By Corey Stephenson
The Daily Record Newswire
The ethics of storing and transferring data remotely with a third party has some lawyers hesitant to try software as a service, or SaaS.
Especially for solos and small firms, the benefits of cloud computing can seem to outweigh the concerns: no IT infrastructure required, applications that require minimal training and no capital outlay, just a set monthly fee. But many attorneys are concerned that their client data will be less secure in the cloud, explained Jim Calloway, director of the Oklahoma Bar Association’s Management Assistance Program.
Security concerns include hackers, loss of a password or data mining at the location where the data is actually stored.
Jack Newton, president of Clio, a web-based practice management system, said the majority of lawyers’ concerns “are rooted in trusting a third party with confidential client data.” Link: http://www.goclio.com/
Ironically, lawyers already trust third parties with their data on a daily basis, he pointed out - by renting office space from a third party, allowing a cleaning service access to the office or using a copier service.
Finis Price, a Louisville, Ky.-based attorney and author of the legal technology blog Techno ESQ, has used cloud computing for several years, and the security systems on the products he is familiar with “outweigh the security systems of any law firm I have ever seen,” he said. Link: http://www.technoesq.com/
Practice management software programs Rocket Matter and Clio back up files in triplicate at different geographical locations, Price noted — a feat not many law firms can match.
And some systems offer lawyers the option to have client document repositories, where clients can securely log in and view documents.
“In many ways, that is much more secure than sending confidential documents as an e-mail attachment to a client, which we know is insecure,” Calloway said.
For lawyers who decide to take the plunge, remember to be reasonable and pay attention, Calloway said.
“No lawyer should use a hotel kiosk or business center,” to access their client data in the cloud, cautioned Calloway. “The statistics tell us that [those locations] are infested with security issues.”
When considering vendors, ask about issues like the policy on removing data and what happens if a lawyer wants to cancel service and transfer to another provider, Newton suggested.
“Make sure the cloud computing vendor has a clear data exit policy and find out if there are any costs associated with exporting data.”
For lawyers concerned that a vendor might disappear into the night with all the client data, Newton advised asking how long the company has been in business, if it is profitable, how many employees the company has and how many users it currently has. While a vendor may not answer all of the questions, “answers to at least a couple of them should give you an idea about the viability of the business, which is a system you might be depending on for years or decades,” he said.
