Skip to main content »

Silver Lining Playbook: The Security Advantage in the Cloud


Silver Lining Playbook: The Security Advantage in the Cloud

Even though there is a growing national consensus that law firms may use cloud technology, many attorneys are still reticent to make the leap. The most oft-cited concern is grounded in a belief that law firms, in maintaining client information locally, can do a better job of securing that information than a vendor of a cloud technology product could, by hosting information at its servers. This proposition is accepted as fact by a large majority of lawyers.

There’s only just one problem with that analysis: It’s probably not true.

In point of fact, cloud technology vendors maintain a number of advantages over the average small law firm, when it comes to securing data.

They’ve got more money than you do. Between investors and the collection of subscription fees, the ability to access an international market and sell as many products as there are subscribers willing to buy, cloud technology firms can make several multiples more than law firms can make, given that law firms cannot access private investors, are limited to representing clients within or with ties to specific jurisdictions and cannot bill hourly more time than its lawyers could actually work. Since law firm income is capped in ways software company income is not, generally speaking, software companies make more money, and can spend more money, than law firms could, in support of data security initiatives. The difference in income possibility becomes more stark, the smaller the law firm used in the comparison.

They’ve got more servers, in more places. If a small law firm uses a physical server, it’s probably using one. If there is a natural or personal disaster that affects physical facilities, that server may be wiped out. Using the cloud is really just using someone else’s servers, the cloud vendor’s. They employ more servers than you, within server farms that feature a heavier physical security presence than the average small law firm could ever hope to enforce. Many vendors employ a geographically redundant model in placing servers: information is stored at two locations, sometimes one on each coast of the United States. It is not cost-effective for small law firms to create such super-structures, such that that the logical choice for accessing that kind of security infrastructure is paying in, to access what a cloud vendor has already established.

They can afford an extensive technology staff. Small law firms are always desirous of cutting IT spend. Many small firms do not employ an IT person; instead, those firms will contract that relationship out. Many don’t even do that, and try to manage the IT load with existing staffpersons and attorneys. Cloud technology companies almost always employ CTOs, and beyond that, have in place full IT staffs. No small law firm in America, in all likelihood, can match, in the way of IT infrastructure, what a modestly successful cloud technology vendor will have in place, almost as a matter of course. Remote desktop applications will have IT staffing in place, and will manage, wholesale, updates and security patches.

They don’t traffic in paper. Many small firm lawyers feel that paper files are more secure than electronic files, because they have a tangible sense of control over those documents; but, in many ways, paper files are far less secure than electronic files. There are many ways in which paper files are compromised: lawyers often leave files on their desks that they are working on, and those files are accessible to staff, cleaning crews, colleagues — whenever the lawyer leaves his office; every time files are transferred around the law firm, whomever handles the files has access to them for that time period; paper files can edited, pages can be removed and there is no default method for being alerted to such changes, or for rediscovering what the complete file looked like once it has been changed; paper files can be lost, midlaid or misfiled. Electronic documents can be protected using several layers of encryption and digital signatures. Access can be limited to specific system users, without physical transfer requirements. Changes to documents are recorded as metadata, making it possible to track alterations to documents over time. Even electronic files that are saved to the wrong directories, or misnamed, can be found, using desktop search tools. Cloud technology vendors have embraced the paperless model, and that means that the data input by law firm clients will be more secure than data hosted by those law firms running, on their own, a paper-based or hybrid office.

They know you’re worried about security, and take pains to provide solutions. Cloud technology vendors in the legal technology space are aware of the concerns lawyers maintain respecting security of their clients’ data, and take consistent steps to improve their security offerings. Vendors offer a higher level of encryption than the average small law firm applies, feature more aggressive access options than the average small law firm utilizes and more aggressively position data backups than do small law firms. Review cloud technology vendors’ security audits, and security features, and ask yourself whether your small law firm can match what those vendors offer, and what it would cost to do so. When the answer is ‘no’, and then ‘not without bankrupting the firm’, the choice becomes clear.

Abacus Data Systems provides Turn-Key Technology Solutions that guarantee integrity, security and ultimate performance to help legal professionals and others alike quickly build and grow their practice successfully.

Please call 1-800-726-3339to learn more.

Share this article