publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/126361
GETTING GROUNDED IN CLOUD E-DISCOVERY How do you address concerns about security? Mark: All the risks involved can be safely mitigated. There are some very basic risks everyone is concerned about when they hear the word "cloud." They're assuming their data are out there in no man's land, where maybe things aren't quite safe. In reality, it's not that way. With the private cloud especially, we're talking about an environment hosted by a company that has been applying data security standards in a service model for years. They're taking that same methodology and applying it to the SaaS model. When that's done effectively and all of the boxes are checked, having your data in the cloud is every bit as safe and worthwhile as hosting the data on servers within your firm's walls. What are some best practices for getting started? Caroline: Educate yourself on what your options are and educate your business users. Have a conversation with your CIO and your attorneys about where you should be going with your e-discovery platform and services. Educate your team about what's happening and why it benefits the firm and your group. Make sure your team understands this is not a threat to them. When discussing the cloud with potential clients, have seamlessness and usability been the key factors? Joel: Yes, users want the experience to be something with which they're familiar. They want the tool sets for their document review projects right at their fingertips. If that's their experience today, then they'll expect similar — if not better — features when moving to a SaaS implementation. Beyond that, the IT infrastructure aspects Caroline and Mark talked about are just as important. Service providers still have to meet and exceed requirements when it comes to security, data integrity, continuity and access control. Clients expect robust security and layers of defense mechanisms, starting with a strict access control policy, strong authentication requirements and perimeter "fencing," offering a secure private cloud environment. Consultants can also monitor the environment to maintain data integrity throughout the e-discovery process. Making the end-user experience seamless, efficient and easy to use without sacrificing security measures is the primary way to lower resistance from users about the cloud. It's also important to address the other constituents or players at the table who may be impacted. This can include IT as well as procurement and business analysts looking at the cost accounting. Are you going to be saving? Are you going to break even, but getting more value? Financial, technical and security assessments all need to be made. What are your key recommendations to a client on getting started? Joel: Have a plan that gets stakeholders involved. I'm thrilled to hear about Caroline's and Mark's internal education processes. Educating users on how the system works, how it will be similar and where it could be better is the single most important way to get people on board. Sometimes there are changes in workflow and process. Getting ahead of that and having a plan is critical. It's important for firms to understand how their clients' data are being handled from preservation and collection to the move into one of these cloud environments for e-discovery projects. Attorneys representing the clients' interests need to understand their obligations and the discovery process. What changes and what doesn't change when they go to a cloud scenario? I would also recommend running a pilot and doing the normal due diligence for purchasing software. Look at the software and what it's going to provide