5 Legal Quagmires Law Firms Need to Know Before Choosing a Cloud Service Provider
October 4, 2016
October 4, 2016
Embracing cloud technologies is a smart move for the law practice, but never forget: fools rush in where angels fear to tread. “The cloud” is a great thing. It lowers operational costs, improves your IT services, and gives you access to software applications your firm might not otherwise be able to afford. Conversely, a poorly chosen cloud service provider can cause you trouble in the legal realm, in the ethical realm, and with your valued customers. Here are the questions to ask before getting into a cloud vendor relationship so everything gets off on the right foot.
1. Look for a U.S.-Based Cloud Service Provider
The primary reason it’s important to choose a native cloud provider is legality. If you use one in another country, they will be operating under their local privacy and security laws and regulations, which may not meet U.S. standards. But there are also numerous practical reasons. If there’s a problem, there could be language barriers to getting issues resolved. Longer distances mean an increased chance of a connection going bad between you and your cloud service’s location. Time zone issues might hinder your ability to get in touch with the provider. Many of these issues make it much more sensible to choose a local cloud service as opposed to one in another country.
2. Do Your Due Diligence in Vetting the Vendor
When you research your vendor, don’t accept what they say on their website without question. Do your research. Look for customer reviews on independent sites, such as Yelp. Read the reviews in the tech journals and blogs. Not only does this give you a head’s up about any customer service issues or technical problems with their product, but it also gives you an idea how practical and useful their product is, especially for customers without heavy tech backgrounds. Ideally, you can find reviews of your cloud service provider from other lawyers, so you can get a perspective that is highly relevant to you and your operations.
3. Understand How Data Ownership Works When Your Data is Transferred to the Cloud Vendor
It’s easy to skim over the fact that when you contract with a cloud service provider, you’re actually handing them the keys to your kingdom. Don’t assume that you necessarily retain ownership of the data you move to or store in the cloud. You also need to examine the contract thoroughly to see how this cloud vendor handles third party inquiries into your data, which is highly likely to happen to certain kinds of law firms. What are their policies for allowing third party access? Will they notify you? How? When? If they notify you 30 days after the fact, that doesn’t do you much good. Examine the cloud provider’s SLA (service level agreement) with a fine-toothed comb. Look for what isn’t there, as well as what is.
Subscribe now and stay up to date with News, Tips, Events, Cybersecurity, Cloud and Data Compliance.