The benefits of moving to the cloud
The recent spate of cyber attacks has highlighted the dangers of inadequate security processes for law firms, says Joshua Lenon
The recent Petrwrap/Petya ransomware attack, of which DLA Piper was an unfortunate victim, was not the first cyber attack we have seen on a law firm, nor will it be the last. The attack left the firm’s offices in the UK, Europe, the Middle East, and the US without phones or email for three days and struggling to access client data over a week later. Lawyers had to request extensions in more than five cases due to their inability to access client files. Fortunately, however, in the case of DLA Piper it appears that no data has been compromised – the worst-case scenario for any firm.
More than anything, these types of attack demonstrate a law firm’s requirement to have up-to-date, expansive backups that are tested frequently. Law firms should have two backups of their data, one stored on site and one stored off site. The best software-as-a-service providers backup users’ data multiple times a day to their data centres. These multiple backups will ensure your firm can mitigate the risk posed by cyber attacks. Automatic backups are recommended to make sure that you don’t forget to run them. The adequacy of these backups should be tested quarterly, by running mock drills to see if they can be relied upon in the event of a ransomware attack.
On-premises servers are only as secure as the premises in which they sit. Information routinely used by hackers can be obtained frequently just by looking around someone’s desk. Passwords, social engineering information, your staff’s personal information – all sit prominently on display. In an increasingly digital world no firm can be 100 per cent secure, but by moving data to the cloud firms can make themselves more flexible while maintaining a level of security that they couldn’t otherwise afford.
Legacy software, such as Windows XP, does not receive security updates and leaves your firm wide open to ransomware attacks. Any reliable cloud-based application will receive regular security updates, with zero disruption, relieving you of the responsibility of maintaining up-to-date, secure software. Every time you open a cloud application, you’re accessing the most up-to-date version of that software.
The benefits of moving traditional desktop and server-based applications to the cloud aren’t just security related. Cloud-based services eliminate large upfront licensing and server costs, offer drastically reduced consulting and installation fees, and do away with the ‘upgrade treadmill’ usually associated with traditional desktop- and server-based software. Cloud-based services also offer ‘anywhere accessibility’, a high level of ease of use, and compatibility with all operating systems.
Although the attack targeted one of the world’s largest firms, it is small- to medium-sized firms that should take heed. If your firm doesn’t have the resources to employ full-time IT specialists, then your best alternative is to use cloud-based providers which are equipped to protect your data by default.
Joshua Lenon is lawyer in residence at Clio, a legal practice management software provider