The Cloud’s Five Critical Data Management Gaps
The Cloud’s Five Critical Data Management Gaps
Open Season for Cloud Apps
Clients have given their law firms permission to catch up with the rest of enterprise business and go cloud. This means it is open season for cloud applications and legal service providers are headed for a whole new world – transforming the role of legal IT along the way. Our collective decision to trust third party providers to secure, manage, maintain, backup and ensure the continuity of our respective cloud systems and data is, to say the least, new in legal. Not long ago the fear mongering in legal was all about the cloud, and especially the improbability of its security. Things have changed.
One of the benefits of the cloud is choice. The cloud gives us more of it, and choice is good. In law firms and legal departments, choice allows for
optimizing technology selection to the needs of users. We want to provide our lawyers with the optimal tools for their needs and to facilitate the wide range of tools preferred by individual clients. Often we not only want to do these things, we must do them. Choice helps with this, and where there is opportunity there is a legal tech, venture capital-backed start-up ready to fill the need. Is this good news for law firms and legal departments?
Yes. Law firms and legal departments must operate more fluidly both internally and in how they serve clients and win new business, so it makes sense for them to leverage the dynamism and flexibility of cloud solutions. In addition to the growing use of Microsoft Office 365, firms are increasingly adopting cloud or SaaS (software-as-a-service) vendors for document management systems (DMS), deal rooms, extranets, ediscovery, litigation support and more.
But. In managing all of these sources, we need to ensure that documents can move fluidly across systems and that we still apply security, retention and legal hold consistently. And so we face the great challenge of open season for the cloud: new complexity. Specifically this complexity: IT teams’ ability to manipulate data in on-premise systems relied heavily on the use of SQL to manage and integrate their various applications and systems inside a firewall. This capability is lost when moving to the cloud, period. SQL functionality for “DIY” management is gone. For many cloud systems, client-matter identifiers are, at best, optional metadata; when lawyers and other professionals provision matters in those systems today, they do not typically assign the crucial client-matter numbers. Losing this metadata creates critical data management gaps that neuter a firm’s ability to manage, secure, govern and provide cost allocation for their data. Let’s take a look at five critical data management gaps.
Gap 1: Tracking Where Matter Content Is Being Stored
Having data dispersed among various cloud providers can quickly become problematic. Without knowing where all client data resides firms will not be able to govern and secure it in line with client expectations, nor satisfy legal hold requirements or records retention policies. This is bad.
Law firms and legal departments should start with the matter equivalent of a data map: a single directory or file plan of all matters and engagements detailing all documents and other client data for each matter and which cloud providers contain them. This map should include the ability to define any desired metadata or profile data to track those matters,
enabling firms to categorize client data and better control it. Ideally, the map would be full-text searchable so that matters can be easily located.
Firms typically have systems integrated into their intake process, so hopefully integrating new information into the map would be part of an automatic workflow. To that end, it is important to understand the firm’s intake process and enable some semblance of automation that incorporates or at least accommodates each of the various content repositories that may be used to store client data.
Gap 2: Client Confidentiality and Ethical Obligations
Better security for content is one of the most appealing benefits of the cloud, but protecting content repositories from external actors is a different animal than managing and providing access on a granular security level to meet client confidentiality and ethical requirements. Add in the complex rules and workflow requirements to provide a “need-to-know” security access model and there is yet more work to prevent it
from being overly burdensome and otherwise ensure its successful adoption. Firms require the ability to selectively secure and delegate access controls over clients, matters, folders and even individual documents to very precise groups or classes of users. This does not change when going cloud. Without an automated mechanism in place to enable that policy and process, firms face adoption and scalability challenges.
Gap 3: Business Continuity
Outages can impact cloud providers’ software, data centers and communication links; they are all prone to problems or failures. The threat of cyberthreat or corruption, destruction or unavailability of data remains and firms need to plan appropriately. The inability to access critical content for even one hour can result in losses measured in the thousands or even millions of dollars.
An advantage of moving to the cloud is the significant reduction in capital investment in storage. Enterprise-class storage comes with an enterpriseclass price tag. Bringing a copy of that same data back in-house for business continuity purposes would require a firm to make – and continue making – capital investments in hardware, defeating one of the more significant benefits of moving to the cloud in the first place. Moreover, doing so typically delivers a mere collection of files with no key metadata and no rapid access in the event of disaster or outage. Hardly the
most robust option.
The ideal solution here is for firms to maintain a full, mirrored copy of their live content in the cloud. By mirroring data (and its associated metadata) to a second, robust cloud provider, firms can significantly
mitigate risk, ensuring the ability to access client data even in the event of an outage of their primary provider. Done properly, content would be securely accessible for end users through an intuitive search interface, enabling them to readily locate and access client files.
Gap 4: Moving Content Between Systems
Moving content between cloud systems is increasingly critical. We need content to move fluidly between key systems such as the DMS, extranet, deal room, etc. to service various audiences. This necessitates a centralized function automating integrity and fluidity as the content moves between systems, a function able to capture and transfer all key metadata including client and matter names, document IDs, author, operator and more. This centralized function should also preserve document, folder and matter security settings to ensure fluidity and integrity.
For firms trying to relieve themselves of the burden of managing more on-premise storage, the initial content migration projects can also be complex, even when moving from a DMS provider’s on-premise solution to its own hosted environment. Firms can ensure a smooth transition to hosted DMS platforms by providing a differential synchronization feature that ensures they capture all changes to their existing, on-premise platform during the migration project. This simplifies the application of those changes to the
new, hosted platform, ensuring a smooth and seamless transition for the providers’ technical team.
Firms are faced with the need for constant importing and exporting of client data to accommodate data brought in by lateral hires or departing laterals taking clients or matters with them. In either case, be it moving content between hosted systems or importing and exporting content, meeting this challenge is critical.
Gap 5: Figuring Out Access: Chargeback and Analytics
We want to pay only for what we need and use. Clients also want this; hopefully this is not news. In some hosted content systems pricing is based on per gigabyte storage. Some firms pass this cost along to clients, usually in the areas of litigation support/ediscovery. We will call this Plan A. Most firms, however, are on Plan B. Plan B is eating the cost of hosting client data and allowing it to impact matter profitability. This hit to the margin is compounded when the firm continues hosting the data even after the matter closes.
In addition, firms often limit themselves to one providers’ specific offering or capability, but this is not necessary. Organizations need rich reporting,
analytics and the ability to act on them to support information governance, cybersecurity and total quality management programs. If a firm needs to engage with multiple vendors to perform complex queries and reporting with advanced analytics, so be it. These abilities are necessary to analyze how content is used with regard to ethical and regulatory obligations.
Welcome to the Age of the Cloud
We are entering the age of the cloud, and the benefits of moving to it will accelerate, but we need centralized control over our proliferating content systems. We want choice and we want to apply optimal tools to optimal challenges, but we need data to move fluidly between content systems to service its different audiences along the way. The critical data gaps resulting from moving to the cloud impede this. Provisioning, integrating, securing and governing data have not disappeared simply by moving to the cloud – they have changed. This is the challenge of our generation of IT leaders.
Want to learn more about CAM?
Read more about CAM from our product page.
Check our related articles
There’s no scarcity of legal industry reports chorusing the refrain: margins are flat; corporate counsel are increasingly taking more work in house; law firms aren’t responding in kind. ...16 March, 2016No comment
Over the past year, we’ve seen an increase in the number of firms moving to need-to-know or pessimistic security for non-public data....19 June, 2018No comment