Cloud service provider

5 Prickly Legal Quagmires Law Firms Need to Know Before Choosing a Cloud Service Provider

October 4, 2016

Embracing cloud technologies is a smart move for the law practice, but never forget: fools rush in where angels fear to tread. “The cloud” is a great thing. It lowers operational costs, improves your IT services, and gives you access to software applications your firm might not otherwise be able to afford. Conversely, a poorly chosen cloud service provider can cause you trouble in the legal realm, in the ethical realm, and with your valued customers. Here are the questions to ask before getting into a cloud vendor relationship so everything gets off on the right foot.

1. Look for a U.S.-Based Cloud Service Provider

The primary reason it’s important to choose a native cloud provider is legality. If you use one in another country, they will be operating under their local privacy and security laws and regulations, which may not meet U.S. standards. But there are also numerous practical reasons. If there’s a problem, there could be language barriers to getting issues resolved. Longer distances mean an increased chance of a connection going bad between you and your cloud service’s location. Time zone issues might hinder your ability to get in touch with the provider. Many of these issues make it much more sensible to choose a local cloud service as opposed to one in another country.

2. Do Your Due Diligence in Vetting the Vendor

When you research your vendor, don’t accept what they say on their website without question. Do your research. Look for customer reviews on independent sites, such as Yelp. Read the reviews in the tech journals and blogs. Not only does this give you a head’s up about any customer service issues or technical problems with their product, but it also gives you an idea how practical and useful their product is, especially for customers without heavy tech backgrounds. Ideally, you can find reviews of your cloud service provider from other lawyers, so you can get a perspective that is highly relevant to you and your operations.

3. Understand How Data Ownership Works When Your Data is Transferred to the Cloud Vendor

It’s easy to skim over the fact that when you contract with a cloud service provider, you’re actually handing them the keys to your kingdom. Don’t assume that you necessarily retain ownership of the data you move to or store in the cloud. You also need to examine the contract thoroughly to see how this cloud vendor handles third party inquiries into your data, which is highly likely to happen to certain kinds of law firms. What are their policies for allowing third party access? Will they notify you? How? When? If they notify you 30 days after the fact, that doesn’t do you much good. Examine the cloud provider’s SLA (service level agreement) with a fine-toothed comb. Look for what isn’t there, as well as what is.

4. Know How to Get Out of the Cloud Provider Relationship Before You Get In

Every cloud service provider should have an exit policy. If the relationship needs to end, how will they transfer the data back to you or to your new cloud service? You also need to know things like how overdue your payment can be before the cloud service cuts off access to your data. You don’t plan to get behind on the bills, but if your accountant or bookkeeper suddenly falls ill, you need to know how the chips will fall. Before you get into a cloud service contract, understand what’s involved in getting out of it.

5. Are There Ways to Control Access to Your Data?

Most cloud service providers offer levels of user access. That means that what the managing partner of the firm is able to see is different from what the receptionist can see when they log into the service. You may want to offer opposing counsel access to some of the documents and files relative to a case, but certainly not all your files and documents! Your accountant, legal secretaries, and others will all need different levels of access. Find out what provisions the cloud service provider has in place to allow for these types of situations.

Unfortunately, law firms also have to worry about the same issues that face all other businesses — the growing frequency of cyber security breaches, the problems of insider threats, and other security woes. Learn how to manage these issues when you buy the book ‘Easy Prey: How to Protect Your Business From Data Breach, Cybercrime and Employee Fraud’.

Let's Start a Conversation.

Connect with us and experience the TOSS difference.

Send this to a friend