ILTACON 2016 Session: New International Standard for Cloud Due Diligence
The cloud is becoming increasingly ubiquitous at law firms. In fact, a recent ABA Technology Survey stated that 46 percent of cloudless firms will be transitioning in the next 6-12 months. In the session on the “New International Standard for Cloud Due Diligence,” Gregg Brown, senior director Technical Strategy, Computer Standards at Microsoft, and Patrick Oot, partner at Shook, Hardy & Bacon, discussed the changes to the cloud over the last six years and what is coming down the road.
Small- and medium-sized firms have embraced the cloud, while the largest firms have been more reluctant, saddled with restraints placed by their clients – especially in the financial industry. That said, there now seems to be some loosening of the straps in that particular space.
Benefits of the cloud:
The duo argued multiple reasons for jumping to the cloud. First, firms can take advantage of the latest innovations, features and capabilities with updates released every month, compared to waiting years for internal upgrades to their current systems. In addition, the cloud offers greater agility – not having to retrain or rebuild as needs expand.
Oftentimes, clients require more capacity on short notice, which the cloud can easily accommodate. At a base level, the cloud is a fraction of the cost of on-premises solutions – though add-ons can sometime raise the price close to that of an in-house solution.
As more firms adopt BYOD (bring your own device), the cloud enables firms to meet workforce demands with a per-user license. But with BYOD comes another layer of security concern, which the cloud can more readily accommodate as most vendors will be up-to-date with regard to security patches.
As Brown also noted, another inherent benefit to cloud technology is access to analytics. With all of its data in the cloud, a firm can easily deploy search and analytics across all of its information/eDiscovery, compared to what one might have with an on-premises solution.
Risks in the cloud:
As firms move to the cloud, one of the most persistent risks associated with the technology is multitenancy, means that a software application may not work well as designed in the cloud with multiple users trying to gain simultaneous access to it. And of course, with complexity tied to data transfer laws, particularly between the US and EU, firms should consider the challenges of data access and the courts, Oot noted.
New ISO Standard Impacting the cloud in 2016:
Brown also described that by the end of 2016, there will be a new “Cloud Service Level Agreement (SLA) Framework” – known as ISO/IEC 19086-1 – published, which will offer a set of considerations for cloud agreements. He noted this will be a boon for law firms as it will lay out a guidance standard verses the normal compliance standard. This should have a positive impact, although Brown cautioned that these guidance standards will raise key questions and require analysis and evaluation.
Reflecting on the session, Oot and Brown surmised that technology still has a few pessimists, but that the forecast is looking positive as more and more firms opt-in. With its waxing advantages and waning risks, it appears that greater cloud adoption is near.
As they concluded, Oot and Brown pointed out one last benefit of the cloud – terms of service from providers can now be negotiated, where previously this was not permitted.
Based on what they outlined, there is little question that fewer barriers remain to adopting the cloud.
Joseph Raczynski is manager, Technical Client Management, Thomson Reuters