Ricci Dipshan, Legaltech News
Despite the hype around the
cloud's ability to bring efficiencies to legal, two recent surveys found a
significant amount of cautious resistance among law firms to the technology.
The "Partnership
Perspectives Survey" of 25 AmLaw 200 law firm partners, for example, found
that while 56 percent of respondent firms used cloud technology in some
capability, less than one-third (28 percent) used it for collaboration
purposes, and 64 percent did not leverage it towards its core legal business
processes.
Released around the same time,
the "2016 ILTA/InsideLegal Technology Purchasing Survey" of 175 ILTA
member law firms also found a falling demand in cloud technology, with only 25
percent of firms planning to purchase cloud-based tools over the next year,
compared to 33 percent in 2015.
So what is driving legal's
hesitancy to move to the cloud? Here's a look at three key factors that are
stunting the technology's adoption:
1. Malware Risk
The surveys that found legal's
lukewarm support of cloud technologies also found a significant push by law
firms to focus on improving their cybersecurity. And herein lies the biggest
barrier to cloud adoption—despite the benefits cloud technology can bring, many
find the risks posed to data security too high to bet on.
The problem is that the
cloud's power to foster collaboration and extend data access is also an
inherent weakness through which cyberattackers can more easily spread malware
over a network. The situation is especially troublesome with cloud-based
applications. The "Netskope September Cloud Report," for example,
found that over half (55.9 percent) of cloud-based malware uncovered in
enterprise-approved cloud applications were shared either internally among a
workforce or externally with clients and customers.
The report also found that
almost 44 percent of this malware delivered some form of ransomware, which
encrypts files within a network or computer in exchange for a ransom payment.
Jervis Hui, product marketing
manager at Netskope, noted that "malware, and ransomware specifically,
have been an increasing trend lately. And specifically within the cloud
context, [they] can be easily hidden because organizations may not have the
visibility and controls in place to detect these threats. And once malware gets
into the cloud, a fan-out effect takes place and can infect others through
share and sync functions."
2. Data Loss and Mishandling
Allowing more access to data
through the cloud means having to oversee how a wider pool of employees manage
and handle sensitive information. And like cybersecurity, the risk of failing
to properly address this vulnerability can be disastrous, ending in either data
loss or a compliance mishaps.
According to Netskope's
report, the majority (76.5 percent) of data loss or mishandling happens within
cloud storage processes, while around 18 percent happens through webmail. Over
half (53.4 percent) of this lost or mishandled data is personally identifiable
information (PII), the survey found.
The risk is also not just
limited to shadow IT cloud applications—widely used, but unapproved
applications—within an office. "On the shadow IT versus enterprise cloud
systems side, we've noticed a mixture of both in terms of violations," Hui
said. "Employees may not know that they're not allowed to upload
[sensitive data] into their sanctioned cloud storage app and cause a compliance
violation, or they may share confidential client documents through an
unsanctioned app that isn't secure and trigger a violation that way."
Organizations can mitigate
this risk, he added, through routinely training their employees on proper data
handling methods and having oversight into their data access. "A lot of
this has to do with training and security processes. Employees are just trying
to get their jobs done and in the most efficient way possible—sometimes this
means using apps that are not secure or sanctioned by IT, or sending and
sharing sensitive data through a cloud service that may not be secure."
3. Contractual and Technical
Limitations
For law firms that can meet
the data security challenges associated with cloud technologies, resistance to
adopting cloud-based tools may be more a case of contractual and technical
limitations. While the ILTA survey found that security was the number one
barrier, it also found a significant number of law firms shunned the cloud due
to client concerns with the technology (48 percent) or integration challenges
(45 percent).
Ari Kaplan, founder of Ari
Kaplan Advisors, noted that sometimes resistance to the cloud is "just
practical—the opportunity to really embrace it hasn't happened yet."
"It may be that some of
the law firms that are not necessarily using the cloud for things like
e-discovery or other litigation support related functions, because they have an
existing [client or vendor] contracts" preventing them from doing so, he
said. "At some point they will consider a new strategy."
Integrating cloud technologies
into a workflow and IT infrastructure is also no easy task, and some law firms
may be struggling with how to not only start the process, but make sure it
sticks. "The challenge is trying to figure out how to get started and then
how to move along the continuum to broad adoption," Kaplan added.
No comments:
Post a Comment