Market disruption and the changing legal security threat landscape
Why standard on-premises technology may not be a realistic post-pandemic strategy.
Conventional working practices have experienced disruption at a pace that was unthinkable before the pandemic. Like most “white collar” professions, the legal sector has largely been forced to shelter at home and continue their work online, and this has increased law firms’ exposure to risk in the form of data loss, cyber threats, noncompliance, and the unintended disclosure of confidential client information.
In a parallel shift, the sheer volume of remote and hybrid working has triggered explosive change in the technology sector. Legal organizations running aging IT systems have an opportunity to drastically reduce the typical 3-5-year timeline to digitally transform IT operations to as little as 18-24 months.
Despite these indisputable truths, many law firms are still reluctant to move from on-premises systems — with their growing investments in infrastructure, upgrades, and maintenance — to the more agile and secure environment offered by certain cloud-based systems.
Read “Why On-Premises IT Is Riskier Than the Cloud” to understand why leveraging standard on-premises technology is no longer a realistic or defensible strategy, post-pandemic.
2011 to 2021 - Twenty years of transformation in ten years’ time
Ten years ago we were emerging from the 2011 financial crisis and the massive changes it brought. Today we find ourselves emerging from another catastrophic event and, due to the broad reach of this crisis, we’ve seen even more dramatic changes in technology and behavior. Between the two events, we’ve compacted what might easily have been 20 years of transformation on a global scale into a 10-year window.
The days of a few back-office servers and one or two IT professionals managing a range of on-premises and cloud applications are long past. Today’s legal IT is responsible for managing highly sensitive and confidential legal information, while ensuring the uptime, security, and availability of structured and unstructured data. Meanwhile, they must deal with a growing shadow IT, presenting its own risks and challenges.
“But we are already back in the office” — underestimating the threat
As we emerge to a post-COVID business environment, securing your data and file systems is reaching a critical inflection point. Home-based and remote workers attempting to access on-premises files and data, or attempting to find workarounds, are a prime threat to your data security.
Having an on-premises document management application may lead you to falsely conclude that your risk is contained. But if your teams are using messaging, file sharing, collaboration, or email services – and let’s be honest, they must be using the basic tools necessary to getting work done – it is highly likely they are already sharing sensitive information in the cloud. And, even after your offices reopen, your users are not likely to welcome the idea of giving up the accessibility and mobility they’ve gained.
In “Why On-Premises IT Is Riskier Than the Cloud,” you’ll learn why coming back to the office is not a panacea for the threats your organization is facing.
“On-prem is more secure than the cloud” — misunderstanding the solutions
Unless your organization has specific and highly advanced security measures in place that govern all interactions with your materials — including tools and apps the users themselves have installed without your oversight — your information is at best inadequately protected; at worst it is not protected at all.
There is nothing to support the view that a cloud platform is less secure than an on-premises system — the available evidence suggests exactly the opposite. But not all cloud systems and services are equal, and few can meet the precise requirements of legal firms.
“My client’s data isn’t safe with a third party” — overcoming the illusion of safety
Your clients have already trusted their information to a third party – your firm — with the understanding, tacit or otherwise, that you will guard that data by all reasonable means. If asked, can you show a client that your firm’s security expertise is equal to that of a premium enterprise-grade cloud provider that has met the most rigorous encryption, compliance, and certification standards — and that your firm is working 24/7 to increase that protection?
Deciding to migrate to the cloud is motivated in no small part by having confidence that the platform you choose will enable your firm to navigate a continually changing security threat landscape. Part 2 of this blog series explores the key considerations for making your journey to the cloud a secure one. Stay tuned.
While no system can circumvent all potential threats, read “Why On-Premises IT Is Riskier Than the Cloud,” to better understand why an on-premises IT system can be the greater risk.