Serious Insecurities – Data Security for the Legal Industry in the Age of the Cloud

Talk about being between a rock and a hard place. IT managers in legal firms are facing contradictory demands on a daily basis; more agility and flexibility on the one hand and ever-tighter security on the other. What’s worse is that they know that none of these demands are unreasonable. So what to do? Read this article to find out how to navigate through the complexities of cloud computing to get all the benefits, with none of the downfalls.

Natural insecurities

For most businesses, ‘Digital transformation’ has moved from being a buzz-word to becoming a commercial imperative and the legal sector is no exception. But what about the security implications? Principle 7 of the Data Protection Act states that: “Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.” Breaches can incur fines of up to £500,000 from the ICO and irreparably damage the firm’s reputation. In the legal world, no one gets second chances.

Hacked off

It's also become apparent that hackers and cyber-criminals are targeting law firms as they're aware of the high sensitivity of some of the data held. To make it even more challenging, the growth in use of electronic documents like Word, Excel and PDF files as well as documents entering the firm via email attachments makes the job of security more challenging than ever. Verizon reported recently that 78% of cyber-espionage attacks are transmitted through email attachments that are not effectively analysed for security threats. They also note that, in many law firms, the current controls generally don'tsufficiently analyse email attachments - a potentially costly oversight.

Of course any security clamp-down mustn't hamper the productivity of the firm's fee earners either, exacerbating the challenge further. It's no wonder so many IT managers in law forms are getting hacked off.

The times they are a’changing – again

Fiona Davies, Director. PwC, in a recent interview for PwC. suggests that security concerns are often brushed aside in legal firms in the pursuit of profit. She adds that for the larger firms, international complexity is a contributing factor too, with compliance and regulation coming a close third in terms of importance. This means that cultural issues like change management are probably as important as IT policy and practice. After all, there is no point in having a policy that is all but ignored – which means garnering support at the highest levels of the firm.

Making a start

Although a vast range of security software is available, the most secure solutions are rarely the most efficient. Navigating the needs of the business today and tomorrow, whilst balancing that with mitigating risk, needs care.

Moving from an internally hosted practice management suite to an externally managed colocated solution or a web-based service certainly ticks the productivity boxes. But that needs to be underpinned by working with vendors and consultants who understand how best to balance that with the best possible data security.

You’ve got a friend

We can help. As well as working with you to cultivate confident and resilient cyber-security governance within your legal practice and minimising the fallout from any potential breach, CenturyLink's IT experts can also help you stay compliant in other areas. Our cloud-based hosted services provide an effective and automated audit trail so you can provide all necessary records to the SRA in accordance with their Account Rules.

Get in touch if you’d like to find out more.

Watch out for more legal industry article posts over the course of the coming weeks about why CenturyLink should be the natural partner of choice for businesses who want to maximise on emerging trends and have the agility to react to the changing needs of the market. If you’d like to learn more about how we can help, please contact us here

Steve Harrison, Regional Sales Director

Steve Harrison is the Regional Sales Director in EMEA overseeing the Legal and Media and Entertainment verticals.

Steve is an accomplished, results driven sales leader with 15 years leadership experience in technology companies. He has a consistent record of over achievement as a result of building and developing successful teams, creating and implementing growth strategies and by developing deep understanding of vertical markets.

He has been recognised throughout his career as a top performer and a passionate leader, he has been a member of the Global Microsoft Top Talent Program (Top 2%) for 3 consecutive years, and selected as a coach and mentor to his peers.

If you’d like to learn more about our legal practice, or any other aspect of our offering please contact me directly at this email address:

Find out more about CenturyLink at:

Big data Legal Security

Signup for Latest News

Gartner 2015 Magic Quadrant For Cloud IaaS

The market for cloud compute infrastructure as a service is maturing and rapidly evolving. Strategic providers must be chosen carefully. Gain insights into the future of public cloud infrastructure-as-a-service with a detailed analysis of all the major vendors.

See why CenturyLink was named a visionary by Gartner.


rss centurylink uk

Share This

Share This

Share this post with your friends!