How Law Firms Can Overcome Challenges of Cloud-Based Data Management

Featured article by Bill Tolson, Vice President of Marketing, Archive360

Law firms face special challenges when it comes to data management and storage. Several of these unique demands are based on the fact that most firms’ day-to-day data management has switched to electronic data, with less being manually printed out on paper. Within this context, law firms must differentiate between several types of critical and sensitive information including the firm’s business data, attorney case material, and client eDiscovery data. Each of these types of data comes in through different avenues, which makes finding and storing specific data harder and more time consuming because of the lack of centralization.

Other data-related difficulties for lawyers stem from factors like these:

– Data volume for law firm clients is notoriously high, and business records continue to grow, requiring more specialized IT personnel to manage the deluge of information.

– The volume of eDiscovery-related data from clients is exploding, and firms often can’t dispose of the massive amounts of data (gigabytes or sometimes terabytes) months or years later, even after the case concludes since it still needs to be stored.

– New data formats cause complexity issues and professional regulations require tighter data management—client requirements change often with some requiring regular audits of the firm to ensure compliance with best practices.

– Many firms lack strict data ingestion processes for incoming client data— some attorneys keep their clients’ data to themselves since their firm doesn’t enforce a centralized or tested client data management system.

Targeted and Under Pressure

In addition to these industry realities, law firms have become a major target for hackers that keep getting more and more sophisticated. Legaltech News recently quoted Mary Galligan, the former special agent in charge of cyber and special operations with the FBI’s New York office, who stated: “We have hundreds of law firms that we see increasingly being targeted by hackers.” A recent article in The New York Times noted that the reason American law firms are particularly vulnerable to online attacks is based on the type of information they’re storing: “the firms are a rich repository of corporate secrets, business strategies and intellectual property.”

This increased threat landscape for law firms means that sensitive client data needs not just to be stored, but securely stored. Yet while maintaining security has become a very serious issue for the legal industry, many firms have been slow to acknowledge the problem or remain unaware of it until it hits them over the head. A survey conducted by the American Bar Association’s (ABA) Legal Technology Resource Center found that 70 percent of lawyers in large firms had no idea whether or not their firm had experienced a breach of security.

In addition to guarding against these types of threats, law firms also have an ethical obligation to securely store client data, with some states mandating stricter requirements than others in this regard. Yet ensuring this added data protection can be pricey for firms, as enterprise storage costs continue to climb. Ongoing on-premise data storage that includes regular backups/replication, IT personnel, disaster recovery planning, data security measures, and annual support can easily stretch into the $0.35 to $0.50 per GB per month range for enterprises when considering cost per unit. These ongoing costs are above and beyond the purchase price for the solution.

As if these data management and storage problems aren’t enough for the legal industry to deal with, accessibility of law firm data is also an issue. With more client work being done away from the office, many attorneys now need instant mobile access to client files. Client requirements are escalating as well, with a growing number of clients wanting to know how the firm is securing their data, and demanding instantaneous access to and collaboration with their attorneys to receive quick answers. Some clients even require knowing the firm’s process for records management via outside counsel guidelines. These pressures may lead attorneys to go the BYOD route, loading data onto their laptops and phones via sync-and-share, which may not be secured since many law firms have not taken the needed steps to upgrade their enterprise security to include mobile access.

Help in the Cloud?

Law firms need solid solutions to help them mitigate these multiple challenges, namely ensuring that attorneys are using the right equipment to help them stay productive while keeping the firm’s and clients’ data secure. More firms are turning to the cloud to help them manage and protect their client data while gaining quicker access—particularly to their “hot” and “warm” data needed most frequently—via a cloud solution. Yet cloud-based data management is not risk-free, particularly where public clouds are concerned with data stored off-site. Without proper safeguards regarding access requirements, cloud use by firms does expose the data to potential access by third parties or hackers. The cloud can also raise issues relating to bandwidth and latency, leading attorneys to try unsecure workarounds if the system is too slow, for example.

There are many potential benefits, however, for those who go the cloud route. One of the biggest of these is the cloud’s ability to provide predictable long-term storage of huge data sets. Cloud security has also become much more reliable, as reputable cloud solutions now offer staff experts, external audits, and a high level of standardized security protocols through tactics like in-flight and at-rest encryption. Through this data-confidentiality strategy, client data can be encrypted and moved to the cloud immediately, providing case-specific security for each client since only the data owner (the law firm)—not the cloud provider—holds the encryption key. Encryption also makes it much more difficult for hackers to access the data.

Other cloud benefits include:

– Automatic scalability to allow for elastic capacity on demand—vital since the data volume continues to increase month over month in many firms

– Potential for trouble-free data access for attorneys when out of the office

– Adherence to mobile-data-access best practices

Finding a Way

Top cloud-based data management and storage solutions can offer law firms a comforting combination of trusted service features, tested compliance through third-party regulators, and secure operations—an endpoint for data of all types. Ideally, a regulatory compliance solution offers long-term data retention designed for that category of data known as “grey data,” which refers to low-touch, inactive data that comprises much of the legal information that a firm needs to store indefinitely.

The bottom line is, you don’t want to find yourself on the cover of the ABA talking about being the latest victim of a major data loss. To successfully overcome the challenges of cloud-based data management and have the best chance of keeping your clients’ data safe from cyber-attack, law firms should first review their data access requirements for different types of files and evaluate their options. Every firm has information that likely would benefit from cloud storage for process efficiencies and cost-effectiveness.

Next, target a cloud storage solution that offers you self-service access, so there is less involvement needed from your firm’s IT department. When chosen wisely, your data storage solution can provide a built-in basic legal workflow that allows attorneys to deliver results securely to outside or opposing counsel in the appropriate electronic format and provide detailed reporting. With the right system in place, your firm can lower costs as much as possible while keeping key data accessible to your increasingly mobile attorneys, lowering your overall risk.

About Bill Tolson, Vice President of Marketing, Archive360

Bill has more than 25 years of marketing experience with multinational corporations and technology start-ups, including 15-plus years in the archiving, information governance, and eDiscovery markets. Prior to joining Archive360, Bill held executive and senior-level marketing positions at Actiance, Recommind, Hewlett Packard, Iron Mountain, Mimosa Systems, and StorageTek. At Archive360, Bill is responsible for directing all brand strategy, product marketing, corporate marketing, public relations, sales enablement and strategic partner marketing. Bill is a frequent speaker at legal and information governance industry events and has authored numerous articles and blogs. Bill is also the author of two eBooks: “The Know IT All’s Guide to eDiscovery” and “The Bartenders Guide to eDiscovery”, the author of the book “Cloud Archiving for Dummies” and co-author of the book “Email Archiving for Dummies”. Bill holds a Bachelor of Science degree in Business Management from California State University Dominguez Hills and is married with two children.