Blog

How can law firms reduce the risk of cloud services

/ Technical
Last updated on April 16th, 2020

IT security - How law firms can de-risk the cloud

Rapid change within the legal sector nationally and internationally has made many firms look to the cloud for solutions. In times of turbulence, legal firms and, in fact, other businesses look for change, to get an edge over the competition, to pick up that golden chalice dangled in front of their noses by a smart salesperson. However, when you are hungriest, you need to be doubly careful with decisions. Don’t take risks. Be informed. Take your time.

The cloud is a very large playing field, so I’m going to talk in general terms and at a ‘high-level’. After delivering and consulting on cloud systems for more than a decade, we’ve seen and heard pretty much everything, so this blog post is just a summary.

So many IT service providers are pumping cloud services as the only ‘real’ IT solution for the modern legal firm. This is simply false and negligent – the cloud isn’t always the right solution. Whilst there are many areas where cloud services can deliver a business gain – you should just throw everything into the cloud without consideration.

Cloud is a tool, no different from a new server or piece of software. For example, if you’ve bought your marketing department Apple Macs, should you now roll them out throughout your firm? No. It’s the same with cloud services. They have their uses but you need to apply clear business rationale to any decision – think of now and the longer-term.

It’s important to remember that cloud isn’t some brand new technology – it’s mainly just hype. Hype causes issues and clouds judgement. It creates a sense of urgency and a fear of missing out. The herd mentality within the legal sector only exacerbates this further.

The cloud gold rush has got every man and his dog trying to provide and resell cloud services to fill a demand. You even have phone system companies and printing machine companies trying to resell IT services on a cloud model into the legal sector. This is just insane, IT isn’t simple – true business-enhancement comes from careful analysis, effective tailoring and solid integration of numerous different technologies and systems. Legal firms need to be evaluating and analysing their business models, workflow and general operations, looking for improvement and identifying the right technologies and systems to support that change. Technology should not be leading change, merely supporting it.

So, what needs to be covered when speaking to Mr Provider about the shiny new cloud solution? I’ve created a list of ‘high level’, not exhaustive, questions legal firms should consider.

Ask yourself:

  • Has our firm, and its operations, been analysed in suitable depth by the provider, and a clear business case made for the change?
  • Will they stand by and guarantee any claims made in their proposals?
  • Are there any changes to the firm in the foreseeable future that could impact our chosen solution?
  • Do we have options, both in and out of the cloud?
  • Do we clearly understand the benefits and drawbacks of the different options?
  • What are the true costs of the options over the term of the contract or life of the solution?
  • Do we need to factor other costs into the project, i.e. do we need additional network connections, training, resource allocation, etc.?
  • If this doesn’t work – how are we going to fall back?
  • Does the solution meet our regulatory requirements?

Ask the provider:

  • What is the financial status of the provider?
  • How long have they been delivering cloud services?
  • What certifications and accreditations do they hold?
  • What are their Service Level Agreements and what happens if they don’t meet them?
  • How will you exit the cloud service should you wish to or need to?
  • Do they have control of their infrastructure and services, or are they reselling someone else’s?
  • How can they assist with your migration into the cloud – and vice versa?
  • What can impact the service they are delivering to you, and how can those risks/effectors be mitigated?
  • How are they securing your data from external threats? Can they Certificate testing?
  • What levels of resilience have you built into your infrastructure? If a server fails what happens? A network connection? A disk storage system? Power?
  • How will the billing model change if you ramp the firm up or down?

Don’t steer away from the cloud. As with any IT system, when it’s been chosen through careful analysis and tailored to a business’s operations the results can be impressive and game-changing. Just have your eyes open and take the time to breathe.

Robert Rutherford, CEO of QuoStar

NEXT>> Can cloud help businesses to go green?

/ Security
Why you need to review your business continuity plan now

They’re not here yet, but plummeting temperatures and snow weather warnings will soon get you thinking about how the Winter conditions will impact your business. Maybe key staff are unable to commute, distribution channels could be disrupted or communication lines might go down. Simply put, sleet, snow and flooding will all wreak havoc on your […]

/ Security
Are state-sponsored cyber-attacks a serious threat to your businesses?

The notion that a country’s military cyber-division has your business in their crosshairs for a cyber-attack feels ridiculous. Firstly, what could your business have possibly done to warrant such an attack and secondly, why would your business be a target? Why do state-sponsored cyber-attacks target businesses? A state-sponsored attack usually has one of three objectives: […]

/ Strategy
5 steps to creating an IT strategy

IT is a critical part of almost every department, yet many businesses are not taking full advantage of new technology or realising the full potential of their IT investments. This where an IT strategy comes in. An IT strategy, when done right, is a powerful tool for driving growth, increasing efficiency, achieving goals and supporting […]