Safety in the Cloud

You may not realize this, but you are in all likelihood already using the cloud. If you are using Gmail for your email, or Google Calendar for storing your appointments, you are among those using the cloud for data. Cloud-based services, also known as software as a service, or SaaS, are commonly being used today by many people who don’t realize it; Google and Yahoo are providing you with a service and you are using their software to access the service.

The cloud has many benefits for lawyers:

  • Access your data anywhere you have internet access
  • Easier to collaborate with other attorneys
  • Cheap way to store documents.

But the question most lawyers have is about security: how secure is the cloud?

Actually, the cloud can be pretty secure. For smaller firms, the idea of someone hacking your data is pretty remote; after all, you probably don’t have any real data that would benefit anyone but your own clients. For larger firms though, the risks are higher. You may have important financial data on high profile clients that others may have an interest in obtaining. Also, larger firms may have hundreds or thousands of people working for them, each with their own password to access the systems, making it easier for hackers to possibly access that information through social engineering of the user’s passwords. For those larger firms, security is a must. And often times, a cloud-based system can actually provide better security for your data at a lower cost than hiring your own in-house support staff. But there are a lot of different providers of cloud services and it is up to you and your firm to perform due diligence and research which providers offer you the best protection.

Reputable cloud providers will provide the security you need to protect your data. These providers are:

  • Constantly updating firewalls to prevent intruders from accessing their servers.
  • Have secure facilities to prevent people from accessing their hardware directly.
  • Backing up data routinely so you don’t have to worry about backing it up yourself.

And don’t forget security you can provide by encrypting your data. If you are using a service such as Dropbox for sharing documents, make sure you are encrypting those docs. Also make sure you hold the keys for decrypting the documents; you don’t want someone else to be able to decrypt your data by storing the key on the same server as the encrypted documents.

Before signing on with a cloud service, check with your state bar to find out if they have issued any formal ethics opinions on using the cloud. For more information, with links to the full opinions for the states that have issued them, click here: http://www.americanbar.org/groups/departments_offices/legal_technology_resources/resources/charts_fyis/cloud-ethics-chart.html

 

Cloud pros and cons

Pros

  • Access data and software from anywhere with an Internet connection
  • Low upfront costs – no need to buy and maintain a server
  • Collaborate with colleagues, clients, and others remotely
  • Security is managed by experts
  • Access and use data with any device (e.g., PC, Mac, tablet, etc.)
  • Automatic software updates

Cons

  • Client information must be entrusted to third-party
  • Internet connectivity problems could limit access to data and software

*Taken from the article “Feeling Secure in the Cloud” by Ed Finkel
http://www.isba.org/ibj/2015/01/feelingsecurecloud

For more detailed information, please read the article “Feeling Secure in the Cloud” by Ed Finkel; you can find the entire article here: http://www.isba.org/ibj/2015/01/feelingsecurecloud. This blog was based on the article and it has some really good points to consider.