The white paper today, reveals that the legal profession remains alert to the issue of data security and client confidentiality and the impact of Snowden has not led to a fundamental rethink in practice.
The paper – “One Year On. The real challenges and benefits of cloud computing to law firms” – is based on detailed interviews with a number of technology directors at leading law firms. The aim was to gauge their attitudes towards cloud computing, whether the firm had adopted cloud or had plans to do so, and what type of services are being adopted.
Peter Groucutt, managing director, Databarracks, stated: “Since our initial report this time last year, a lot has happened. Not only has Edward Snowden revealed just how much access US and UK governments have to our data, we have seen a slew of new initiatives from the USA, EU and UK governments to address those concerns. Our first paper also looked into the Solicitors Regulation Authority (SRA) and its apparent lack of guidance on cloud computing.
“Since then, we’ve seen reports and practice notes from the SRA and The Law Society looking at the risks of cloud computing for law firms. The Law Society is actually due to release a new report early next month containing fundamental advice for firms who may not have specialist in-house IT support – so there is guidance out there now.
“The question our latest paper looked to answer was whether or not the right balance has been struck by authorities between providing guidance to law firms whilst still allowing them the autonomy to select and implement the right cloud services. The question was also raised as to whether it would be better to have an SRA-approved list of providers.”
Jennings, who is also Chair of the Cloud Industry Forum Code of Practice Board, added: “Our research indicates that IT directors within law firms are in agreement that the SRA response was detailed and thorough. While it outlines good practice, it does not identify anything that a reasonable IT director or compliance officers wouldn’t be doing already. The research also indicated that the legal sector was content that the SRA did not have an approved list of cloud suppliers. This would have been viewed as a backward step and that the SRA’s approach was more ‘guide’ than ‘prescribe’.
“Our findings also highlighted a good awareness of the benefits of cloud services, but it was clear that the need to take adequate precautions to maintain client confidentiality, particularly in the light of provider insolvency and governmental surveillance, remained paramount,” he added.