7 Things to Know about Legal Cloud Computing

This much is clear: the cloud is here to stay. Rocket Matter is currently celebrating three years of its initial launch (with a cool video). Leading vendors got together and formed the Legal Cloud Computing Association. The talk at LegalTech New York this year was not about cloud’s potential, but it’s realization.

What do law firms need to know about the cloud? There’s enough information to fill an entire day-long seminar. But this quick, seven point guide should point you in the right direction.

1) Cloud software is software you access over the Internet.

The term “cloud” itself is a murky one, and the IBM commercials where they feature a bunch of brainiacs talking about the cloud only confuses the issue. All you really need to know is that cloud software is accessed over the Internet, using a browser like Firefox or via an app from the iTunes store or Droid Marketplace.

2) Cloud software can be accessed from any device.

Well, any device with an Internet connection, that is. Good cloud software is usable from Macs or PCs without you being able to tell the difference, and they should also include ways of using the software from iPads, Droids, iPhones, or other mobile device.

3) So far, bar ethics opinions are cool with responsible cloud usage.

Not all bar associations have weighed in: North Carolina is, as of this writing, reviewing the issue and the ABA is also looking at legal cloud computing as part of their 20/20 Ethics Commission. That said, Alabama and New York have paved the way, saying that lawyers should take reasonable steps to ensure client confidentiality. We will explore “reasonable steps” in later blog posts.

4) Not all cloud providers are created equal.

As state bar associations point out, lawyers should perform due diligence to understand if their client communication and billing data is safe. All communication to the cloud server, for example, should be encrypted under at least 128-bit SSL encryption, servers must be physically secure under lock and key, backups should routinely be provided, and a customer should be able to retrieve their data for portability. A sample set of standards is available for download here.

5) You should be able to get your data from your cloud provider, and it should be usable.

Per that last point, you need to be able to get your data if you need it, and the terms of service should specify that the data is yours. First of all, for your own peace of mind, it’s nice to know you can get your critical data when you need it. Second of all, should you decide to leave your software provider, you’re going to want to take your history with you. Thanks to vCard and ICS, standards exist to transport contact and calendar records, respectively. For more freeform data, you’re going to want to make sure you get it in spreadsheet form, not some sort of bizarro proprietary format.

6) Using the cloud may be more secure than your current setup.

Are you sending confidential information over unencrypted email? You might as well publish it on a billboard. Yet for some reason, it’s okay with ethics rules to do so. Information stored or communicated via good cloud software is encrypted over a minimum 128-bit channel.

Also, how is your data physically stored? Who has access to your computers with sensitive information – landlords, cleaning staff? With responsible cloud providers, your data is under lock and key with 24-7 surveillance. And considering that data theft is 10 times more likely to be physical than via a high-tech cyber attack, physical security is your number one enemy when it comes to a data breach.

7) Cloud software is easier to maintain than desktop software.

The days of upgrades with are over for cloud consumers. With web-based software, the applications simply update themselves, no IT support needed. Also, since features tend to be pared down on the web, the software tends not to be as complex, nor does it bloat or slow down over time. Adding users is also easier, since you don’t need additional client installs or have to worry about introducing their installation into the network.

I could go on and on like the true windbag that I am, but seven is a nice round number. But if you want to read more, check out the following resource kit which features a half dozen or so articles I’ve written for legal technology periodicals: