Welcome!

@CloudExpo Authors: Elizabeth White, Yeshim Deniz, Zakia Bouachraoui, Liz McMillan, Pat Romanski

Related Topics: @CloudExpo, Agile Computing, Cloud Security

@CloudExpo: Article

Is the Cloud Ready for Legal? | @CloudExpo #Cloud

If done wisely, moving to the cloud can actually be very easy for law firms

Cloud applications are well established for many activities such as CRM, HR, and billing. With the cloud paradigm proven for so many enterprise tasks, the question of cloud vs. on-premises seems like yesterday's - or even last year's - debate. But is the cloud ready to handle the unique requirements of legal work? The answer is yes, with a caveat. The cloud is ready for legal, but a legal firm must ensure its cloud vendor, cloud applications and internal processes for dealing with the vendor and applications are all in line with legal industry best practices.

According to research conducted by Hyperion Global Partners, the cloud is the third-ranked functional capability valued by legal firms. This is not surprising given the need to manage huge amounts of content across the enterprise, the desire to share this information with vendors and partners beyond the firewall, and the fact that user-created workarounds for managing and sharing content rapidly introduce points of risk into legal firms. Still, firms contemplating a move to the cloud must fully understand where and how the cloud can fit into the scope of all their legal processes. The nature of legal work is changing. Document management has evolved through matter-centric collaboration to become what is now called work product management. Today's mobile, tech-savvy new professionals expect access to their work product from anywhere, on a variety of devices. New forms of communication including text, social media, photographs of whiteboard notes, and documents scanned with mobile devices are now considered standard business practice.

These capabilities clearly require a cloud solution, but when it comes to the legal industry, the cloud presents a number of challenges. The first is a generally misplaced concern about security. With the regular success of data breaches that use phishing attacks to trick employees into compromising their networks, it's no wonder that the legal industry may be hesitant to adopt a technology that some may mistakenly see as further opening the door to cyberattacks. Within the legal industry, Hyperion notes that "privacy concerns and fears of compliance risk continue to keep the migration of sensitive or potentially sensitive information toward external servers limited." An American Bar Association (ABA) study recently reported that 15 percent of respondents acknowledged that as of 2015 their firms had experienced a security breach - a slight increase over previous years - while 23 percent admitted they did not even know if their firms had experience such a breach.

This general security concern is certainly taking a toll. Notably, 12 percent of respondents to the ABA survey reported having a client request a security audit or verification of the firm's security practices. An amazing seven sessions at last year's LegalTech New York on cyber security reflect a prevailing fear of attacks. As a result a "herd mentality" may be preventing cloud adoption in the legal industry - despite the disconnect between the common targets and methods of successful breaches and increasingly secure cloud services. Writes Michael Kemps in Legaltech News, "Firms seek assurances that other (often competitive) law firms, colleagues and industries have vetted and validated the options.... Law firms - for the most part - want to follow, not lead and let others make the missteps before they invest in something new." This is especially true of small and mid-sized firms that typically follow the lead of larger firms.

In addition to this general industry resistance, a cloud solution for work product management must address important legal requirements around stewardship and security over client information, stability of service to handle mission-critical activities, very large file sizes, and integration with other systems and applications. A cloud solution must also satisfy the needs of new legal professionals, who want more control over their hosting environment, including secure access to critical information anytime and anywhere, with seamless transitions between cloud and on-premises systems.

Innovative technology solutions are emerging that address these concerns. A key tactic that is gaining popularity in the legal industry is a hybrid approach to the cloud. A hybrid cloud architecture offers full functionality both online and offline, giving professionals the ability to seamlessly work from any location, even when Internet connectivity is nonexistent. Leading firms that have adopted hybrid cloud strategies report significant improvement in attorney productivity and governance with lower hardware and software costs.

In addition, the tide may actually be turning when it comes to legal firms using the cloud. Small and midsized firms, under constant competitive pressure, have started deploying cloud infrastructures and software as a service (SaaS) solutions.

For example, mid-sized Pryor Cashman LLP found that only about 40 percent of its attorneys ever used an on-premises content management system because it lacked the features and user experience they required. When the firm moved to a cloud-based system, however, it found that the implementation cost was over 50 percent lower than the cost of deploying an on-premises system and that the system could be delivered in less than six weeks. Most important, by providing the features and user experience their attorneys required, the firm significantly increased the number of lawyers actually using it for collaboration and document retention.

