It’s Not Your Vault: Do You Know Where Your Data Is?

October 19, 2016

Editor’s note: Jared Correia is a paid guest blogger.

data securityIn case you were instead focused on what you were going to be for Halloween — there is a Harry Potter costume in my closet; just sayin’ –you should know that October is National Cyber Security Awareness Month.  While it is true that some lawyers do spend more time thinking about their Halloween costumes than they do about cybersecurity, it doesn’t take a magician to improve the way that most law firms protect data online.  It just takes the right tools.

. . .

In the modern environment, legal services consumers are savvier than they have ever been before.  Consumers are armed with more information than ever before, due to the rise of review and rating sites.  Differentiation points between solo and small firm lawyers have become more subtle; and, it’s not always about substantive legal work.  In a hypercompetitive environment, in which consumer choices hinge on small distinctions, the lawyer who presents as more tech-savvy, more capable of seamless online collaboration, better able to protect his client data, can win potential business based on those factors.  S024007_120x600Attorneys are beginning to implement technology components into fee agreements, in order to drive the point home.  Law firms positioning themselves as secure data repositories retain a potentially significant advantage over their competitors.

But, even as consumer demand compels technology adoption, a not insignificant number of lawyers would rather that progress be halted.  At the root of their reluctance is a fear of cloud-based services, which facilitate online data retention and sharing, while simultaneously increasing client and attorney flexibility and mobility.  Much of that fear is grounded in misunderstanding.  Even if ‘the cloud’ is attached to a misleading name, it is not something abstract at all: cloud computing for lawyers is merely the renting of space on a vendor’s servers in order to access data via the internet.  Almost half of the jurisdictions in the United States have opined that use of cloud computing for lawyers is appropriate; and, no state deciding on the question has said that it is not.

When the question moves beyond one of general disapprobation, lawyers fall back on an assumption that cloud-based services are not safe, that the data retained there is not secure.  But, consider the alternatives: A paper-based law office, with files strewn everywhere, which, when in use, rarely make it back to file cabinets.  In such an environment, there is precious little actual control over law firm data, where anyone allowed to walk through the law office would be able to misappropriate files, which would then be extremely difficult to track back down.  In a law office that employs on-premise technology, similar issues of access and control are apparent.  At large server farms that vendors use to store their clients’ data, there is heavy security at all hours.  At a small office with a physical server, there’s a secretary — assuming he or she’s not at lunch.  In fact, according to Alert Logic’s 2012 State of Cloud Security Report, on-premise servers are attacked by hackers more than twice as much as much as vendor-based servers.  A cloud-based technology infrastructure is more secure against both apparent and transparent threats than is an on-premise configuration.

. . .

Of course, as there are variations in on-premise technology architecture, so are there degrees of difference among cloud technology vendors.  Having a tool is one thing; having the right tool is another.

Thomson Reuters’ Firm Central is a cloud-based law practice management system featuring a high-level security program.  Data in transit is secured through an https protocol and 2048-bit SSL encryption.  Law firm information is hosted, stored and backed-up at U.S.-based data centers, with round-the-clock monitoring.  What the combination of those features means, in addition to a broader assurance that law firm data will remain secure, is that law firms can significantly reduce overhead (in terms of hardware and IT support) and administrative time spent on monitoring and updating a security infrastructure.  That has a positive effect on efficiency and the bottom line.

Since it’s National Cyber Security Awareness Month, perhaps it’s time to become more aware of Firm Central Cloud Security.