Industry analysis from Thomson Reuters Elite: Cloud judgement
This article was also featured as an industry analysis in the June 2016 issue of Briefing. To read the issue in full, download Briefing.
Cloud technology presents an enormous opportunity for law firms looking to improve enterprise performance, enhance data security and boost return on IT investment. But in spite of the potential benefits, many in the legal sector remain reticent towards embracing cloud solutions.
However, as other (often competing) industry sectors continue to implement and leverage cloud technology to reinvigorate established business models, it becomes clear the legal sector risks being left behind.
It should perhaps come as no surprise to learn that some in the legal industry are apprehensive about cloud. There remains, in the minds of many chief information security officers, a number of question marks over the relevance, effectiveness and security of cloud technology in the legal context. Firms are by their very nature risk-averse, with long-established methods of working that aren’t typically easily altered. The prospect of moving to the cloud can seem daunting, not least given the common misconceptions that influence law firm thinking on the issue.
Evaluating the premise
In evaluating cloud technology, the primary cause for concern is naturally the question of data security. The very nature of legal work means that at any given time law firms are custodians over a colossal amount of sensitive, highly confidential information that must not be divulged publicly. The fear of data breach looms large in the mind of every CISO and pressures to ensure full and effective data security grow greater by the day, not least following recent high-profile data breaches covered widely in the media.
Against this backdrop, law firms have traditionally felt confident in their established approach to information storage, utilising largescale, often highly customised, on-premise servers which can be conveniently managed by in-house teams with fingertip access. To abandon this model – and the peace of mind onsite storage brings – and embrace a cloud solution can seem to some CIOs a leap of faith too far.
Linked to the question of security is the issue of information control. CISOs are used to having full access to, and control of, their own data. Cloud technology can seem somehow disempowering, devolving information ownership and control away from the firm itself and into the hands of third-party providers. With this element of control seemingly lost, some firms fear mission-critical data could somehow be ‘out of reach’ just when it is needed most.
Fit for every purpose?
Beyond issues of data security and information access, some remain sceptical of the extent to which highly standardised cloud solutions are able to cater for the specific, bespoke IT requirements of individual firms. They have historically craved customisations in their IT provision, believing their distinct methods of working and established business processes to be unique in the marketplace, ensuring that nothing but the most highlytailored IT solutions can deliver the performance required by each firm. Given this natural proclivity for customisation, the highly prescriptive, standardised configurations offered by cloud technology can seem unsophisticated and an ill fit for a firm’s needs.
Employing cloud technology is therefore as much a psychological step for firms as it is a strategic or technical one. The stakes are high in legal IT, and it’s perhaps to be expected that discussions surrounding the industry’s move to cloud technology prompts trepidation among certain firms.
But it needn’t be this way. The debate over cloud is being driven in part by important misunderstandings, not only as to cloud’s potential in terms of adding bottom-line enterprise value, but also over the realities of contemporary data security. There is a responsibility incumbent on technology providers like Elite not only to help create greater understanding of the opportunities to be found via the technology, but also to help guide individual law firms in choosing appropriate new solutions.
Far from representing a security risk, cloud technology offers the very best in next-generation data security. Cloud providers are working full time at the forefront of data security technology, staffed by large teams of specialists well versed in identifying and deploying state-of-the-art data encryption tools and strategies. As such, these providers are able to offer a level of data protection that on-premise data centres, staffed by relatively small in-house teams, can rarely match.
Corporate clients naturally want to work with the most secure firms. But it is increasingly our experience that corporate customers, not least across sensitive areas of financial services, now actually prefer their counsel to use cloud technology. One CISO at a global law firm told me only recently that his firm was being pressured by large corporate clients to adopt cloud technology because they felt it offered superior data protection. Cloud providers can boast a level of professional certification – ISO, HIPAA, SOC 2, FISMA, and so on – that few in-house data centres can rival. Evidence suggests that the peace of mind such a range of information security certification brings is becoming an increasingly important factor in clients’ selection of counsel.
As a result, cloud technology is becoming an important business asset that can help to differentiate firms in a crowded legal marketplace. Firms moving to the cloud are increasingly able to draw upon its reputation for enhanced security to help retain and attract clients. As more and more law firms move to cloud-based solutions, we can expect the technology to become a critical hygiene factor, expected by all customers and a standard feature of any law firm’s offer.
Beyond improved data security, there is a compelling business case for why law firms ought to implement cloud technology. As firms continue to adapt to a shifting legal marketplace defined by increased competition and tightening budgets, the need to identify and exploit every available means of competitive advantage becomes greater than ever. By leveraging cloud technology, firms can dramatically reduce the cost of their IT infrastructure, freeing up scarce financial and human resources that ought to be allocated to areas of the business focused on the firm’s core competences – namely client work.
The prescriptive and standardised configurations of cloud solutions mean the technology is highly cost-effective, quick to deliver and simple to implement, providing a level of performance, reliability and scalability far superior to that of on-premise data centres. As law firms seek to respond to changing market conditions, restructuring their operations as the firm increases or decreases in size, cloud technology provides a highly responsive resource that can easily adapt to a firm’s evolving storage needs.
Managing to scale
With virtually no capital outlay required, firms can ‘pay as they go’ for the service, quickly and easily scaling up their storage resources only when required. As such, this scalability ensures cloud storage is fully future-proofed in terms of addressing the development of future demand.
Gone are the days when firms needed to make significant upfront investment in hardware based on analysis of their current need and best-guess estimations of potential future requirements. In contrast to cloud, delivering such traditional infrastructure is complex and time-consuming, leading not only to heightened costs, but also increasing time to value.
Cloud’s flexibility also helps to solve one of the most pertinent problems in legal IT – the extent to which firms operate out-of date-software. When handled in-house, too often law firms adopt an ‘if it isn’t broken, don’t fix it’ approach to software updates, ensuring many firms fail to benefit from the latest innovations and developments delivered to market by software providers, not least in terms of data security. In contrast, cloud technology is regularly updated by providers whose business it is to ensure their systems operate the most up-tothe-minute software infrastructure available. The result is improved functionality and security for the customer.
Slower to implement, comparatively expensive and a drain on resources, highly customised onsite solutions no longer make good business sense. Law firms are increasingly coming to realise that cloud technology need not be feared – it should be embraced as the next frontier of law firm competitive advantage.