Talk about being between a rock and a hard place. IT managers in legal firms are facing contradictory demands on a daily basis; more agility and flexibility on the one hand and ever-tighter security on the other. What’s worse is that they know that none of these demands are unreasonable. So what to do? Read this article to find out how to navigate through the complexities of cloud computing to get all the benefits, with none of the downfalls.
For most businesses, ‘Digital transformation’ has moved from being a buzz-word to becoming a commercial imperative and the legal sector is no exception. But what about the security implications? Principle 7 of the Data Protection Act states that: “Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.” Breaches can incur fines of up to £500,000 from the ICO and irreparably damage the firm’s reputation. In the legal world, no one gets second chances.
It's also become apparent that hackers and cyber-criminals are targeting law firms as they're aware of the high sensitivity of some of the data held. To make it even more challenging, the growth in use of electronic documents like Word, Excel and PDF files as well as documents entering the firm via email attachments makes the job of security more challenging than ever. Verizon reported recently that 78% of cyber-espionage attacks are transmitted through email attachments that are not effectively analysed for security threats. They also note that, in many law firms, the current controls generally don'tsufficiently analyse email attachments - a potentially costly oversight.
Of course any security clamp-down mustn't hamper the productivity of the firm's fee earners either, exacerbating the challenge further. It's no wonder so many IT managers in law forms are getting hacked off.
The times they are a’changing – again
Fiona Davies, Director. PwC, in a recent interview for PwC. suggests that security concerns are often brushed aside in legal firms in the pursuit of profit. She adds that for the larger firms, international complexity is a contributing factor too, with compliance and regulation coming a close third in terms of importance. This means that cultural issues like change management are probably as important as IT policy and practice. After all, there is no point in having a policy that is all but ignored – which means garnering support at the highest levels of the firm.
Making a start
Although a vast range of security software is available, the most secure solutions are rarely the most efficient. Navigating the needs of the business today and tomorrow, whilst balancing that with mitigating risk, needs care.
Moving from an internally hosted practice management suite to an externally managed colocated solution or a web-based service certainly ticks the productivity boxes. But that needs to be underpinned by working with vendors and consultants who understand how best to balance that with the best possible data security.
You’ve got a friend
We can help. As well as working with you to cultivate confident and resilient cyber-security governance within your legal practice and minimising the fallout from any potential breach, CenturyLink's IT experts can also help you stay compliant in other areas. Our cloud-based hosted services provide an effective and automated audit trail so you can provide all necessary records to the SRA in accordance with their Account Rules.
Get in touch if you’d like to find out more.
Watch out for more legal industry article posts over the course of the coming weeks about why CenturyLink should be the natural partner of choice for businesses who want to maximise on emerging trends and have the agility to react to the changing needs of the market. If you’d like to learn more about how we can help, please contact us here