Issue link: https://epubs.iltanet.org/i/16612
potential disaster scenarios. Luckily, there are a broad range of extremely effective technologies and techniques available to both SaaS providers and end users to ensure their data is safe and secure: • Geographic Redundancy If a SaaS application’s data is hosted in just one data center, this means there is a single point of failure that could, potentially, make the entire application unavailable. Geographic redundancy, or geo-redundancy, takes advantage of multiple, geographically distributed data centers. The impact of an outage at one data center can thus be minimized by automatic failover to additional data centers. • SaaS Provider Backups The SaaS provider should, at a minimum, be performing daily backups of all data and storing this backup in a secure, offsite location. Ideally, backups should be performed multiple times per day, and replicated to multiple, secure offsite locations. • User Backups As a risk-mitigating precaution, making regular backups of your data from the SaaS provider is a good strategy. Additionally, some bar associations require their members retain on-premises copies of their practice’s data. Ensure your SaaS provider allows for a full export of your data from their system. • Data Escrow While SaaS- and user-level backups provide an extremely high level of protection against data loss, other scenarios, such as the SaaS provider going out of business, should be assessed. While in many cases this is an extremely unlikely scenario, 20 Infrastructure Technologies ILTA White Paper it is one lawyers have the fiduciary duty to plan contingencies against. CONCLUSION These measures, taken together, make data availability one of the most compelling advantages of cloud computing over traditional desktop applications. To achieve an equivalent level of data availability with desktop applications would be cost-prohibitive and technically challenging, whereas cloud-based providers can leverage economies of scale to make this kind of infrastructure available to users for a low monthly cost. For attorneys in geographic locations exposed to a high risk of natural disasters, such as hurricanes or earthquakes, cloud-based applications can provide a compelling solution to the problem of data availability, as the cloud-based application will remain accessible even if the firm’s offices are inaccessible or damaged. With the adoption of the above best practices and risk-minimization strategies, your data can be trusted to “the cloud” with an extremely high degree of privacy, security and availability. It is encouraging that the North Carolina State Bar’s proposed FEO echoes this assertion, having concluded that cloud-based services are acceptable for legal practice, provided reasonable care is exercised to ensure appropriate technologies are being leveraged to protect client privacy and confidentiality. Ideally, the pragmatic opinion proposed by the North Carolina State Bar will help to set a precedent that will be considered as other bar associations and regulatory bodies formalize and standardize their stances on the use of cloud- based technologies in legal practice. ILTA