Issue link: https://epubs.iltanet.org/i/37773
to affirmatively exclude named individuals or groups from accessing specific information. The net result is that any organization moving from a traditional DMS will be unable to migrate and enforce their ethical walls and information barriers, leaving that information open and accessible. Because client requirements and professional rules often mandate these restrictions, the lack of this feature has delayed SharePoint adoption. In many instances, firms have hundreds if not thousands of such access restrictions and walls which must be maintained. It’s vitally important that any IT department pursuing SharePoint as a DMS explore these ramifications with the firm’s risk stakeholders to understand and map the new technology to existing requirements. CAN WE SHARE A LITTLE LESS? One information security option available to firms is moving to a ring-fenced model where the DMS is closed Toward a More Perfect SharePoint Law firm IT and business environments are unique. To maximize SharePoint adoption and success in legal environments, the Law Firm SharePoint Consortium has identified areas relating to infrastructure, functionality and integration that must be addressed. These include: • Taxonomy. Working toward a deeper understanding and mapping of the product’s information management capabilities to law firm standards and practices. Issues under consideration include suitable approaches and best practices for structuring the organization and relationship between SharePoint site collections. 38 Portal Platforms ILTA White Paper and matter information is only accessible to designated team members. While a few firms have adopted this approach within their existing document infrastructure, it runs counter to widespread firm practices that focus on collaboration and knowledge management. Another option is to define unique membership groups on a per-matter and per-site basis, excluding walled or screened users. However, in practice, the complexities and permutations involved in this approach make it unfeasible at any practical scale. Instead, in practice, firms are looking to external software solutions to work around the native security challenges in SharePoint. By leveraging centralized, automated security enforcement, organizations can effectively work around the lack of “explicit deny” security by creating and maintaining dynamic access groupings. So long as information is properly classified and stored, access controls remain enforced and transparent to end users, including via native • Functionality. Law firms have already identified specific information management in SharePoint tied to issues such as mass movement of documents connected with lateral lawyer movement, records management and legal holds. This group is tasked with identifying, analyzing, prioritizing and developing response guidelines related to product functionality (e.g., best practices or product enhancement requirements). • Information Security. While SharePoint provides native security capabilities, additional enhancements are needed to address law firm business cases (e.g., “explicit deny”). Similarly, the product must provide adequate support for standard, third-party external confidentiality and ethical walls management technology.