How can law firms reduce the risk of cloud services
May 12th, 2015
Rapid change within the legal sector nationally and internationally has made many firms look to the cloud for solutions. In times of turbulence, legal firms and, in fact, other businesses look for change, to get an edge over the competition, to pick up that golden chalice dangled in front of their noses by a smart salesperson. However, when you are hungriest, you need to be doubly careful with decisions. Don’t take risks. Be informed. Take your time.
The cloud is a very large playing field, so I’m going to talk in general terms and at a ‘high-level’. After delivering and consulting on cloud systems for more than a decade, we’ve seen and heard pretty much everything, so this blog post is just a summary.
So many IT service providers are pumping cloud services as the only ‘real’ IT solution for the modern legal firm. This is simply false and negligent – the cloud isn’t always the right solution. Whilst there are many areas where cloud services can deliver a business gain – you should just throw everything into the cloud without consideration.
Cloud is a tool, no different from a new server or piece of software. For example, if you’ve bought your marketing department Apple Macs, should you now roll them out throughout your firm? No. It’s the same with cloud services. They have their uses but you need to apply clear business rationale to any decision – think of now and the longer-term.
It’s important to remember that cloud isn’t some brand new technology – it’s mainly just hype. Hype causes issues and clouds judgement. It creates a sense of urgency and a fear of missing out. The herd mentality within the legal sector only exacerbates this further.
The cloud gold rush has got every man and his dog trying to provide and resell cloud services to fill a demand. You even have phone system companies and printing machine companies trying to resell IT services on a cloud model into the legal sector. This is just insane, IT isn’t simple – true business-enhancement comes from careful analysis, effective tailoring and solid integration of numerous different technologies and systems. Legal firms need to be evaluating and analysing their business models, workflow and general operations, looking for improvement and identifying the right technologies and systems to support that change. Technology should not be leading change, merely supporting it.
So, what needs to be covered when speaking to Mr Provider about the shiny new cloud solution? I’ve created a list of ‘high level’, not exhaustive, questions legal firms should consider.
- Has our firm, and its operations, been analysed in suitable depth by the provider, and a clear business case made for the change?
- Will they stand by and guarantee any claims made in their proposals?
- Are there any changes to the firm in the foreseeable future that could impact our chosen solution?
- Do we have options, both in and out of the cloud?
- Do we clearly understand the benefits and drawbacks of the different options?
- What are the true costs of the options over the term of the contract or life of the solution?
- Do we need to factor other costs into the project, i.e. do we need additional network connections, training, resource allocation, etc.?
- If this doesn’t work – how are we going to fall back?
- Does the solution meet our regulatory requirements?
Ask the provider:
- What is the financial status of the provider?
- How long have they been delivering cloud services?
- What certifications and accreditations do they hold?
- What are their Service Level Agreements and what happens if they don’t meet them?
- How will you exit the cloud service should you wish to or need to?
- Do they have control of their infrastructure and services, or are they reselling someone else’s?
- How can they assist with your migration into the cloud – and vice versa?
- What can impact the service they are delivering to you, and how can those risks/effectors be mitigated?
- How are they securing your data from external threats? Can they Certificate testing?
- What levels of resilience have you built into your infrastructure? If a server fails what happens? A network connection? A disk storage system? Power?
- How will the billing model change if you ramp the firm up or down?
Don’t steer away from the cloud. As with any IT system, when it’s been chosen through careful analysis and tailored to a business’s operations the results can be impressive and game-changing. Just have your eyes open and take the time to breathe.
Robert Rutherford, CEO of QuoStar
How to create an information classification policy
Documents are a business asset. If an asset is lost, stolen or damaged, it becomes a risk. Both for the business and for their client. This means having control systems in place to understand these risks is critical. And having the controls to counter them is equally as important. It sounds simple. But after a […]
6 reasons your business continuity plan is weak – and how to fix it
Business continuity planning involves creating a strategy to prevent, reduce and recover from risks to an organisation. Many organisations still have business-impacting IT outages that should be avoidable, or quick to recover from. There are six key reasons why these types of IT outages continue to impact businesses. 1. Not understanding risk Most businesses would […]
In the press: Solicitors told to up security after couple loses £45,000
Law firms have been urged to increase security measures in the wake of online scams where hackers pose as solicitors. In a recent case published in the Daily Mail Online, a newlywed couple lost their £45,000 deposit for a three-bedroom home in Bishops Stortford in Hertfordshire after sending the money to a hacker rather than […]