Similarly, Denver-based Hall & Evans began its cloud journey with a Microsoft Office 365 initiative, and this led to broader adoption of cloud services, including a 100 percent cloud-based content management system that offered extensive functionality. The firm has since reported reduced hardware and software costs, increases in productivity and user adoption, better email filing, and enhanced sharing among attorneys and practice groups.

As such successful use cases become well known, the adoption of cloud-based content management systems by law firms of all sizes is likely to accelerate.

Foundational Elements of Cloud Solutions for Legal
In this context, for law firms' IT departments, the discussion in 2016 shouldn't be whether or not to use the cloud, but how to best use it based on the firm's specific situation and needs, and what kind of cloud architecture, features, and deployment options make the most sense. As firms assess new technology, four foundational elements should be considered. A cloud strategy for legal should be based on security, functionality, performance, and availability.

Security
Law firms and their clients want to be certain that cloud vendors maintain the latest security standards for confidentiality and privacy. As such, data centers should be certified to the latest information security standards including ISO 27001 and SSAE16 SOC Type 2. Customer data should be encrypted in transit and also encrypted at rest in data centers. There should be no co-mingling of customer data. This can be ensured using virtual machines and segregated virtual private cloud systems.

Functionality
A hybrid approach offers full functionality and scalable, reliable performance both online and offline. This gives professionals the ability to seamlessly work from any location. Users should have a choice of a tightly integrated desktop or mobile client that can function with or without Internet connectivity. Server and client applications should integrate with key technologies that provide users with email and content production applications such as Microsoft Office 365.

Performance
Legal professionals need un-throttled connectivity for uploads and downloads of large document files that may exceed 2GB each. Data centers should have the processing power to handle billions of documents. For optimum performance, modern data centers utilize solid-state drives for rapid search, responding quickly to user actions, and caching file input/output. Wide bandwidth firewalls and VPNs can help provide the level of performance new professionals demand. To minimize latency, data centers can be located near the largest user communities.

Availability
To ensure high availability, hardware may be architected with a highly redundant design. An optimum disaster recovery site uses identical hardware with the same CPU and solid state drives as primary sites. Modern solutions also use virtual machine replication to the secondary data center for rapid disaster recovery. Disaster recovery plans should be tested regularly. If vendors deploy a virtual private cloud for each customer, failure of a component for one customer won't impact other customers.

The Future Is Within Reach
If technology vendors are attentive to today's users, they can engineer cloud solutions that are ready to handle the unique requirements of the legal industry and the demands of new professionals. Law firms and legal departments contemplating a move to the cloud should consider these questions as they evaluate technology:

  • Does it work anywhere?
  • Does it work the way professionals do?
  • Does it provide control over content location, maintenance, and upgrades?
  • Is it secure and resilient?
  • Does it map to the regulatory environment?
  • Does it have a proven track record in satisfying attorneys and staff?

If done wisely, moving to the cloud can actually be very easy for law firms - with minimal changes but with a significant impact.

More Stories By Alan Turner

Alan Turner is director of product management at iManage, a global leader in professional work product management. He has over 28 years of experience in product development and product strategy for complex software products and Software as a Service (SaaS).

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throughout enterprises of all sizes.
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understanding as the environment changes.
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
Apptio fuels digital business transformation. Technology leaders use Apptio's machine learning to analyze and plan their technology spend so they can invest in products that increase the speed of business and deliver innovation. With Apptio, they translate raw costs, utilization, and billing data into business-centric views that help their organization optimize spending, plan strategically, and drive digital strategy that funds growth of the business. Technology leaders can gather instant recommendations that result in up to 30% saving on cloud services. For more information, please visit www.Apptio.com.
OpsRamp is an enterprise IT operation platform provided by US-based OpsRamp, Inc. It provides SaaS services through support for increasingly complex cloud and hybrid computing environments from system operation to service management. The OpsRamp platform is a SaaS-based, multi-tenant solution that enables enterprise IT organizations and cloud service providers like JBS the flexibility and control they need to manage and monitor today's hybrid, multi-cloud infrastructure, applications, and workloads, including Microsoft Azure. We are excited to partner with JBS and look forward to a long and successful relationship.