As a lawyer, you are charged with protecting the interests of your clients, which includes safeguarding their sensitive data and maintaining delivery of quality service. In this day and age, in order to meet these professional obligations your firm requires secure, reliable IT.
For a long time, onsite IT was the only option available to law firms - servers, software and equipment was housed and managed in the office, usually in a dedicated server room or closet. Many firms continue to operate this way, as familiarity signals safety. But can onsite IT keep up with the modern threats law practices are facing?
If your firm uses onsite IT, could you unwittingly be putting your clients and practice at risk? Here are a few questions to consider:
Is your system and data protected?
Whether it’s major threats such as flood or fire, or more common disruptions such as power outages or an overheated server room, hosting your systems onsite can expose your system to physical risks. All of these scenarios will disrupt firm operations and require an IT professional to be onsite to address the problem, quite often after hours.
Cybercrime is a significant threat to Canadian firms, with more and more cases of malware infection, fraud and ransomware regularly being reported. Device theft is also a growing concern as lawyers and staff copy sensitive files to their devices to take with them. Mobile devices and desktop computers are also vulnerable to malware infection, and require security updates several times a year, which is disruptive to staff and can take days to execute.
Do you have comprehensive backups?
When was the last time you did a test restore of your firm’s backup system? Do you feel secure, knowing your critical data will be up-to-date and accessible if disaster strikes?
Many firms back up their data entirely onsite, usually by copying and transferring the files to tape or hard drive. Physical backups requires vigilance from an onsite employee, a time-consuming process that’s highly prone to error.
Another popular option is to transfer data from onsite servers to a third-party Cloud, where it’s stored in a remote sever or data centre, a process known as “hybrid”. The hybrid method eliminates the hassle of tapes, however it still requires careful management and regular testing: it’s not uncommon for firms to discover too late that their recovered data is incomplete or out-of-date, the wrong files were backed up.
Whatever the method, your backup process should be regularly reviewed and tested to ensure there are no holes in the safety net.
Can your business survive a major disruption?
No one likes to think about it, but if a disaster were to affect your office, would your firm be able to continue serving clients? In major events such as a building flood or fire, all of your servers will go down, leaving you unable to send, receive or open emails or access time-sensitive case documents and deadlines.
Assuming that your data was properly backed up, how quickly can your restoration and recovery processes bring your firm back up and operating?
The time it takes to restore your systems depends on several variables, such as the experience of your IT team and the extent of the problem – a major, system-wide disruption would require a complete replacement, which, for a mid-sized firm, can easily take weeks to get up and running. Setting up an interim system with critical elements can take anywhere from 3-5 days, at a significant cost for parts and labour.
Recovering data from tapes is a slow process, as each step must be executed in a necessary sequence. There is a higher chance of encountering problems such as data corruption and incompatible formats, which brings further delays and unexpected costs. While hybrid solutions ensure your data is kept intact while offsite, it takes a significant amount of time to download everything from the Cloud to your new servers.
Is cumbersome IT management increasing risk?
Problems will occur with any IT environment, so having a solid plan for minimizing and handling them is essential.
When developing your firm’s IT plan, onsite equipment requires considerable foresight; unlike a Private Cloud, which can easily scale its capabilities up or down, you must predict the scope of your business and the supports you require as much as five years in advance. You may find yourself off the mark 2-3 years in, having over-invested, or worse - requiring capabilities that can't be implemented.
A secure system requires regular monitoring, security patching, software updates, firewall management and end-to-end testing, all of which involve multiple levels of planning and management. Onsite IT also requires desktop computers for every user, each with regular maintenance and management. Without all of this, cracks in the system’s security will form, increasing the firm’s risk exposure.
Secure IT in the Cloud
If any of the above questions have left you feeling concerned, it may be time to re-evaluate your law firm’s IT.
Imagine if all of your IT hardware, software and data was housed offsite in a secure, professional data centre with everything professionally managed, automatically backed up, and accessible anywhere with an Internet connection. All of this is possible with a Private Cloud.
Learn why a Private Cloud is the safest, smartest option for Canadian firms by downloading our free Private Cloud for Law Firms Executive Summary.