with there own set of vulnerabilities that hackers can exploit.
Hacker's are tricky and crafty enough and it’s better to be safe rather than to give hackers easier ways to break in. Keep your personal use on your personal devices and you work separate and ONLY on firm owned devices.